post.gzelly.app Open in urlscan Pro
23.23.44.201 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://post.gzelly.app/
Submission: On January 10 via automatic, source certstream-suspicious (January 10th 2022, 6:55:08 pm UTC) — Scanned from DE

Summary HTTP 121 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 40 IPs in 4 countries across 27 domains to perform 121 HTTP transactions. The main IP is 23.23.44.201, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is post.gzelly.app.
TLS certificate: Issued by R3 on January 10th 2022. Valid for: 3 months.

This is the only time post.gzelly.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	23.23.44.201 23.23.44.201	14618 (AMAZON-AES) (AMAZON-AES)
3	143.204.101.102 143.204.101.102	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:d800:1c:b536:2c40:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:9200:13:2031:2340:21	16509 (AMAZON-02) (AMAZON-02)
11	52.59.174.158 52.59.174.158	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
10	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
15	143.204.98.102 143.204.98.102	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	51.210.3.236 51.210.3.236	16276 (OVH) (OVH)
19	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	143.204.101.109 143.204.101.109	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:3400:1f:f560:8d00:21	16509 (AMAZON-02) (AMAZON-02)
2	54.145.217.26 54.145.217.26	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:215... 2600:9000:2156:1800:19:7012:e500:21	16509 (AMAZON-02) (AMAZON-02)
2	23.20.229.114 23.20.229.114	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:215... 2600:9000:2156:5e00:1d:a3af:f700:21	16509 (AMAZON-02) (AMAZON-02)
1	67.205.141.68 67.205.141.68	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:80f::2010	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:d200:19:4fd1:c1c0:21	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::ac43:14d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	34.248.231.27 34.248.231.27	16509 (AMAZON-02) (AMAZON-02)
2	52.217.69.62 52.217.69.62	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	143.204.98.106 143.204.98.106	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:464f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:1c::a	15169 (GOOGLE) (GOOGLE)
121	40

1 23.23.44.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-44-201.compute-1.amazonaws.com

post.gzelly.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.101.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-102.fra50.r.cloudfront.net

don16obqbay2c.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:d800:1c:b536:2c40:21 (United States)

ASN16509 (AMAZON-02, US)

d1oxsl77a1kjht.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9200:13:2031:2340:21 (United States)

ASN16509 (AMAZON-02, US)

d11s7fcxy18ubx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.59.174.158 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-174-158.eu-central-1.compute.amazonaws.com

app.ecwid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

code-eu1.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
code.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 143.204.98.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-102.fra50.r.cloudfront.net

d2j6dbq0eux0bg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.210.3.236 (France)

ASN16276 (OVH, FR)
PTR: ns3172623.ip-51-210-3.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.101.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-109.fra50.r.cloudfront.net

d2scn539ulxr09.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:3400:1f:f560:8d00:21 (United States)

ASN16509 (AMAZON-02, US)

d3dq8sxcny4hg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.145.217.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-217-26.compute-1.amazonaws.com

ecomm.events	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:1800:19:7012:e500:21 (United States)

ASN16509 (AMAZON-02, US)

d35z3p2poghz10.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.20.229.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-229-114.compute-1.amazonaws.com

infiniteapps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:5e00:1d:a3af:f700:21 (United States)

ASN16509 (AMAZON-02, US)

d1howb1wwyap5o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.205.141.68 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 341357.cloudwaysapps.com

bc.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:d200:19:4fd1:c1c0:21 (United States)

ASN16509 (AMAZON-02, US)

d20ubqycd8ynev.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:14d9 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zotabox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.zotabox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.231.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-231-27.eu-west-1.compute.amazonaws.com

node-eu1-b-3.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.69.62 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-106.fra50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:1a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:464f (United States)

ASN13335 (CLOUDFLARENET, US)

display.popt.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:1c::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr5---sn-4g5lznl7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	cloudfront.net don16obqbay2c.cloudfront.net d1oxsl77a1kjht.cloudfront.net d11s7fcxy18ubx.cloudfront.net d2j6dbq0eux0bg.cloudfront.net d2scn539ulxr09.cloudfront.net d3dq8sxcny4hg.cloudfront.net d35z3p2poghz10.cloudfront.net d1howb1wwyap5o.cloudfront.net d20ubqycd8ynev.cloudfront.net	2 MB
17	youtube-nocookie.com www.youtube-nocookie.com — Cisco Umbrella Rank: 2963 Failed	715 KB
11	jivosite.com code-eu1.jivosite.com — Cisco Umbrella Rank: 39247 code.jivosite.com — Cisco Umbrella Rank: 30098 node-eu1-b-3.jivosite.com — Cisco Umbrella Rank: 150541	356 KB
11	ecwid.com app.ecwid.com — Cisco Umbrella Rank: 28320	35 KB
7	googlevideo.com rr5---sn-4g5lznl7.googlevideo.com — Cisco Umbrella Rank: 71636	2 MB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	21 KB
4	gstatic.com fonts.gstatic.com	127 KB
3	google.com www.google.com — Cisco Umbrella Rank: 8	14 KB
3	zotabox.com static.zotabox.com — Cisco Umbrella Rank: 23602 stats.zotabox.com — Cisco Umbrella Rank: 29594	30 KB
3	popt.in bc.popt.in cdn.popt.in — Cisco Umbrella Rank: 26254 display.popt.in — Cisco Umbrella Rank: 27181	43 KB
3	youtube.com www.youtube.com — Cisco Umbrella Rank: 91 img.youtube.com — Cisco Umbrella Rank: 3206	98 KB
2	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 940	325 B
2	amazonaws.com s3.amazonaws.com	106 KB
2	google.se www.google.se — Cisco Umbrella Rank: 22577	612 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	3 KB
2	infiniteapps.net infiniteapps.net	4 KB
2	ecomm.events ecomm.events — Cisco Umbrella Rank: 35282	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	101 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 storage.googleapis.com — Cisco Umbrella Rank: 396	28 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 202	27 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1066	7 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	26 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 112	24 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 224	4 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 97	15 KB
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 13407	29 KB
1	gzelly.app post.gzelly.app	103 KB
121	27

	Domain	Requested by
17	www.youtube-nocookie.com	www.youtube.com post.gzelly.app www.youtube-nocookie.com
15	d2j6dbq0eux0bg.cloudfront.net	post.gzelly.app
11	app.ecwid.com	post.gzelly.app app.ecwid.com d11s7fcxy18ubx.cloudfront.net
7	rr5---sn-4g5lznl7.googlevideo.com	www.youtube-nocookie.com
7	code-eu1.jivosite.com	post.gzelly.app code-eu1.jivosite.com
4	www.google-analytics.com	www.googletagmanager.com post.gzelly.app www.google-analytics.com
4	d2scn539ulxr09.cloudfront.net	app.ecwid.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube-nocookie.com
3	www.google.com	www.youtube-nocookie.com post.gzelly.app
3	code.jivosite.com	app.ecwid.com code.jivosite.com
3	don16obqbay2c.cloudfront.net	post.gzelly.app
2	tr.snapchat.com	sc-static.net post.gzelly.app
2	s3.amazonaws.com	post.gzelly.app
2	www.google.se	post.gzelly.app
2	googleads.g.doubleclick.net	www.googleadservices.com
2	static.zotabox.com	app.ecwid.com post.gzelly.app
2	infiniteapps.net	app.ecwid.com
2	d35z3p2poghz10.cloudfront.net	app.ecwid.com
2	ecomm.events	app.ecwid.com ecomm.events
2	www.youtube.com	post.gzelly.app www.youtube.com
2	www.googletagmanager.com	post.gzelly.app www.googletagmanager.com
2	d1oxsl77a1kjht.cloudfront.net	post.gzelly.app app.ecwid.com
1	stats.zotabox.com	static.zotabox.com
1	display.popt.in	cdnjs.cloudflare.com
1	cdnjs.cloudflare.com	cdn.popt.in
1	cdn.popt.in	bc.popt.in
1	sc-static.net
1	connect.facebook.net
1	node-eu1-b-3.jivosite.com	code-eu1.jivosite.com
1	i.ytimg.com	post.gzelly.app
1	yt3.ggpht.com	post.gzelly.app
1	www.googleadservices.com	www.googletagmanager.com
1	d20ubqycd8ynev.cloudfront.net	app.ecwid.com
1	storage.googleapis.com	app.ecwid.com
1	bc.popt.in	app.ecwid.com
1	d1howb1wwyap5o.cloudfront.net	app.ecwid.com
1	d3dq8sxcny4hg.cloudfront.net	app.ecwid.com
1	img.youtube.com	post.gzelly.app
1	i.ibb.co	d1oxsl77a1kjht.cloudfront.net
1	d11s7fcxy18ubx.cloudfront.net	post.gzelly.app
1	fonts.googleapis.com	post.gzelly.app
1	post.gzelly.app
121	42

This site contains links to these domains. Also see Links.

Domain
facebook.com
gzelly.app
www.google.com
post.gazelly.se
twitter.com
pinterest.com
www.ecwid.com
www.jivochat.com

Subject Issuer	Validity	Valid
post.gzelly.app R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.ecwid.com Sectigo RSA Organization Validation Secure Server CA	`2020-05-14` - `2022-08-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.jivosite.com Go Daddy Secure Certificate Authority - G2	`2020-04-05` - `2022-06-04`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
ibb.co R3	`2021-12-05` - `2022-03-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.ecomm.events R3	`2021-11-14` - `2022-02-12`	3 months	crt.sh
*.infiniteapps.net Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
bc.popt.in R3	`2021-11-14` - `2022-02-12`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.se GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-20` - `2022-01-18`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-11-30` - `2022-02-08`	2 months	crt.sh

This page contains 5 frames:

Primary Page: https://post.gzelly.app/
Frame ID: DD8B102723C4166526FCD35C17398BDF
Requests: 89 HTTP requests in this frame

Frame: https://d2scn539ulxr09.cloudfront.net/static/br/2021-48597-ga734e7f8e24/10D91F80D60A394292BC2924B2689859.cache.js
Frame ID: 34983B091204742EED52D3A3DAB37936
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
Frame ID: 40255ED9CD5AB39EBBD4FB670A5A282C
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
Frame ID: 3D7C2D276E868783D01F62BF83E83E0B
Requests: 29 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=7df1b494-69eb-4e0f-8896-90838a8593f1
Frame ID: 3A921AE7F16D1E932AAE6681CAC473B0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gzelly Post

Detected technologies

Ecwid (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

https://app\.ecwid\.com/script\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

121
Requests

99 %
HTTPS

64 %
IPv6

27
Domains

42
Subdomains

40
IPs

4
Countries

5590 kB
Transfer

14813 kB
Size

13
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/113036063711215

Search URL Search Domain Scan URL

URL: https://gzelly.app/
Title: Klicka här!

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir/?api=1&destination=Box%20257.%2075105%20Uppsala
Title: Get Directions

Search URL Search Domain Scan URL

URL: https://post.gazelly.se/
Title: post.gazelly.se

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer/sharer.php?u=https%3A%2F%2Fpost.gzelly.app%2F
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet/?url=https%3A%2F%2Fpost.gzelly.app%2F&text=Gzelly+Post:
Title: Tweet

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fpost.gzelly.app%2F&description=Gzelly+Post
Title: Pin

Search URL Search Domain Scan URL

URL: http://www.ecwid.com/?utm_source=startersite&utm_medium=powered-by-link&utm_campaign=stores
Title: Powered by

Search URL Search Domain Scan URL

URL: https://www.jivochat.com/i_sa/?utm_source=post.gzelly.app&utm_medium=link&utm_content=label_tooltip&utm_campaign=from_widget
Title: Business Messenger av

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

121 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
post.gzelly.app/ 462 KB
103 KB 555ms
198ms Document
text/html 23.23.44.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://post.gzelly.app/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.23.44.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-23-44-201.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c2334b1ac1829e761eca4bf5ac0baf8174677c6bc7888e32fb39469b75f026eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Mon, 10 Jan 2022 18:55:01 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Content-Type-Options: nosniff

GET
H2 200 proximanova-regularit-webfont.woff2
don16obqbay2c.cloudfront.net/fonts/proximanova/ 48 KB
48 KB 481ms
437ms Font
binary/octet-stream 143.204.101.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://don16obqbay2c.cloudfront.net/fonts/proximanova/proximanova-regularit-webfont.woff2
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5030ddf2cd7b49451b8eb3ffe83e8a6b00e44bf8838801db88ca4cca70d14799

Request headers

Referer: https://post.gzelly.app/
Origin: https://post.gzelly.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:02 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 48824
last-modified: Fri, 14 Oct 2016 19:18:44 GMT
server: AmazonS3
etag: "856e501cb3a4a815cc46d46c9251f754"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
x-amz-version-id: uCGttVp4vOHTEvfYgQGEctyMCFEatDdV
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: X-0B5JdVz1IlpObIAbQzt7nSV3BqvxyJLrOu_ln48RmcIfvcZsSzNA==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 67ms
25ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bangers:400,700|PT+Sans:400,700&display=swap

Requested by

Host: post.gzelly.app
URL: https://post.gzelly.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b3b769113723dfae07d1396e9679a2bcc417461318c6c438996375e254283953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://post.gzelly.app/
Origin: https://post.gzelly.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 18:55:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 10 Jan 2022 18:55:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jan 2022 18:55:01 GMT

GET
H2 200 new
d1oxsl77a1kjht.cloudfront.net/css/ 788 KB
98 KB 207ms
146ms Stylesheet
text/css 2600:9000:2156:d800:1c:b536:2c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=1960680518&ownerid=30602022&frontendV2=true
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d800:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 61f6b4a28a7d0a26f960dc103f3b251dae9a913258fc4c1ea514f38053cc3298

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:01 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "1960680518"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css;charset=utf-8
cache-control: public, max-age=31536000
content-encoding: gzip
x-amz-cf-id: ZvTRoJ8SZZilAS2IcDd4grNZiJue5ncoSC8cUvwK-kt6ril9Q7DQDg==

GET
H2 200 store.bundle.js Show response
d11s7fcxy18ubx.cloudfront.net/startersite/static/2021/2021-47962-ga20a2c4ddf5/js/ 120 KB
40 KB 75ms
19ms Script
application/javascript 2600:9000:2156:9200:13:2031:2340:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d11s7fcxy18ubx.cloudfront.net/startersite/static/2021/2021-47962-ga20a2c4ddf5/js/store.bundle.js
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9200:13:2031:2340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0b7921643f7532d24de96c8091ff3e05dbb81a98f6fe56120d6657a40ca80dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 11:29:18 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
age: 2186744
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
content-encoding: br
x-amz-meta-ecwid-hash: 84dffd3519766f141b269b6cbf51a585
last-modified: Thu, 16 Dec 2021 11:28:54 GMT
server: AmazonS3
etag: W/"84dffd3519766f141b269b6cbf51a585"
vary: Accept-Encoding
x-amz-version-id: .XgR7DqVzNnXIoKIwglBSmWoxqbeTbs6
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: LQ6Uhh8icXKZi79u2--nLH71ozlx-n1C638iwqo5BRZUnISR6c7ThQ==

GET
H/1.1 200
OK script.js Show response
app.ecwid.com/ 81 KB
22 KB 128ms
59ms Script
text/javascript 52.59.174.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.174.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-174-158.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 00986ccceb991f56c66683c71818c2b0bd629c8b06e76527e382c313312b8eb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 18:55:01 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"-1931600017"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Cache-Control: private,must-revalidate,max-age:3
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
62 KB 86ms
44ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NRXKXDVVB3

Requested by

Host: post.gzelly.app
URL: https://post.gzelly.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

75610c6494227b111f5a19b68f8b38559031a56c74f143826226e6b35f029ce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63177
x-xss-protection: 0
expires: Mon, 10 Jan 2022 18:55:01 GMT

GET
H2 200 Iw6ZDeaOV9 Show response
code-eu1.jivosite.com/widget/ 17 KB
6 KB 368ms
294ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code-eu1.jivosite.com/widget/Iw6ZDeaOV9
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 59e0a592ba2ac39f4d576730491c1ff22ac5ebb8db78be29b7dea9cf3491fbee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Mon, 10 Jan 2022 18:55:02 GMT
content-encoding: br
access-control-allow-origin: *
x-geo-shard: eu1
content-length: 6175
last-modified: Mon, 10 Jan 2022 09:08:20 GMT
server: nginx
etag: "61dbf784-181f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 sharxy
cache-control: max-age=7200
cache: MISS
accept-ranges: bytes
expires: Mon, 10 Jan 2022 20:55:01 GMT

GET
H2 200 1466821882.jpg
d2j6dbq0eux0bg.cloudfront.net/images/30602022/ 37 KB
38 KB 74ms
20ms Image
image/png 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/30602022/1466821882.jpg
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9917a212205446922e6f138ed3b7b60e25f976f6e832426f72b6978bf1dfab39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 08:45:13 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Fri, 05 Jun 2020 20:16:14 GMT
server: AmazonS3
age: 9454189
etag: "c35cbcabf0731692c1199a42361332b9"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 38170
x-amz-cf-id: kTVWOVcpE0pRB6GoTKuL-MbdSZu-hXK8pPP7y7KjLWFveHTc-cs-oA==

GET
H2 200 2085441388.jpg
d2j6dbq0eux0bg.cloudfront.net/images/30602022/ 22 KB
22 KB 92ms
38ms Image
image/jpeg 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/30602022/2085441388.jpg
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d0b8b1e2aa12e960bee86ffb162fc71b928c23263601f43ed3921b3040f9f7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 06:50:19 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 17:27:04 GMT
server: AmazonS3
age: 6696283
etag: "281fc76a5f53856d583dc3be1aae2374"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 22450
x-amz-cf-id: ngiM2n4rAkK110HzqXwMOcNKUEm7U3kLzeFi9mvzONrOgvK1QlnPIA==

GET
H2 200 1705802286.jpg
d2j6dbq0eux0bg.cloudfront.net/images/30602022/ 16 KB
16 KB 110ms
56ms Image
image/jpeg 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/30602022/1705802286.jpg
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 955d009f1c2034c355d10e1c2991e35eed812fb4d2953908a306f160370dab30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:55:15 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Tue, 13 Oct 2020 14:33:43 GMT
server: AmazonS3
age: 6656387
etag: "32a6bc7ea8b4a7a05fa587e42eff0f12"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 16016
x-amz-cf-id: oq_nfAVAk9ag29OtqleRw9li1eSFBZzI1XkD0IoWDY9WuGg3Cn-cSQ==

GET
H2 200 2664351504.jpg
d2j6dbq0eux0bg.cloudfront.net/images/30602022/ 80 KB
80 KB 74ms
20ms Image
image/png 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/30602022/2664351504.jpg
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ac6a37f401fcece19658f1e5178ff0898edbb4314b3a4390b8400568c3cd081

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 11:59:26 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Thu, 21 Oct 2021 11:50:04 GMT
server: AmazonS3
age: 7023336
etag: "e2e7167adbb18d3a4310326c6df10f82"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 81714
x-amz-cf-id: JmNnFYoY1CzGMRiAITDyB4jqwXfeiCHpes1ZCVjDsLZ3B7sC6jcKcg==

GET
H2 200 2106464099.jpg
d2j6dbq0eux0bg.cloudfront.net/images/30602022/ 13 KB
14 KB 110ms
56ms Image
image/jpeg 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/30602022/2106464099.jpg
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90421b5c121d0926145a63c2785b0db56489c779655554e43069be6323af3848

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 11:59:31 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Thu, 18 Mar 2021 12:56:10 GMT
server: AmazonS3
age: 4604131
etag: "21e419adcda1d4e3c6688bcda8d8985a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 13532
x-amz-cf-id: vpTyOPvWNEpM9ud8l9zrGZy2aMw4rBN54TuL4kFMetMMvnfSAAsVgg==

GET
H2 200 1720446253.jpg
d2j6dbq0eux0bg.cloudfront.net/images/30602022/ 64 KB
64 KB 86ms
32ms Image
image/png 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/30602022/1720446253.jpg
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a391983124d08ddb170774342935f68efbfe36e235c63ee7927f52fe66a4d63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 17:25:29 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Thu, 22 Oct 2020 22:16:12 GMT
server: AmazonS3
age: 7867773
etag: "f90842a695f2a62ac7c69f673904efe3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 65564
x-amz-cf-id: JXw-di02vrx02Q79h6jVEYmynpHzJwxloTxtWBfIZ7Y3s98FYnHAWA==

GET
H2 200 2043735322.jpg
d2j6dbq0eux0bg.cloudfront.net/images/30602022/ 13 KB
13 KB 31ms
29ms Image
image/jpeg 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/30602022/2043735322.jpg
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c010e3f3b4e4809f85624468364b1f3b7845d002d70b1f410623ec9ee6feeda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 04 Jul 2021 00:12:28 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Thu, 25 Feb 2021 21:41:47 GMT
server: AmazonS3
age: 16483354
etag: "890067efda655734615fc6e39e52f413"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 13186
x-amz-cf-id: Zww-WQQSfxCq371rhmEFAKDYdtKU-YZe76kLRgthFJTFx6P0d6G7bg==

GET
H2 200 2043736358.jpg
d2j6dbq0eux0bg.cloudfront.net/images/30602022/ 13 KB
13 KB 35ms
33ms Image
image/jpeg 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/30602022/2043736358.jpg
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c010e3f3b4e4809f85624468364b1f3b7845d002d70b1f410623ec9ee6feeda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:45:31 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Thu, 25 Feb 2021 21:44:12 GMT
server: AmazonS3
age: 11167771
etag: "890067efda655734615fc6e39e52f413"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 13186
x-amz-cf-id: vdkp9-rOHyrWGQpNkLcHTSkjMp0yXtp-DaVEm2cRiGHPO5diiAgmqQ==

GET
H2 200 2014538548.jpg
d2j6dbq0eux0bg.cloudfront.net/images/30602022/ 21 KB
22 KB 31ms
30ms Image
image/jpeg 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/30602022/2014538548.jpg
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e27ded914c91b0d28bb3250b9b53e45d360372cfcf8643969ad0d77b74779d08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 20:55:48 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Mon, 15 Feb 2021 20:00:56 GMT
server: AmazonS3
age: 8373554
etag: "ab8346a4ae9a857ae2608c0513799f7a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 21735
x-amz-cf-id: 0P5ErR8sRfpzCLq4VH_npc6woc-bWiZEN69dBjRO412AU44VIGxwfg==

GET
H2 200 1934594014.jpg
d2j6dbq0eux0bg.cloudfront.net/images/30602022/ 21 KB
22 KB 36ms
34ms Image
image/jpeg 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/30602022/1934594014.jpg
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35350e2704c2ac8b38e0b9af1c446183e76f11e4505f128aed97ca3ebf7dbaac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:55:15 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jan 2021 22:44:42 GMT
server: AmazonS3
age: 6656387
etag: "3fc1079190127b69c82f11057f23df5f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 21758
x-amz-cf-id: kM9imnvmV7GR7lM5YLN0h3QMZPPJILS_hrO_GPUuv8pqASJJbiXSkw==

GET
H2 200 2257625008.jpg
d2j6dbq0eux0bg.cloudfront.net/images/30602022/ 12 KB
12 KB 28ms
27ms Image
image/jpeg 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/30602022/2257625008.jpg
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2861a7d0393c1f8b2570d9b9c50a42ae619779841e3bb8db9870254f79326e43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:24:03 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Tue, 04 May 2021 15:48:05 GMT
server: AmazonS3
age: 4059059
etag: "5e188ffd9c3804f6a740a86981b89743"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 12133
x-amz-cf-id: xP0YnlLFWDPjirZQ5cwWDBnBdcXwM1I44Gjd3uITD2cmRJZ4dD2z9A==

GET
H2 200 FeVQS0BTqb0h60ACH55Q2A.woff2
fonts.gstatic.com/s/bangers/v13/ 21 KB
21 KB 62ms
18ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bangers/v13/FeVQS0BTqb0h60ACH55Q2A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bangers:400,700|PT+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd2858003c32f1542e7f330cfd1ef2dcd578f20c39bfdd22d70c57a801502b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://post.gzelly.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 13:18:13 GMT
x-content-type-options: nosniff
age: 279408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21160
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:19:32 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 07 Jan 2023 13:18:13 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 46 KB
46 KB 74ms
30ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bangers:400,700|PT+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://post.gzelly.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 14:03:04 GMT
x-content-type-options: nosniff
age: 535917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46988
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:11 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Jan 2023 14:03:04 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 44 KB
44 KB 91ms
47ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bangers:400,700|PT+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://post.gzelly.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 21:17:17 GMT
x-content-type-options: nosniff
age: 596264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 03 Jan 2023 21:17:17 GMT

GET
H2 200 proximanova-semibold-webfont.woff2
don16obqbay2c.cloudfront.net/fonts/proximanova/ 45 KB
45 KB 418ms
418ms Font
binary/octet-stream 143.204.101.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://don16obqbay2c.cloudfront.net/fonts/proximanova/proximanova-semibold-webfont.woff2
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d16ece592cf3dc7d51e6a68c109d9c754d8345ed64840cfa1546116762fcb93c

Request headers

Referer: https://post.gzelly.app/
Origin: https://post.gzelly.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:03 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 45804
last-modified: Fri, 14 Oct 2016 19:18:55 GMT
server: AmazonS3
etag: "645b05dff80576808f8f07875745da25"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
x-amz-version-id: 4Pclo0gasq.JiZC4QyXu1mZOey.YDKXZ
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: 6H1OokALDCOMOWR2C5ebSvQWNTEk8G8tD6BSSzex94rrWf0bCM4kLA==

GET
H2 200 proximanova-regular-webfont.woff2
don16obqbay2c.cloudfront.net/fonts/proximanova/ 45 KB
46 KB 418ms
417ms Font
binary/octet-stream 143.204.101.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://don16obqbay2c.cloudfront.net/fonts/proximanova/proximanova-regular-webfont.woff2
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 902d07b2c824260875e4d841139be9afcdfd28663541a476b35e56b974525f73

Request headers

Referer: https://post.gzelly.app/
Origin: https://post.gzelly.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:03 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 46500
last-modified: Fri, 14 Oct 2016 19:18:32 GMT
server: AmazonS3
etag: "482ba4748eba5d7b85ea7e85cf133367"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
x-amz-version-id: hXZx_lOCOIJZF8YY2MbOhK1oOpjA.AGF
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: mEfjZ_kDaGYB4ZFZpxZ91h9bBSlmqM4s-V5BwLdWHl2IXSZuGMQrQg==

GET
H2 200 1720417131.jpg
d2j6dbq0eux0bg.cloudfront.net/images/30602022/ 18 KB
19 KB 30ms
29ms Image
image/jpeg 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/30602022/1720417131.jpg
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30fb002e576d0798f76ad5321773ac5f639a1d997d5b32e0f101a75fff148e9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 20:25:10 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Thu, 22 Oct 2020 21:32:25 GMT
server: AmazonS3
age: 5178592
etag: "cf2190e34f6a79aca2128fb5aceca8c3"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 18842
x-amz-cf-id: 0jXngEbddT36vkJTrdy7ywasalZO1E7UIr1Cc3cN1rZQR5pzjXZBRw==

GET
H2 200 1720408577.jpg
d2j6dbq0eux0bg.cloudfront.net/images/30602022/ 15 KB
15 KB 27ms
26ms Image
image/jpeg 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/30602022/1720408577.jpg
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f8b0e1fa9bd55e670d2c0a39f451976b6694bc1e3cb5d2dcb082be0a4f65de8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 23:16:55 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Thu, 22 Oct 2020 21:32:53 GMT
server: AmazonS3
age: 4909087
etag: "ed08fa302f11478dc887ecd1a0f52219"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 15057
x-amz-cf-id: urf85Z70DSqwtIZAdCPuOfVku5Sf8fsYt0-pKWG3mXaferwy0k2xyA==

GET
H2 200 2085477207.jpg
d2j6dbq0eux0bg.cloudfront.net/images/30602022/ 22 KB
22 KB 33ms
32ms Image
image/jpeg 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/30602022/2085477207.jpg
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d0b8b1e2aa12e960bee86ffb162fc71b928c23263601f43ed3921b3040f9f7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 06:50:14 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 17:34:31 GMT
server: AmazonS3
age: 6696288
etag: "281fc76a5f53856d583dc3be1aae2374"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 22450
x-amz-cf-id: FS-dK5xtyfEzsEBaVktnsarPiEQ-SapuGFpZ8KeM80jIvR8kduhtsQ==

GET
H2 200 2128863468.jpg
d2j6dbq0eux0bg.cloudfront.net/images/30602022/ 18 KB
18 KB 32ms
31ms Image
image/jpeg 143.204.98.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2j6dbq0eux0bg.cloudfront.net/images/30602022/2128863468.jpg
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-102.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f89c7fbeb467aa2219bb6328b3aabd2d78d9941372826b17a99ad8eac94c7b51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 14:32:14 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
last-modified: Fri, 26 Mar 2021 15:39:37 GMT
server: AmazonS3
age: 15654168
etag: "c456dfd4335ad544aefe4585157c8d15"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 18004
x-amz-cf-id: VVa2HngyGOGl9oW14q7PM3X-42Ydg3sOI351WZJ8An6tSP-R9026Iw==

GET
DATA 200
OK truncated
/ 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 425d1d68327cf068242bd1e51c26a6c0b1d12cd272649c42fcbd98bfc2b6371e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 creditcardsgzelly.png
i.ibb.co/7Qrb4mc/ 29 KB
29 KB 87ms
23ms Image
image/png 51.210.3.236
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/7Qrb4mc/creditcardsgzelly.png
Requested by: Host: d1oxsl77a1kjht.cloudfront.net
URL: https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=1960680518&ownerid=30602022&frontendV2=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.3.236 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3172623.ip-51-210-3.eu
Software: nginx /
Resource Hash: 4c24279c93823302ef33a2832f1a94a1ff488acecdc583366ec72387bec49088

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1oxsl77a1kjht.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:01 GMT
last-modified: Wed, 17 Feb 2021 09:11:18 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29757
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 81ms
33ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: post.gzelly.app
URL: https://post.gzelly.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2807db05f536fe45b16757ee0be3052e74fc954f23604d07c53889796adbbdab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
expires: Mon, 10 Jan 2022 18:55:01 GMT

GET
H2 200 maxresdefault.jpg
img.youtube.com/vi/2Gg6Seob5Mg/ 47 KB
48 KB 84ms
27ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/2Gg6Seob5Mg/maxresdefault.jpg

Requested by

Host: post.gzelly.app
URL: https://post.gzelly.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c46c048ebab0df5178bbaab77ecd40f67ae3d5db6ae092c4c90cb558762b393

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:01 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48362
x-xss-protection: 0
server: sffe
etag: "1573470470"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 10 Jan 2022 20:55:01 GMT

GET
H2 200 new-frontend.sv_SE.1899106562.js Show response
d2scn539ulxr09.cloudfront.net/rosetta/translations/new-frontend/files/ 233 KB
65 KB 134ms
77ms Script
text/html 143.204.101.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2scn539ulxr09.cloudfront.net/rosetta/translations/new-frontend/files/new-frontend.sv_SE.1899106562.js
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-109.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9716b8d721b93967d808c6bcb4c199274a5a0cd2fb8decb7959f66d81f8869ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 07:58:53 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 07:53:58 GMT
server: AmazonS3
age: 1076169
etag: W/"f752e5ccc5c85c4806fd54fe7376e7cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: bPtpMkY6aTVMuLTNdk9HZyk7lQfUTKoA
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
content-type: text/html;charset=UTF-8
x-amz-cf-id: -jbzZDLbv7W8olCUf97F7swMKCVwVzHvwNS24tdnye4PmyC8_U8qVw==

GET
H2 200 ecwid-storefront.eca443835a772600607b6ebbabd56dd4.min.js Show response
d2scn539ulxr09.cloudfront.net/venera/static/ 955 KB
216 KB 72ms
16ms Script
application/javascript 143.204.101.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2scn539ulxr09.cloudfront.net/venera/static/ecwid-storefront.eca443835a772600607b6ebbabd56dd4.min.js

Requested by

Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-109.fra50.r.cloudfront.net

Software

nginx/1.19.0 /

Resource Hash

941aa6fac992fb30b1dfb72dced25c7f8642c750408bd884ae002409fc6c0960

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 11:36:30 GMT
content-encoding: gzip
server: nginx/1.19.0
age: 2186311
etag: eca443835a772600607b6ebbabd56dd4
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 8yIGOLaqs2VUUCWrsrb3FfIjeFct3q6xb893Wwj8JtGBoTqYFTnNgA==
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)

GET
H2 200 states.js Show response
d3dq8sxcny4hg.cloudfront.net/ 70 KB
22 KB 65ms
19ms Script
application/javascript 2600:9000:2156:3400:1f:f560:8d00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3dq8sxcny4hg.cloudfront.net/states.js?hc=1223382621&callback=window.ecwid_states_data.loaded
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3400:1f:f560:8d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1736171148434fa5c1e7e9305ddad003f1bc1f53280483fe8aab7c5f21c00d57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 06:45:40 GMT
content-encoding: gzip
server: nginx
age: 7301361
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
content-length: 22383
x-amz-cf-id: ZxRhsy3qolwOLJiJAfiAf_YQpRlR7GL_gVJ0yvmoNIKoHLKBrm9xuA==

GET
H/1.1 200
OK data.js Show response
app.ecwid.com/ 26 KB
8 KB 59ms
59ms Script
application/javascript 52.59.174.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/data.js?ownerid=30602022&lang=sv&callback=window.ecwid_initial_data.data.doInit
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.174.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-174-158.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5e3d5ce737a661dc433097bcc8e8be79b22b088845273117d9608ba40fcbed96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 18:55:01 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Length: 7883
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8

GET
H2 200 i.js Show response
ecomm.events/ 5 KB
2 KB 334ms
116ms Script
text/javascript 54.145.217.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ecomm.events/i.js

Requested by

Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.145.217.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-145-217-26.compute-1.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

cc30f7b46bc71c0888305e3e2ba268408505fc3918717626dbae49448ddf33cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:02 GMT
content-encoding: gzip
vary: Accept-Encoding
server: nginx/1.19.0
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK categories.js Show response
app.ecwid.com/ 883 B
522 B 64ms
31ms Script
application/javascript 52.59.174.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/categories.js?ownerid=30602022&lang=sv&jsonp=menu.fill
Requested by: Host: d11s7fcxy18ubx.cloudfront.net
URL: https://d11s7fcxy18ubx.cloudfront.net/startersite/static/2021/2021-47962-ga20a2c4ddf5/js/store.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.174.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-174-158.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8b18652ad7a05132edaff04c7e925ef9b6d267555e8a8a31808d818723234f71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 18:55:01 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-586747826&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NRXKXDVVB3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6053ee912acf9c953811c726237f9a2cd26a19edd678cab3a87918c0168c0fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39627
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 18:55:01 GMT

GET
H2 200 10D91F80D60A394292BC2924B2689859.cache.js Show response
d2scn539ulxr09.cloudfront.net/static/br/2021-48597-ga734e7f8e24/ Frame 3498 2 MB
460 KB 80ms
55ms Script
application/javascript 143.204.101.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2scn539ulxr09.cloudfront.net/static/br/2021-48597-ga734e7f8e24/10D91F80D60A394292BC2924B2689859.cache.js
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-109.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7090874b6b2d9d60d7bafa4ebb9b30c446189a60f7547a66afb611f33ad7fd71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 11:50:25 GMT
content-encoding: br
age: 25477
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 469803
last-modified: Mon, 10 Jan 2022 10:19:30 GMT
server: AmazonS3
etag: "ede9a3c9fcfb470025696e9474bc8091"
x-amz-version-id: q8OSr6L7rcf3nRjvWRKaySNX9N.5HL7q
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: P8hdEzJNDSHsVRETY2M-7ddHhZsoVqHql8G0psxxgQ-yhXLotY0p-w==

GET
H2 200 new
d1oxsl77a1kjht.cloudfront.net/css/ 1 MB
105 KB 256ms
254ms Stylesheet
text/css 2600:9000:2156:d800:1c:b536:2c40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=-991882860&ownerid=30602022&useProximaNovaFont=true&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2&color-foreground=%23191919&color-background=%23fff&color-link=%231a7ac4&color-button=%23333&color-price=%23191919&font-family=%22Proxima%20Nova%22%2C-apple-system%2CBlinkMacSystemFont%2C%22Segoe%20UI%22%2CRoboto%2CArial%2Csans-serif&useExactGalleryColors=false
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d800:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3a95f56c94a6259433c3af600d3b94dac51d340ef640917dbc3dc4df8cf61087

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
etag: "-991882860"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css;charset=utf-8
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control: no-cache
content-length: 107097
x-amz-cf-id: rBlKCug2oyxovEVtWj2-2yTyIIG9DSlFERpEXEltV4Rp8Ux8map2Ew==

GET
H2 200 app.css
d35z3p2poghz10.cloudfront.net/apps/thirdparty/free-shipping-icon/files/1.0.3/ 225 B
610 B 68ms
21ms Stylesheet
text/css 2600:9000:2156:1800:19:7012:e500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35z3p2poghz10.cloudfront.net/apps/thirdparty/free-shipping-icon/files/1.0.3/app.css
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1800:19:7012:e500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a46c4cf0b08829ac28e5ed5091c2af19e9047f13b4d574f2a19550b769ad865

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: FD4PBMXoP4.C_Npjp7uCtKx5kxWx2GGD
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
last-modified: Fri, 14 Aug 2020 09:56:31 GMT
server: AmazonS3
age: 10545
etag: "c375d851b88f9f469132a07fd450d5b8"
x-cache: Hit from cloudfront
content-type: text/css
date: Mon, 10 Jan 2022 15:59:18 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 225
x-amz-cf-id: KHl_tUOXe1PcT5uFOSmmpMdwroFmFVYlaci5CLLlodxoon-lAcvjbw==

GET
H2 200 storefront.css
infiniteapps.net/app/age-verification/ 8 KB
2 KB 317ms
103ms Stylesheet
text/css 23.20.229.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://infiniteapps.net/app/age-verification/storefront.css

Requested by

Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.229.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-229-114.compute-1.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

de0fbdbe8171fd287995b3edac29e195ec0a469bf25d4cb4ff70b92bfc334807

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://ecwid.com https://*.ecwid.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:02 GMT
content-encoding: gzip
etag: W/"1f12-PMKyeoU5wDpTt+T/bX73sBoRtmM"
server: nginx/1.20.0
x-powered-by: Express
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=86400
content-security-policy: frame-ancestors 'self' https://ecwid.com https://*.ecwid.com
expires: Tue, 11 Jan 2022 18:55:02 GMT

GET
H2 200 app.js Show response
d35z3p2poghz10.cloudfront.net/apps/thirdparty/free-shipping-icon/files/1.0.3/ 108 KB
37 KB 71ms
24ms Script
application/javascript 2600:9000:2156:1800:19:7012:e500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35z3p2poghz10.cloudfront.net/apps/thirdparty/free-shipping-icon/files/1.0.3/app.js
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1800:19:7012:e500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b45b0c731520b4ff5180051277fb1a61e0e79bf06d22f35c4c6b4b778f4570b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 02:43:46 GMT
content-encoding: gzip
last-modified: Fri, 14 Aug 2020 09:56:31 GMT
server: AmazonS3
age: 58277
etag: W/"bdf8ad3d832bae4bda71338b6118b2ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: NK4enIoln6Ug6E9wRHsF5qZ3e_ukDOHw
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: Z2IvlidGe2HqQvSw1N2T7zCWBGvBD8rXTxXb8Rdeqzfu-h_eWdL3pA==

GET
H2 200 ecwid_gtm.js Show response
d1howb1wwyap5o.cloudfront.net/gtm/ 6 KB
2 KB 81ms
32ms Script
application/javascript 2600:9000:2156:5e00:1d:a3af:f700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1howb1wwyap5o.cloudfront.net/gtm/ecwid_gtm.js
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:1d:a3af:f700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4917b03fbafd16cab1231c47d7c098e49c8beaf93d791e0e39a411eeda81d846

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: sR.J_.m_YTNXjzonMiQDmW.d_sLgZwLl
content-encoding: gzip
last-modified: Fri, 26 Oct 2018 05:39:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "f7b9c8325e78474bc12b568259072b66"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
cache-control: max-age=860, no-transform, public
date: Mon, 10 Jan 2022 18:55:02 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1999
x-amz-cf-id: V24lGh5kZ_Nx9FpKsQMOQULuPdIzwUUPwPl0CZCFyWV9neJu0radfQ==

GET
H2 200 storefront.js Show response
infiniteapps.net/app/age-verification/ 8 KB
2 KB 292ms
103ms Script
application/javascript 23.20.229.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://infiniteapps.net/app/age-verification/storefront.js

Requested by

Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.229.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-229-114.compute-1.amazonaws.com

Software

nginx/1.20.0 / Express

Resource Hash

7455a7beb064980d0ba2117c37adcc80978ccb52644785685cfef2c75aa8d8ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://ecwid.com https://*.ecwid.com

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:02 GMT
content-encoding: gzip
etag: W/"1f12-GkssyI1AoZ4jHJFR7qgFKkrsNHY"
server: nginx/1.20.0
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400
content-security-policy: frame-ancestors 'self' https://ecwid.com https://*.ecwid.com
expires: Tue, 11 Jan 2022 18:55:02 GMT

GET
H2 200 storefront.js Show response
bc.popt.in/ecwid/js/ 911 B
656 B 325ms
98ms Script
application/javascript 67.205.141.68
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bc.popt.in/ecwid/js/storefront.js
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.141.68 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 341357.cloudwaysapps.com
Software: nginx /
Resource Hash: 54a18f0d8110ab6e8abcb3de87d3cac951e1aab09f04433682d9194d34888bbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:02 GMT
content-encoding: gzip
last-modified: Fri, 30 Oct 2020 17:16:17 GMT
server: nginx
etag: W/"5f9c4a61-38f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000

GET
H2 200 rh-easy-ecwid.js Show response
storage.googleapis.com/goostav-static-files/ 26 KB
27 KB 56ms
16ms Script
text/javascript 2a00:1450:4001:80f::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/goostav-static-files/rh-easy-ecwid.js
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f29fe574d05e18731d7cd82aa8f6533112884a20a3627f993bc5bdbe90efaaba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:49:16 GMT
age: 346
x-guploader-uploadid: ADPycdvwjXqmeKU1p96VwfbsrsBwoNzaUcMHtvHqnqgNIIXaOobatoMbSrySuWffHQQRMOmEWJ7fgPMD7SAuLOITfNHzoJ4szg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27003
last-modified: Thu, 30 Jan 2020 14:56:08 GMT
server: UploadServer
etag: "abbb061b9585d85c76cd705c8371c022"
x-goog-hash: crc32c=ZE/LOA==, md5=q7sGG5WF2Fx2zXBcg3HAIg==
x-goog-generation: 1580396168652453
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 27003
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 10 Jan 2022 19:49:16 GMT

GET
H2 200 storefront-app.js Show response
d20ubqycd8ynev.cloudfront.net/ 2 KB
1 KB 66ms
19ms Script
text/javascript 2600:9000:2156:d200:19:4fd1:c1c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d20ubqycd8ynev.cloudfront.net/storefront-app.js

Requested by

Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:d200:19:4fd1:c1c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

72b8dc7f4b9c9684a83daa124dbc29490bc53d6b9284b56c5c871b456493c07c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:54:25 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
server: nginx/1.19.0
age: 37
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=utf-8
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-amz-cf-id: yREaRx3KxINy4-jECl9LMtCQX9eLXoshGHx9vG-elDDjGDf5KbcewA==

GET
H2 200 script.js Show response
code.jivosite.com/ecwid/ 337 B
418 B 230ms
216ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/ecwid/script.js
Requested by: Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c942f473e933e9b792b3f7535ee45bc78e6e48a00baa8d1e622b90d4d25a30ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Mon, 10 Jan 2022 18:55:02 GMT
via: 1.1 sharxy
last-modified: Mon, 10 Jan 2022 09:07:37 GMT
server: nginx
etag: "61dbf759-151"
content-type: application/javascript
cache: MISS
accept-ranges: bytes
x-geo-shard: eu1
content-length: 337

GET
H2 200 ecwid.js Show response
static.zotabox.com/ 376 B
709 B 89ms
39ms Script
application/javascript 2606:4700:10::ac43:14d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zotabox.com/ecwid.js

Requested by

Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:14d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76c74a713d7b3d5d6f4d08bfa8cd34e448bffb019d3a920611c5f064b780ae08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2816
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Fri, 07 Jan 2022 16:15:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61d8671c-178"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=691200
access-control-allow-credentials: true
cf-ray: 6cb81e063f656949-FRA

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/edff9f99/www-widgetapi.vflset/ 149 KB
48 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a30efe5482066576af9976d7b0716c88d2ccd05e54bfb481bd8485427945dbd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 17:23:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49417
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Jan 2023 17:23:22 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 69ms
32ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-586747826&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e64210bc5df652430818348d474ae4e4339c142d2426a3aaf93d80dff2be5d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14724
x-xss-protection: 0
server: cafe
etag: 224124413464385116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 18:55:02 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
347 B 64ms
23ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NRXKXDVVB3&gtm=2oe150&_p=1250667121&sr=1600x1200&ul=en-us&cid=1960820855.1641840902&_s=1&dl=https%3A%2F%2Fpost.gzelly.app%2F&dt=Gzelly%20Post&sid=1641840901&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NRXKXDVVB3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://post.gzelly.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 18:55:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://post.gzelly.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 2Gg6Seob5Mg
www.youtube-nocookie.com/embed/ Frame 4025 0
0

GET
H2 200 2Gg6Seob5Mg Show response
www.youtube-nocookie.com/embed/ Frame 3D7C 59 KB
25 KB 68ms
66ms Document
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1

Requested by

Host: post.gzelly.app
URL: https://post.gzelly.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f3cde1a0dee6bc16a719be9d1f43e730fc3f67566764eedb1af6b1229838457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 10 Jan 2022 18:55:02 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA-ICoFJ9VXgvj-MamPyZ8u8P8wifEU_jWh0oMT5PP7Ad4_5jA0mRps"
report-to: {"group":"ATmXEA-ICoFJ9VXgvj-MamPyZ8u8P8wifEU_jWh0oMT5PP7Ad4_5jA0mRps","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA-ICoFJ9VXgvj-MamPyZ8u8P8wifEU_jWh0oMT5PP7Ad4_5jA0mRps"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Iw6ZDeaOV9 Show response
code-eu1.jivosite.com/script/widget/config/ 3 KB
1 KB 255ms
221ms XHR
application/x-javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code-eu1.jivosite.com/script/widget/config/Iw6ZDeaOV9
Requested by: Host: code-eu1.jivosite.com
URL: https://code-eu1.jivosite.com/widget/Iw6ZDeaOV9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 276271b766a4cc24d41c255a779bd78338441e7531f250db11dd299889fe7a10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Mon, 10 Jan 2022 18:55:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=7200
cache: MISS
accept-ranges: bytes
x-geo-shard: eu1
content-length: 1039
via: 1.1 sharxy
expires: Mon, 10 Jan 2022 20:55:02 GMT

GET
H3 200 www-player-webp.css
www.youtube-nocookie.com/s/player/edff9f99/ Frame 3D7C 338 KB
46 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/edff9f99/www-player-webp.css

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:44:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 439845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47369
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:44:17 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube-nocookie.com/s/player/edff9f99/www-embed-player.vflset/ Frame 3D7C 227 KB
73 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e416f4af207200a176b8075f45d8b78b20940bbb5083f471cf83d3830eb9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 05:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 309066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75031
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 07 Jan 2023 05:03:56 GMT

GET
H3 200 base.js Show response
www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame 3D7C 2 MB
529 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f03fc73b13c16798d248b1260135461dab13eb93299a19d712a4682954d0ae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 439893
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 541622
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:43:29 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube-nocookie.com/s/player/edff9f99/fetch-polyfill.vflset/ Frame 3D7C 8 KB
3 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/edff9f99/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 11:04:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28237
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Jan 2023 11:04:25 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3D7C 15 KB
15 KB 41ms
16ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 524901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Jan 2023 17:06:41 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/586747826/ 2 KB
2 KB 72ms
29ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/586747826/?random=1641840902133&cv=9&fst=1641840902133&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpost.gzelly.app%2F&tiba=Gzelly%20Post&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e428953371a1aea7cb123bad80ea8d50fcd01b75bfd6289c8601262d2836c703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1025
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a3fmBC5pwb_hc1vtPj8EisbHNaOXXVv65hr18gGbcOg.js Show response
www.google.com/js/th/ Frame 3D7C 35 KB
14 KB 61ms
20ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/a3fmBC5pwb_hc1vtPj8EisbHNaOXXVv65hr18gGbcOg.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b77e6042e69c1bfe1735bed3e3f048ac6c735a3975d5bfae61af5f2019b70e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 15:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 15:46:37 GMT

GET
H3 200 embed.js Show response
www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame 3D7C 26 KB
7 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1e059aebb69545ec4e01b00c44d9e7e49181a019a6f87c9df5a7aec4e4e5a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:43:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 439892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7633
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:43:30 GMT

GET
DATA 200
OK truncated
/ Frame 3D7C 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLTqc4_YAoq5o6ReF9deJNviMO3IuFjyY0ec9e4VnQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 3D7C 4 KB
4 KB 72ms
17ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTqc4_YAoq5o6ReF9deJNviMO3IuFjyY0ec9e4VnQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: post.gzelly.app
URL: https://post.gzelly.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

56c1b70e17d0b97d71ca7b4d72a3017c3e6ab0c2cf89c568d843bfb900d18b36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 15:11:33 GMT
x-content-type-options: nosniff
age: 13409
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4034
x-xss-protection: 0
server: fife
etag: "v170"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 13:46:40 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/2Gg6Seob5Mg/ Frame 3D7C 23 KB
24 KB 62ms
16ms Image
image/webp 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/2Gg6Seob5Mg/maxresdefault.webp

Requested by

Host: post.gzelly.app
URL: https://post.gzelly.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9505cfd53ed1d0b4342c489160b49506c63e5a94849fdf0f681e5b5afe5954d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:43:43 GMT
x-content-type-options: nosniff
age: 679
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23602
x-xss-protection: 0
server: sffe
etag: "1573470470"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 10 Jan 2022 20:43:43 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/586747826/ 42 B
340 B 43ms
29ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/586747826/?random=1641840902133&cv=9&fst=1641837600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpost.gzelly.app%2F&tiba=Gzelly%20Post&async=1&fmt=3&is_vtc=1&random=1549939639&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: post.gzelly.app
URL: https://post.gzelly.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 18:55:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.se/pagead/1p-user-list/586747826/ 42 B
548 B 68ms
29ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/586747826/?random=1641840902133&cv=9&fst=1641837600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpost.gzelly.app%2F&tiba=Gzelly%20Post&async=1&fmt=3&is_vtc=1&random=1549939639&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: post.gzelly.app
URL: https://post.gzelly.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 18:55:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Iw6ZDeaOV9 Show response
node-eu1-b-3.jivosite.com/widget/status/1881006/ 195 B
514 B 124ms
38ms XHR
application/json 34.248.231.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://node-eu1-b-3.jivosite.com/widget/status/1881006/Iw6ZDeaOV9?rnd=0.8173240263787618

Requested by

Host: code-eu1.jivosite.com
URL: https://code-eu1.jivosite.com/widget/Iw6ZDeaOV9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.248.231.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-231-27.eu-west-1.compute.amazonaws.com

Software

foxy /

Resource Hash

3442822849e788b64dcad03001c566ad6714b889c921a4ddbf424e507327064a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'none';
server: foxy
x-botmode: no
x-geoip: DE;TH;Erfurt
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://post.gzelly.app
access-control-expose-headers: X-Geoip, X-Botmode
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-max-age: 1728000
content-length: 195
date: Mon, 10 Jan 2022 18:55:02 GMT

OPTIONS
H/1.1 200
OK rpc
app.ecwid.com/ Frame 0
0 76ms
25ms Preflight 52.59.174.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/rpc?ownerid=30602022&customerlang=sv&version=2021-48597-ga734e7f8e24
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.174.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-174-158.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-gwt-module-base,x-gwt-permutation
Origin: https://post.gzelly.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 10 Jan 2022 18:55:02 GMT
Content-Length: 0
Connection: keep-alive
Allow: GET, HEAD, POST, TRACE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token

OPTIONS
H/1.1 200
OK rpc
app.ecwid.com/ Frame 0
0 83ms
25ms Preflight 52.59.174.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/rpc?ownerid=30602022&customerlang=sv&version=2021-48597-ga734e7f8e24
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.174.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-174-158.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-gwt-module-base,x-gwt-permutation
Origin: https://post.gzelly.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 10 Jan 2022 18:55:02 GMT
Content-Length: 0
Connection: keep-alive
Allow: GET, HEAD, POST, TRACE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token

POST
H/1.1 200
OK rpc Show response
app.ecwid.com/ 12 B
238 B 27ms
24ms XHR
application/json 52.59.174.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/rpc?ownerid=30602022&customerlang=sv&version=2021-48597-ga734e7f8e24
Requested by: Host:
URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.174.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-174-158.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base: https://d2scn539ulxr09.cloudfront.net/static/br/2021-48597-ga734e7f8e24/
X-GWT-Permutation: 10D91F80D60A394292BC2924B2689859
Referer: https://post.gzelly.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 10 Jan 2022 18:55:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 12
Content-Disposition: attachment
Content-Type: application/json;charset=utf-8

POST
H/1.1 200
OK rpc Show response
app.ecwid.com/ 12 B
238 B 27ms
27ms XHR
application/json 52.59.174.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/rpc?ownerid=30602022&customerlang=sv&version=2021-48597-ga734e7f8e24
Requested by: Host:
URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.174.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-174-158.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base: https://d2scn539ulxr09.cloudfront.net/static/br/2021-48597-ga734e7f8e24/
X-GWT-Permutation: 10D91F80D60A394292BC2924B2689859
Referer: https://post.gzelly.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 10 Jan 2022 18:55:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 12
Content-Disposition: attachment
Content-Type: application/json;charset=utf-8

GET
H/1.1 200
OK 1627599030564.jpg
s3.amazonaws.com/images.ecwid.com/startersite/images/30602022/ 36 KB
36 KB 453ms
157ms Image
image/png 52.217.69.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.ecwid.com/startersite/images/30602022/1627599030564.jpg
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.69.62 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8f3110d1e400c4a9b521a9aa2c2732590bb092bc5f0c977849c2e153d13491fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 18:55:03 GMT
Last-Modified: Thu, 29 Jul 2021 22:50:25 GMT
Server: AmazonS3
x-amz-request-id: R4VX06F0P6S9CN9T
ETag: "f834114cbcdcc491cca6cc1e0045e555"
Content-Type: image/png
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 36819
x-amz-id-2: Fj4gbk754GxZjoJbaB8HkIfriJKhnOh4I6n1PY3t5MM62Tj696pDHbinoBficDOdgTwDUey5u8Q=

GET
H/1.1 200
OK 1627599491658.jpg
s3.amazonaws.com/images.ecwid.com/startersite/images/30602022/ 69 KB
70 KB 427ms
128ms Image
image/png 52.217.69.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/images.ecwid.com/startersite/images/30602022/1627599491658.jpg
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.69.62 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b242e37730efd34887272253bf8722777e34da1e560ad807cd3744877140a0c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 18:55:03 GMT
Last-Modified: Thu, 29 Jul 2021 22:58:09 GMT
Server: AmazonS3
x-amz-request-id: R4VW0YEZHZSN3FY3
ETag: "e9f2df659d3723b15b4abe71d3215ff9"
Content-Type: image/png
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 70965
x-amz-id-2: FAUZfOxtQLFiHrTiYsO6AgfUBh3zXRdDETNAJ/oab/ug9UoK1Qa7v67Gu2/+FPBXkUXBS89QZqs=

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 50ms
15ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host:
URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: MgBu1FMK0Q5/ksHr/xJldzeGxjSYNDaeFXLPqErclnhAmJpGX82U5+EKD10yHsavnoKxSqlmeTUEN81fl8O/bg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 10 Jan 2022 18:55:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 18 KB
7 KB 67ms
33ms Script
application/javascript 143.204.98.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host:
URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-106.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:02 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6867
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-id: 02jFuwVA7UFszRpKR8PdzcEZLHeb1s1Ew6cO4XBAq63iunGoeEDtqg==

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/586747826/ 2 KB
1 KB 159ms
132ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/586747826/?random=1641840902450&cv=9&fst=1641840902450&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpost.gzelly.app%2F&tiba=Gzelly%20Post&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd89aa9f859c7e784a7c6e10e7ed853b399c6c4c70f968f2c9036be8735dd250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 18:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1025
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 41ms
15ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: post.gzelly.app
URL: https://post.gzelly.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6836
date: Mon, 10 Jan 2022 17:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 10 Jan 2022 19:01:06 GMT

GET
H2 200 30602022 Show response
code.jivosite.com/script/ecwid/ 236 B
341 B 676ms
675ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/script/ecwid/30602022
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/ecwid/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 957b5b3f95c6eb9d8da513b14e6c5d6bf5cecf22da694602060a7aab7f31bb4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: fr5-up-gc32
date: Mon, 10 Jan 2022 18:55:03 GMT
via: 1.1 sharxy
server: nginx
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=7200, public
cache: MISS
accept-ranges: bytes
x-geo-shard: eu1
content-length: 236

GET
H2 200 pixel.js Show response
cdn.popt.in/ 189 KB
40 KB 92ms
41ms Script
text/javascript 2606:4700:20::681a:1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popt.in/pixel.js?id=fc4d0b6df1362
Requested by: Host: bc.popt.in
URL: https://bc.popt.in/ecwid/js/storefront.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 381ab61d68b6f660509a05098ac1c79f47f584f32d798c70b471933f56136a7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:02 GMT
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4016
x-cache: Hit from cloudfront
content-type: text/javascript
content-encoding: br
last-modified: Mon, 10 Jan 2022 09:24:47 GMT
server: cloudflare
etag: W/"a77ac7826ac9aace9a3a882fcc70c30f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNysPZadRq50pjWkLDrJOBWTyW%2BLODYaUU4ixINP%2BQH7d0oewZqIuTA1I%2BoHhW3QtLng3FarZJJzC54ZC0gQQWBIQRPOFI3%2F3rL1VvcjlICwB4HyaSlXnWNCZS7nxaT7gz3U6aZ1mEad"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: G_Jj7Dh3oQsYBSdNye1XbX0Yp5toy5oq
cache-control: max-age=1800
x-amz-cf-pop: FRA56-P3
cf-ray: 6cb81e098ba55c20-FRA
x-amz-cf-id: 4uAwjY3fE85bGoqupuMaKKdJZI0HGb_JsZcI44tyGWJjI8s4vzApUw==

GET
H2 200 ecwid-checkout.db422f3d49f150be80c3c1150b9f589a.min.js Show response
d2scn539ulxr09.cloudfront.net/venera/static/ 635 KB
146 KB 16ms
16ms Script
application/javascript 143.204.101.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2scn539ulxr09.cloudfront.net/venera/static/ecwid-checkout.db422f3d49f150be80c3c1150b9f589a.min.js

Requested by

Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?30602022&data_platform=startersite_v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-109.fra50.r.cloudfront.net

Software

nginx/1.19.0 /

Resource Hash

28dc04feb2993b739f88ce6ff1d9668fd77d984f55b6fe7f893348c820da39f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 11:36:33 GMT
content-encoding: gzip
server: nginx/1.19.0
age: 2186308
etag: db422f3d49f150be80c3c1150b9f589a
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: MKXuVZ7Q6AlFQcrOdqDlcGs3Ti2rne2U6e8Wqhgxvq9nVT5PbFrwpg==
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)

POST
H2 200 register
ecomm.events/ 0
94 B 118ms
118ms Ping
text/plain 54.145.217.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ecomm.events/register

Requested by

Host: ecomm.events
URL: https://ecomm.events/i.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.145.217.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-145-217-26.compute-1.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://post.gzelly.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 10 Jan 2022 18:55:02 GMT
server: nginx/1.19.0
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

POST
H/1.1 200
OK rpc Show response
app.ecwid.com/ 16 KB
4 KB 38ms
37ms XHR
application/json 52.59.174.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/rpc?ownerid=30602022&customerlang=sv&version=2021-48597-ga734e7f8e24
Requested by: Host:
URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.174.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-174-158.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cfc7d8e929b8b1848437fadbb6b1e7542ad3f9debeb90c5324071b000ac24c06

Request headers

X-GWT-Module-Base: https://d2scn539ulxr09.cloudfront.net/static/br/2021-48597-ga734e7f8e24/
X-GWT-Permutation: 10D91F80D60A394292BC2924B2689859
Referer: https://post.gzelly.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

Date: Mon, 10 Jan 2022 18:55:02 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 4133

OPTIONS
H/1.1 200
OK rpc
app.ecwid.com/ Frame 0
0 26ms
26ms Preflight 52.59.174.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/rpc?ownerid=30602022&customerlang=sv&version=2021-48597-ga734e7f8e24
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.174.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-174-158.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-gwt-module-base,x-gwt-permutation
Origin: https://post.gzelly.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 10 Jan 2022 18:55:02 GMT
Content-Length: 0
Connection: keep-alive
Allow: GET, HEAD, POST, TRACE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token

OPTIONS
H/1.1 200
OK rpc
app.ecwid.com/ Frame 0
0 27ms
27ms Preflight 52.59.174.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/rpc?ownerid=30602022&customerlang=sv&version=2021-48597-ga734e7f8e24
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.174.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-174-158.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-gwt-module-base,x-gwt-permutation
Origin: https://post.gzelly.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 10 Jan 2022 18:55:02 GMT
Content-Length: 0
Connection: keep-alive
Allow: GET, HEAD, POST, TRACE, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token

GET
H2 200 30602022.widgets.js Show response
static.zotabox.com/ecwid/ 106 KB
29 KB 372ms
372ms Script
application/javascript 2606:4700:10::ac43:14d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.zotabox.com/ecwid/30602022.widgets.js
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:14d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f900120ba96fec1f6c1c7d4950b385d223d1e08fcc13c50d67699fbe559b0a5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:03 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 07 Jan 2022 17:34:08 GMT
server: cloudflare
etag: W/"61d87990-1a688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public, max-age=3600
cf-ray: 6cb81e0a194d6949-FRA
expires: Mon, 10 Jan 2022 19:55:02 GMT

POST
H/1.1 200
OK rpc Show response
app.ecwid.com/ 12 B
238 B 30ms
30ms XHR
application/json 52.59.174.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.ecwid.com/rpc?ownerid=30602022&customerlang=sv&version=2021-48597-ga734e7f8e24
Requested by: Host:
URL: ru.cdev.xnext.legacyfrontendstub.LegacyFrontendStub-0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.174.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-174-158.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base: https://d2scn539ulxr09.cloudfront.net/static/br/2021-48597-ga734e7f8e24/
X-GWT-Permutation: 10D91F80D60A394292BC2924B2689859
Referer: https://post.gzelly.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 10 Jan 2022 18:55:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 12
Content-Disposition: attachment
Content-Type: application/json;charset=utf-8

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:47:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 10 Jan 2022 19:47:10 GMT

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 46 B
313 B 65ms
28ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=7df1b494-69eb-4e0f-8896-90838a8593f1

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

937ba600eb7ee476ac14cba807ca2170e923103084d28313727d1cff898a2067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:02 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46

GET
H3 200 /
www.google.com/pagead/1p-user-list/586747826/ 42 B
64 B 55ms
29ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/586747826/?random=1641840902450&cv=9&fst=1641837600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpost.gzelly.app%2F&tiba=Gzelly%20Post&async=1&fmt=3&is_vtc=1&random=2296338019&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: post.gzelly.app
URL: https://post.gzelly.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 18:55:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.se/pagead/1p-user-list/586747826/ 42 B
64 B 53ms
29ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/586747826/?random=1641840902450&cv=9&fst=1641837600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpost.gzelly.app%2F&tiba=Gzelly%20Post&async=1&fmt=3&is_vtc=1&random=2296338019&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: post.gzelly.app
URL: https://post.gzelly.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 18:55:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ 84 KB
27 KB 88ms
27ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: cdn.popt.in
URL: https://cdn.popt.in/pixel.js?id=fc4d0b6df1362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 427748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26909
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14e4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqjdENSNqS6BCddUo%2Fv3FvuiiV0fKFoOXKvXOZm5s7yHAFDmSepbd0%2BW3Hg%2F6grh0mpRC3YpEeLwW0ocqbddTZCe52GP5D6Fq8UAWS0pEHQnOp%2BGjz1vGqYWpOjrGylRUDDXIs0Klc%2BIHwS0H3RdtFtn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cb81e0b2f104e55-FRA
expires: Sat, 31 Dec 2022 18:55:02 GMT

GET
H3 204 generate_204
www.youtube-nocookie.com/ Frame 3D7C 0
9 B 16ms
15ms Image
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube-nocookie.com/generate_204?-w5OXw
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 player Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 3D7C 72 KB
19 KB 89ms
88ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa04aff9dcc8b61e212195a40332f720b37e2cbb3adc225002dcefcdc6d765cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220104.01.00
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-Goog-Visitor-Id: Cgs0R1pnWG9GODhlOCiGgvKOBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 10 Jan 2022 18:55:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19928
x-xss-protection: 0
expires: Mon, 10 Jan 2022 18:55:02 GMT

GET
H3 200 i Show response
tr.snapchat.com/cm/ Frame 3A92 0
12 B 46ms
30ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=7df1b494-69eb-4e0f-8896-90838a8593f1

Requested by

Host: post.gzelly.app
URL: https://post.gzelly.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/

Response headers

server: nginx/1.17.3
date: Mon, 10 Jan 2022 18:55:02 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
16ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1250667121&t=pageview&cu=SEK&_s=1&dl=https%3A%2F%2Fpost.gzelly.app%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Gzelly%20Post&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGAAAAIJC~&cid=243350769.1641840903&tid=UA-166792357-2&_gid=1081700478.1641840903&z=479463618

Requested by

Host: post.gzelly.app
URL: https://post.gzelly.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 16:26:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8923
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fc4d0b6df1362 Show response
display.popt.in/APIRequest/ 68 B
2 KB 326ms
281ms XHR
application/json 2606:4700:20::ac43:464f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://display.popt.in/APIRequest/fc4d0b6df1362?domain=https%3A%2F%2Fpost.gzelly.app%2F&referrer=&cookies=+poptin_old_user%3Dtrue+poptin_user_id%3D0.rev77rmtza+poptin_referrer%3D+poptin_new_user%3Dtrue+poptin_viewed_session%3Dfalse+&triggers=&cc=false&if_mobile=false&page_title=Gzelly+Post&origin_landing_page=https%3A%2F%2Fpost.gzelly.app%2F&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Fpost.gzelly.app%2F&shopify_customer_id=0&cart_total_items=0&cart_total_price=0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:464f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6ecfd1daac5c0eac2b8e47c43b893aee49524cdd77ff16a0c2b3fc792eac0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://post.gzelly.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7Bee5VH0%2B5vjzi5dJR%2BVhDZqY%2F9WTutUK2KPEe509xVxmOpQv0PZ8wag0TQ%2FC7fFwJKXWYWO8OgFGH%2B%2BBK%2F0DvxqNrvbXiveZcRvxePbaFpEF%2BjJDPkeXJwPleAKgQ2HGCjW5%2F6WLFJN4dNYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6cb81e0c2f5b701c-FRA
access-control-allow-headers: Origin, Content-Type

POST
H3 204 qoe
www.youtube-nocookie.com/api/stats/ Frame 3D7C 0
17 B 99ms
99ms Ping
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/qoe?fmt=398&afmt=250&cpn=uXlFGbxVnyIUrPB_&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082662%2C24129402%2C24141079%2C24146886&cl=419703423&seq=1&docid=2Gg6Seob5Mg&ei=BoHcYZijOL3AsALu7q_ADg&event=streamingstats&plid=AAXVPt_MSU9qNS5K&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2F2Gg6Seob5Mg%3Fautohide%3D1%26rel%3D0%26autoplay%3D0%26playsinline%3D1%26iv_load_policy%3D3%26modestbranding%3D1%26controls%3D0%26showinfo%3D0%26disablekb%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fpost.gzelly.app%26widgetid%3D1&cbr=Chrome&cbrver=97.0.4692.71&c=WEB_EMBEDDED_PLAYER&cver=1.20220104.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.005:B,0.007:S,0.126:S,0.126:S&cmt=0.005:0.000,0.007:0.000,0.126:0.000&afs=0.126:250::i&vfs=0.126:398:398::r&view=0.126:1600:1200&bwe=0.126:130000&bat=0.126:1:1&vis=0.126:0&bh=0.126:0.000

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
rr5---sn-4g5lznl7.googlevideo.com/ Frame 3D7C 139 KB
140 KB 79ms
17ms XHR
video/mp4 2a00:1450:4001:1c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5lznl7.googlevideo.com/videoplayback?expire=1641862502&ei=BoHcYZijOL3AsALu7q_ADg&ip=2001%3A1b60%3A1010%3A3%3A1011%3A622b%3A9f40%3A7200&id=o-APYs0vtP9E7l0IZE99wPxeElzj0VxrD48wzP6DUgzZ5c&itag=398&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=6J&mm=31%2C29&mn=sn-4g5lznl7%2Csn-4g5ednsr&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=1082500&vprv=1&mime=video%2Fmp4&ns=r99CYXA683JumgHuZSLBBOEG&gir=yes&clen=19032641&dur=289.999&lmt=1581603207250359&mt=1641840541&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5301222&n=PA_cpmTO98wATA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgJ0Ou1ArcPPSlvvLLIZWcWnpaheE2lTsegVj3mEe8OVACIQDXZTm0NSsN_RQcpQNwpytg8ChMopdQtTvsyFjjQcljNA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKcE84xt4BZG9wnEFWTMU8jX0LFK2bXvvQR2EzNQfEGWAiAKsas_andI8SqU3AOZOk7GOA67TzY0f-YHbSNibP7oVA%3D%3D&alr=yes&cpn=uXlFGbxVnyIUrPB_&cver=1.20220104.01.00&range=0-142374&rn=1&rbuf=0

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9720baac876767ba2d112d315e6c062eb18fa7cb4b800005e14be6ba0da58f26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 18:55:03 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 142375
Last-Modified: Thu, 13 Feb 2020 14:13:27 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
X-Content-Type-Options: nosniff
Expires: Mon, 10 Jan 2022 18:55:03 GMT

GET
H/1.1 200
OK videoplayback Show response
rr5---sn-4g5lznl7.googlevideo.com/ Frame 3D7C 65 KB
66 KB 77ms
17ms XHR
audio/webm 2a00:1450:4001:1c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5lznl7.googlevideo.com/videoplayback?expire=1641862502&ei=BoHcYZijOL3AsALu7q_ADg&ip=2001%3A1b60%3A1010%3A3%3A1011%3A622b%3A9f40%3A7200&id=o-APYs0vtP9E7l0IZE99wPxeElzj0VxrD48wzP6DUgzZ5c&itag=250&source=youtube&requiressl=yes&mh=6J&mm=31%2C29&mn=sn-4g5lznl7%2Csn-4g5ednsr&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=1082500&vprv=1&mime=audio%2Fwebm&ns=r99CYXA683JumgHuZSLBBOEG&gir=yes&clen=131590&dur=290.021&lmt=1605639076833782&mt=1641840541&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=PA_cpmTO98wATA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAI1vsS8CCaP8N998dHQD4eokDp6THXRfkiD5zF5_8yP_AiAqQc2OcQf_ll0axXSM4csl9KLp5VL11qfi2oMmr5hOkQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKcE84xt4BZG9wnEFWTMU8jX0LFK2bXvvQR2EzNQfEGWAiAKsas_andI8SqU3AOZOk7GOA67TzY0f-YHbSNibP7oVA%3D%3D&alr=yes&cpn=uXlFGbxVnyIUrPB_&cver=1.20220104.01.00&range=0-66287&rn=2&rbuf=0

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

de18ac123e3c23a7541de9362edce3ffff2dc1e16af2761ba8cfb032984fd821

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 18:55:03 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 66288
Last-Modified: Tue, 17 Nov 2020 18:51:16 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
Expires: Mon, 10 Jan 2022 18:55:03 GMT

GET
H3 200 endscreen.js Show response
www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame 3D7C 26 KB
7 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee0127ee0b8403e55b50748b2e3bec36d8e74b9fe4068412d67b0acd9ff54790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 17:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 438492
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7223
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 17:06:51 GMT

POST
H3 200 next Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 3D7C 66 KB
4 KB 223ms
223ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4ac41f775ab76a76a355f96df649056c109be9ba5b7319d94bc0180e17daeaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220104.01.00
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
X-Goog-Visitor-Id: Cgs0R1pnWG9GODhlOCiGgvKOBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 10 Jan 2022 18:55:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4374
x-xss-protection: 0
expires: Mon, 10 Jan 2022 18:55:03 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5lznl7.googlevideo.com/ Frame 3D7C 138 KB
138 KB 36ms
17ms XHR
video/mp4 2a00:1450:4001:1c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

df809b51cefcd2293e28c115257f6e035605ce3fe3d04e68463f8e62c5260f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:03 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140983
client-protocol: quic
last-modified: Thu, 13 Feb 2020 14:13:27 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
x-content-type-options: nosniff
expires: Mon, 10 Jan 2022 18:55:03 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5lznl7.googlevideo.com/ Frame 3D7C 294 KB
295 KB 17ms
16ms XHR
video/mp4 2a00:1450:4001:1c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3e24a98d9e244538b5ec2b94adc87819c58a1ece1d46182571dde95380e2b69c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:03 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301547
client-protocol: quic
last-modified: Thu, 13 Feb 2020 14:13:27 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
x-content-type-options: nosniff
expires: Mon, 10 Jan 2022 18:55:03 GMT

POST
H2 200 multi Show response
stats.zotabox.com/api/1.0/event/ 0
330 B 407ms
350ms XHR
text/plain 2606:4700:10::ac43:14d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.zotabox.com/api/1.0/event/multi
Requested by: Host: static.zotabox.com
URL: https://static.zotabox.com/ecwid/30602022.widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:14d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://post.gzelly.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 10 Jan 2022 18:55:03 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cf-ray: 6cb81e0dbcfa536a-FRA
access-control-allow-headers: Content-Type

GET
H3 204 playback
www.youtube-nocookie.com/api/stats/ Frame 3D7C 0
17 B 25ms
24ms Image
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube-nocookie.com/api/stats/playback?ns=yt&el=embedded&cpn=uXlFGbxVnyIUrPB_&ver=2&cmt=0.057&fmt=398&fs=0&rt=0.379&euri=https%3A%2F%2Fpost.gzelly.app%2F&lact=936&cl=419703423&mos=1&volume=100&cbr=Chrome&cbrver=97.0.4692.71&c=WEB_EMBEDDED_PLAYER&cver=1.20220104.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=de_DE&cr=SE&len=290&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082662%2C24129402%2C24141079%2C24146886&rtn=4&afmt=250&size=1600%3A1200&inview=0&muted=1&docid=2Gg6Seob5Mg&ei=BoHcYZijOL3AsALu7q_ADg&plid=AAXVPt_MSU9qNS5K&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2F2Gg6Seob5Mg%3Fautohide%3D1%26rel%3D0%26autoplay%3D0%26playsinline%3D1%26iv_load_policy%3D3%26modestbranding%3D1%26controls%3D0%26showinfo%3D0%26disablekb%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fpost.gzelly.app%26widgetid%3D1&of=eyPXt8HZ-6CTp8AcPmpp8A&vm=CAEQARgEOjJBS1JhaHdCWUZJb3JtR0ZYRWJmOEtPQ0lHN1I3YVhkLUxoeV80UG43cTNVblRmdG55Z2JYQVBta0tES1NJMUNrX3owNTNSVUpsU0g3UWk0c2pjaGphWHFGTTQ4am5TSDRPakdEa1RLbnUwamFvcHkxck1RZHZpRG1VbWNfM2NhSi1IV0Q4ZXRYYlpNUQ

Requested by

Host: post.gzelly.app
URL: https://post.gzelly.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking
www.youtube-nocookie.com/ Frame 3D7C 0
19 B 24ms
23ms Image
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube-nocookie.com/ptracking?html5=1&video_id=2Gg6Seob5Mg&cpn=uXlFGbxVnyIUrPB_&ei=BoHcYZijOL3AsALu7q_ADg&ptk=youtube_single&oid=bxz_2U7TtLnomKpRowvWNg&ptchn=y_cwHiQYE0ZAzXP5vPXzJA&pltype=content

Requested by

Host: post.gzelly.app
URL: https://post.gzelly.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ewPV2xcRew Show response
code.jivosite.com/script/widget/ 17 KB
6 KB 227ms
226ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/script/widget/ewPV2xcRew
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/script/ecwid/30602022
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 59e0a592ba2ac39f4d576730491c1ff22ac5ebb8db78be29b7dea9cf3491fbee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Mon, 10 Jan 2022 18:55:03 GMT
content-encoding: br
access-control-allow-origin: *
x-geo-shard: eu1
content-length: 6175
last-modified: Mon, 10 Jan 2022 09:08:20 GMT
server: nginx
etag: "61dbf784-181f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 sharxy
cache-control: max-age=7200
cache: MISS
accept-ranges: bytes
expires: Mon, 10 Jan 2022 20:55:03 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5lznl7.googlevideo.com/ Frame 3D7C 1 KB
1 KB 18ms
17ms XHR
video/mp4 2a00:1450:4001:1c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5lznl7.googlevideo.com/videoplayback?expire=1641862502&ei=BoHcYZijOL3AsALu7q_ADg&ip=2001%3A1b60%3A1010%3A3%3A1011%3A622b%3A9f40%3A7200&id=o-APYs0vtP9E7l0IZE99wPxeElzj0VxrD48wzP6DUgzZ5c&itag=399&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=6J&mm=31%2C29&mn=sn-4g5lznl7%2Csn-4g5ednsr&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=1082500&vprv=1&mime=video%2Fmp4&ns=r99CYXA683JumgHuZSLBBOEG&gir=yes&clen=32543783&dur=289.999&lmt=1581603553391365&mt=1641840541&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5301222&n=PA_cpmTO98wATA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPpOq9FL_FUtXdu7jCGKI7B9tQJb3hdGQziMVps4pYWiAiEA3Po2qBnvjAoECpvXYEcGkwlMGBWIePw_pXrz3LVRIGM%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKcE84xt4BZG9wnEFWTMU8jX0LFK2bXvvQR2EzNQfEGWAiAKsas_andI8SqU3AOZOk7GOA67TzY0f-YHbSNibP7oVA%3D%3D&alr=yes&cpn=uXlFGbxVnyIUrPB_&cver=1.20220104.01.00&range=0-1391&rn=5&rbuf=0

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c713be9614a41217d36aec0a6831eac62b6663f71b5fcc8b59073d877360c054

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:03 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1392
client-protocol: quic
last-modified: Thu, 13 Feb 2020 14:19:13 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
x-content-type-options: nosniff
expires: Mon, 10 Jan 2022 18:55:03 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5lznl7.googlevideo.com/ Frame 3D7C 125 KB
125 KB 17ms
17ms XHR
video/mp4 2a00:1450:4001:1c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0a0f280230fce0670021c1dc2e09ce8cbdbaf41d72f9df1b290aeb2f1336a02f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:03 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127643
client-protocol: quic
last-modified: Thu, 13 Feb 2020 14:13:27 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
x-content-type-options: nosniff
expires: Mon, 10 Jan 2022 18:55:03 GMT

POST
H3 204 qoe
www.youtube-nocookie.com/api/stats/ Frame 3D7C 0
17 B 23ms
23ms Ping
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/qoe?fmt=399&afmt=250&cpn=uXlFGbxVnyIUrPB_&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082662%2C24129402%2C24141079%2C24146886&cl=419703423&seq=2&docid=2Gg6Seob5Mg&ei=BoHcYZijOL3AsALu7q_ADg&event=streamingstats&plid=AAXVPt_MSU9qNS5K&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2F2Gg6Seob5Mg%3Fautohide%3D1%26rel%3D0%26autoplay%3D0%26playsinline%3D1%26iv_load_policy%3D3%26modestbranding%3D1%26controls%3D0%26showinfo%3D0%26disablekb%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fpost.gzelly.app%26widgetid%3D1&cbr=Chrome&cbrver=97.0.4692.71&c=WEB_EMBEDDED_PLAYER&cver=1.20220104.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&user_intent=0&vfs=0.424:399:399:398:r&view=0.424:2133:1600&vps=0.424:S,0.424:S&bwm=0.424:780228:0.422&bwe=0.424:1188441&bat=0.424:1:1&cmt=0.424:0.103&bh=0.424:8.033&df=0.424:2

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 18:55:03 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback Show response
rr5---sn-4g5lznl7.googlevideo.com/ Frame 3D7C 1 MB
1 MB 16ms
15ms XHR
video/mp4 2a00:1450:4001:1c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5lznl7.googlevideo.com/videoplayback?expire=1641862502&ei=BoHcYZijOL3AsALu7q_ADg&ip=2001%3A1b60%3A1010%3A3%3A1011%3A622b%3A9f40%3A7200&id=o-APYs0vtP9E7l0IZE99wPxeElzj0VxrD48wzP6DUgzZ5c&itag=399&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=6J&mm=31%2C29&mn=sn-4g5lznl7%2Csn-4g5ednsr&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=1082500&vprv=1&mime=video%2Fmp4&ns=r99CYXA683JumgHuZSLBBOEG&gir=yes&clen=32543783&dur=289.999&lmt=1581603553391365&mt=1641840541&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5301222&n=PA_cpmTO98wATA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPpOq9FL_FUtXdu7jCGKI7B9tQJb3hdGQziMVps4pYWiAiEA3Po2qBnvjAoECpvXYEcGkwlMGBWIePw_pXrz3LVRIGM%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKcE84xt4BZG9wnEFWTMU8jX0LFK2bXvvQR2EzNQfEGWAiAKsas_andI8SqU3AOZOk7GOA67TzY0f-YHbSNibP7oVA%3D%3D&alr=yes&cpn=uXlFGbxVnyIUrPB_&cver=1.20220104.01.00&range=1216773-2428479&rn=7&rbuf=10667

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

994d0ae2aff5152e23e49b26e214e30f9c6eb13c3d879026b7e1570978e87005

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 18:55:03 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1211707
client-protocol: quic
last-modified: Thu, 13 Feb 2020 14:19:13 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
x-content-type-options: nosniff
expires: Mon, 10 Jan 2022 18:55:03 GMT

GET
H2 200 bundle_sv.js Show response
code-eu1.jivosite.com/js/ 1 MB
276 KB 56ms
56ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code-eu1.jivosite.com/js/bundle_sv.js?rand=1641823868
Requested by: Host: code-eu1.jivosite.com
URL: https://code-eu1.jivosite.com/widget/Iw6ZDeaOV9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: fade9d28ebeb2a9986a36f992bbd1553daf19c160ff0350689488d1a1c2743f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Mon, 10 Jan 2022 18:55:03 GMT
content-encoding: br
access-control-allow-origin: *
x-cached-since: 2022-01-10T15:37:45+00:00
x-geo-shard: eu1
content-length: 281909
last-modified: Mon, 10 Jan 2022 09:10:21 GMT
server: nginx
etag: "61dbf7fd-44d35"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 sharxy
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes

GET
H2 200 widget.css
code-eu1.jivosite.com/css/93c0818d/ 236 KB
51 KB 41ms
41ms Stylesheet
text/css 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code-eu1.jivosite.com/css/93c0818d/widget.css
Requested by: Host: post.gzelly.app
URL: https://post.gzelly.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1f0875dcba154cf9929bfce75df41eaeb2d620f7d52922474398de0044ae717b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://post.gzelly.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Mon, 10 Jan 2022 18:55:03 GMT
content-encoding: br
x-cached-since: 2022-01-10T14:24:10+00:00
x-geo-shard: eu1
content-length: 51568
last-modified: Mon, 10 Jan 2022 09:09:46 GMT
server: nginx
etag: "61dbf7da-c970"
vary: Accept-Encoding
content-type: text/css
via: 1.1 sharxy
cache-control: max-age=864000
cache: HIT
accept-ranges: bytes
expires: Thu, 20 Jan 2022 14:24:09 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 238458332b22ccf7d78deac5a932f7d56fabaee575b8a1df679c46a65aa4583c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8616d474d34514e7de3d775aef6524395dcfb4f22a56c500853b68ef3117c307

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 206 agent_message.mp3
code-eu1.jivosite.com/sounds/ 4 KB
4 KB 75ms
75ms Media
audio/mpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code-eu1.jivosite.com/sounds/agent_message.mp3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

Referer: https://post.gzelly.app/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

x-id: fr5-up-gc37
date: Mon, 10 Jan 2022 18:55:03 GMT
via: 1.1 sharxy
x-cached-since: 2022-01-10T14:24:07+00:00
Content-Range: bytes 0-3759/3760
x-geo-shard: eu1
Content-Length: 3760
last-modified: Mon, 10 Jan 2022 09:07:37 GMT
server: nginx
etag: "61dbf759-eb0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cache: HIT
expires: Wed, 09 Feb 2022 14:24:07 GMT

GET
H2 206 notification.mp3
code-eu1.jivosite.com/sounds/ 6 KB
6 KB 79ms
79ms Media
audio/mpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code-eu1.jivosite.com/sounds/notification.mp3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

Referer: https://post.gzelly.app/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

x-id: fr5-up-gc37
date: Mon, 10 Jan 2022 18:55:03 GMT
via: 1.1 sharxy
x-cached-since: 2022-01-10T14:24:16+00:00
Content-Range: bytes 0-5807/5808
x-geo-shard: eu1
Content-Length: 5808
last-modified: Mon, 10 Jan 2022 09:07:37 GMT
server: nginx
etag: "61dbf759-16b0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cache: HIT
expires: Wed, 09 Feb 2022 14:24:16 GMT

GET
H2 206 outgoing_message.mp3
code-eu1.jivosite.com/sounds/ 5 KB
5 KB 93ms
93ms Media
audio/mpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://code-eu1.jivosite.com/sounds/outgoing_message.mp3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

Referer: https://post.gzelly.app/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

x-id: fr5-up-gc37
date: Mon, 10 Jan 2022 18:55:03 GMT
via: 1.1 sharxy
x-cached-since: 2022-01-10T14:24:32+00:00
Content-Range: bytes 0-5013/5014
x-geo-shard: eu1
Content-Length: 5014
last-modified: Mon, 10 Jan 2022 09:07:37 GMT
server: nginx
etag: "61dbf759-1396"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cache: HIT
expires: Wed, 09 Feb 2022 14:24:32 GMT

POST
H3 200 log_event Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 3D7C 28 B
54 B 33ms
33ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
X-YouTube-Client-Version: 1.20220104.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs0R1pnWG9GODhlOCiGgvKOBg%3D%3D
X-YouTube-Ad-Signals: dt=1641840902239&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2133%2C1600&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 10 Jan 2022 18:55:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 10 Jan 2022 18:55:04 GMT

GET
H3 204 watchtime
www.youtube-nocookie.com/api/stats/ Frame 3D7C 0
17 B 24ms
23ms Image
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube-nocookie.com/api/stats/watchtime?ns=yt&el=embedded&cpn=uXlFGbxVnyIUrPB_&ver=2&cmt=3.68&fmt=399&fs=0&rt=4.001&euri=https%3A%2F%2Fpost.gzelly.app%2F&lact=3415&cl=419703423&state=playing&volume=100%2C100&cbr=Chrome&cbrver=97.0.4692.71&c=WEB_EMBEDDED_PLAYER&cver=1.20220104.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=de_DE&cr=SE&len=290&rtn=14&afmt=250&idpj=-7&ldpj=-21&rti=4&size=2133%3A1600&inview=0&st=0%2C0.159&et=0.057%2C3.68&muted=1%2C1&docid=2Gg6Seob5Mg&ei=BoHcYZijOL3AsALu7q_ADg&plid=AAXVPt_MSU9qNS5K&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2F2Gg6Seob5Mg%3Fautohide%3D1%26rel%3D0%26autoplay%3D0%26playsinline%3D1%26iv_load_policy%3D3%26modestbranding%3D1%26controls%3D0%26showinfo%3D0%26disablekb%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fpost.gzelly.app%26widgetid%3D1&of=eyPXt8HZ-6CTp8AcPmpp8A&vm=CAEQARgEOjJBS1JhaHdCWUZJb3JtR0ZYRWJmOEtPQ0lHN1I3YVhkLUxoeV80UG43cTNVblRmdG55Z2JYQVBta0tES1NJMUNrX3owNTNSVUpsU0g3UWk0c2pjaGphWHFGTTQ4am5TSDRPakdEa1RLbnUwamFvcHkxck1RZHZpRG1VbWNfM2NhSi1IV0Q4ZXRYYlpNUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 18:55:06 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 atr Show response
www.youtube-nocookie.com/api/stats/ Frame 3D7C 0
17 B 28ms
27ms XHR
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/atr?ns=yt&el=embedded&cpn=uXlFGbxVnyIUrPB_&ver=2&cmt=4.574&fmt=399&fs=0&rt=4.895&euri=https%3A%2F%2Fpost.gzelly.app%2F&lact=4309&cl=419703423&mos=1&volume=100&cbr=Chrome&cbrver=97.0.4692.71&c=WEB_EMBEDDED_PLAYER&cver=1.20220104.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=de_DE&cr=SE&len=290&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082662%2C24129402%2C24141079%2C24146886&afmt=250&muted=1&docid=2Gg6Seob5Mg&ei=BoHcYZijOL3AsALu7q_ADg&plid=AAXVPt_MSU9qNS5K&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2F2Gg6Seob5Mg%3Fautohide%3D1%26rel%3D0%26autoplay%3D0%26playsinline%3D1%26iv_load_policy%3D3%26modestbranding%3D1%26controls%3D0%26showinfo%3D0%26disablekb%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fpost.gzelly.app%26widgetid%3D1&of=eyPXt8HZ-6CTp8AcPmpp8A&vm=CAEQARgEOjJBS1JhaHdCWUZJb3JtR0ZYRWJmOEtPQ0lHN1I3YVhkLUxoeV80UG43cTNVblRmdG55Z2JYQVBta0tES1NJMUNrX3owNTNSVUpsU0g3UWk0c2pjaGphWHFGTTQ4am5TSDRPakdEa1RLbnUwamFvcHkxck1RZHZpRG1VbWNfM2NhSi1IV0Q4ZXRYYlpNUQ

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1
X-YouTube-Client-Version: 1.20220104.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-YouTube-Ad-Signals: dt=1641840902281&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C2133%2C1600&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 18:55:07 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/2Gg6Seob5Mg?autohide=1&rel=0&autoplay=0&playsinline=1&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fpost.gzelly.app&widgetid=1

Verdicts & Comments Add Verdict or Comment

286 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 00:05:27	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: dI93mDUcvuA
.youtube.com/	1970-01-20 04:23:12	Name: VISITOR_INFO1_LIVE Value: 4-K5nCqzJCk
.gzelly.app/	1970-01-20 02:13:36	Name: _gcl_au Value: 1.1.111350082.1641840902
.gzelly.app/	1970-01-20 17:35:12	Name: _ga_NRXKXDVVB3 Value: GS1.1.1641840901.1.0.1641840901.0
.gzelly.app/	1970-01-20 17:35:12	Name: _ga Value: GA1.1.1960820855.1641840902
.doubleclick.net/	1970-01-20 09:25:36	Name: IDE Value: AHWqTUmeGlv4MZdjtbpiByuGlEm5TqWoKB8YjqocGw2-gGZPsyVIKcSAWzDR0cqK
post.gzelly.app/	1970-01-20 00:06:53	Name: poptin_old_user Value: true
post.gzelly.app/	1970-01-20 08:49:36	Name: poptin_user_id Value: 0.rev77rmtza
.gzelly.app/	1970-01-20 09:33:47	Name: _scid Value: 65e29cd1-4401-4beb-9a16-0409d03f8409
post.gzelly.app/	1970-01-20 00:04:01	Name: poptin_referrer Value:
post.gzelly.app/	1970-01-20 00:04:02	Name: poptin_session Value: true
post.gzelly.app/	1970-01-20 00:47:12	Name: poptin_c_visitor Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.ecwid.com
bc.popt.in
cdn.popt.in
cdnjs.cloudflare.com
code-eu1.jivosite.com
code.jivosite.com
connect.facebook.net
d11s7fcxy18ubx.cloudfront.net
d1howb1wwyap5o.cloudfront.net
d1oxsl77a1kjht.cloudfront.net
d20ubqycd8ynev.cloudfront.net
d2j6dbq0eux0bg.cloudfront.net
d2scn539ulxr09.cloudfront.net
d35z3p2poghz10.cloudfront.net
d3dq8sxcny4hg.cloudfront.net
display.popt.in
don16obqbay2c.cloudfront.net
ecomm.events
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ibb.co
i.ytimg.com
img.youtube.com
infiniteapps.net
node-eu1-b-3.jivosite.com
post.gzelly.app
rr5---sn-4g5lznl7.googlevideo.com
s3.amazonaws.com
sc-static.net
static.zotabox.com
stats.zotabox.com
storage.googleapis.com
tr.snapchat.com
www.google-analytics.com
www.google.com
www.google.se
www.googleadservices.com
www.googletagmanager.com
www.youtube-nocookie.com
www.youtube.com
yt3.ggpht.com
www.youtube-nocookie.com
142.250.181.226
143.204.101.102
143.204.101.109
143.204.98.102
143.204.98.106
23.20.229.114
23.23.44.201
2600:9000:2156:1800:19:7012:e500:21
2600:9000:2156:3400:1f:f560:8d00:21
2600:9000:2156:5e00:1d:a3af:f700:21
2600:9000:2156:9200:13:2031:2340:21
2600:9000:2156:d200:19:4fd1:c1c0:21
2600:9000:2156:d800:1c:b536:2c40:21
2606:4700:10::ac43:14d9
2606:4700:20::681a:1a
2606:4700:20::ac43:464f
2606:4700::6810:135e
2a00:1450:4001:1c::a
2a00:1450:4001:802::200e
2a00:1450:4001:80f::2010
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::200e
2a00:1450:4001:828::2016
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2001
2a03:2880:f02d:100:face:b00c:0:3
2a03:90c0:41:2801::254
34.248.231.27
35.186.226.184
51.210.3.236
52.217.69.62
52.59.174.158
54.145.217.26
67.205.141.68
00986ccceb991f56c66683c71818c2b0bd629c8b06e76527e382c313312b8eb6
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0a0f280230fce0670021c1dc2e09ce8cbdbaf41d72f9df1b290aeb2f1336a02f
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
1736171148434fa5c1e7e9305ddad003f1bc1f53280483fe8aab7c5f21c00d57
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
1f0875dcba154cf9929bfce75df41eaeb2d620f7d52922474398de0044ae717b
238458332b22ccf7d78deac5a932f7d56fabaee575b8a1df679c46a65aa4583c
276271b766a4cc24d41c255a779bd78338441e7531f250db11dd299889fe7a10
2807db05f536fe45b16757ee0be3052e74fc954f23604d07c53889796adbbdab
2861a7d0393c1f8b2570d9b9c50a42ae619779841e3bb8db9870254f79326e43
28dc04feb2993b739f88ce6ff1d9668fd77d984f55b6fe7f893348c820da39f2
30fb002e576d0798f76ad5321773ac5f639a1d997d5b32e0f101a75fff148e9f
3442822849e788b64dcad03001c566ad6714b889c921a4ddbf424e507327064a
35350e2704c2ac8b38e0b9af1c446183e76f11e4505f128aed97ca3ebf7dbaac
381ab61d68b6f660509a05098ac1c79f47f584f32d798c70b471933f56136a7e
3a391983124d08ddb170774342935f68efbfe36e235c63ee7927f52fe66a4d63
3a46c4cf0b08829ac28e5ed5091c2af19e9047f13b4d574f2a19550b769ad865
3a95f56c94a6259433c3af600d3b94dac51d340ef640917dbc3dc4df8cf61087
3d0b8b1e2aa12e960bee86ffb162fc71b928c23263601f43ed3921b3040f9f7f
3e24a98d9e244538b5ec2b94adc87819c58a1ece1d46182571dde95380e2b69c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fd2858003c32f1542e7f330cfd1ef2dcd578f20c39bfdd22d70c57a801502b0
425d1d68327cf068242bd1e51c26a6c0b1d12cd272649c42fcbd98bfc2b6371e
4917b03fbafd16cab1231c47d7c098e49c8beaf93d791e0e39a411eeda81d846
4c24279c93823302ef33a2832f1a94a1ff488acecdc583366ec72387bec49088
5030ddf2cd7b49451b8eb3ffe83e8a6b00e44bf8838801db88ca4cca70d14799
54a18f0d8110ab6e8abcb3de87d3cac951e1aab09f04433682d9194d34888bbf
56c1b70e17d0b97d71ca7b4d72a3017c3e6ab0c2cf89c568d843bfb900d18b36
59e0a592ba2ac39f4d576730491c1ff22ac5ebb8db78be29b7dea9cf3491fbee
5e3d5ce737a661dc433097bcc8e8be79b22b088845273117d9608ba40fcbed96
6053ee912acf9c953811c726237f9a2cd26a19edd678cab3a87918c0168c0fd0
61f6b4a28a7d0a26f960dc103f3b251dae9a913258fc4c1ea514f38053cc3298
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b77e6042e69c1bfe1735bed3e3f048ac6c735a3975d5bfae61af5f2019b70e8
6c010e3f3b4e4809f85624468364b1f3b7845d002d70b1f410623ec9ee6feeda
7090874b6b2d9d60d7bafa4ebb9b30c446189a60f7547a66afb611f33ad7fd71
72b8dc7f4b9c9684a83daa124dbc29490bc53d6b9284b56c5c871b456493c07c
7455a7beb064980d0ba2117c37adcc80978ccb52644785685cfef2c75aa8d8ee
75610c6494227b111f5a19b68f8b38559031a56c74f143826226e6b35f029ce3
76c74a713d7b3d5d6f4d08bfa8cd34e448bffb019d3a920611c5f064b780ae08
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8616d474d34514e7de3d775aef6524395dcfb4f22a56c500853b68ef3117c307
86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4
8b18652ad7a05132edaff04c7e925ef9b6d267555e8a8a31808d818723234f71
8c46c048ebab0df5178bbaab77ecd40f67ae3d5db6ae092c4c90cb558762b393
8f3110d1e400c4a9b521a9aa2c2732590bb092bc5f0c977849c2e153d13491fa
902d07b2c824260875e4d841139be9afcdfd28663541a476b35e56b974525f73
90421b5c121d0926145a63c2785b0db56489c779655554e43069be6323af3848
937ba600eb7ee476ac14cba807ca2170e923103084d28313727d1cff898a2067
93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c
941aa6fac992fb30b1dfb72dced25c7f8642c750408bd884ae002409fc6c0960
9505cfd53ed1d0b4342c489160b49506c63e5a94849fdf0f681e5b5afe5954d9
955d009f1c2034c355d10e1c2991e35eed812fb4d2953908a306f160370dab30
957b5b3f95c6eb9d8da513b14e6c5d6bf5cecf22da694602060a7aab7f31bb4c
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
9716b8d721b93967d808c6bcb4c199274a5a0cd2fb8decb7959f66d81f8869ae
9720baac876767ba2d112d315e6c062eb18fa7cb4b800005e14be6ba0da58f26
9917a212205446922e6f138ed3b7b60e25f976f6e832426f72b6978bf1dfab39
994d0ae2aff5152e23e49b26e214e30f9c6eb13c3d879026b7e1570978e87005
9ac6a37f401fcece19658f1e5178ff0898edbb4314b3a4390b8400568c3cd081
9b45b0c731520b4ff5180051277fb1a61e0e79bf06d22f35c4c6b4b778f4570b
9f3cde1a0dee6bc16a719be9d1f43e730fc3f67566764eedb1af6b1229838457
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a30efe5482066576af9976d7b0716c88d2ccd05e54bfb481bd8485427945dbd0
aa04aff9dcc8b61e212195a40332f720b37e2cbb3adc225002dcefcdc6d765cb
b14e416f4af207200a176b8075f45d8b78b20940bbb5083f471cf83d3830eb9d
b1e059aebb69545ec4e01b00c44d9e7e49181a019a6f87c9df5a7aec4e4e5a47
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b242e37730efd34887272253bf8722777e34da1e560ad807cd3744877140a0c2
b3b769113723dfae07d1396e9679a2bcc417461318c6c438996375e254283953
c2334b1ac1829e761eca4bf5ac0baf8174677c6bc7888e32fb39469b75f026eb
c713be9614a41217d36aec0a6831eac62b6663f71b5fcc8b59073d877360c054
c942f473e933e9b792b3f7535ee45bc78e6e48a00baa8d1e622b90d4d25a30ae
cc30f7b46bc71c0888305e3e2ba268408505fc3918717626dbae49448ddf33cb
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6
cfc7d8e929b8b1848437fadbb6b1e7542ad3f9debeb90c5324071b000ac24c06
d16ece592cf3dc7d51e6a68c109d9c754d8345ed64840cfa1546116762fcb93c
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de0fbdbe8171fd287995b3edac29e195ec0a469bf25d4cb4ff70b92bfc334807
de18ac123e3c23a7541de9362edce3ffff2dc1e16af2761ba8cfb032984fd821
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df809b51cefcd2293e28c115257f6e035605ce3fe3d04e68463f8e62c5260f27
e0b7921643f7532d24de96c8091ff3e05dbb81a98f6fe56120d6657a40ca80dd
e27ded914c91b0d28bb3250b9b53e45d360372cfcf8643969ad0d77b74779d08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e428953371a1aea7cb123bad80ea8d50fcd01b75bfd6289c8601262d2836c703
e4ac41f775ab76a76a355f96df649056c109be9ba5b7319d94bc0180e17daeaf
e64210bc5df652430818348d474ae4e4339c142d2426a3aaf93d80dff2be5d4a
e6ecfd1daac5c0eac2b8e47c43b893aee49524cdd77ff16a0c2b3fc792eac0df
ee0127ee0b8403e55b50748b2e3bec36d8e74b9fe4068412d67b0acd9ff54790
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03fc73b13c16798d248b1260135461dab13eb93299a19d712a4682954d0ae48
f29fe574d05e18731d7cd82aa8f6533112884a20a3627f993bc5bdbe90efaaba
f89c7fbeb467aa2219bb6328b3aabd2d78d9941372826b17a99ad8eac94c7b51
f8b0e1fa9bd55e670d2c0a39f451976b6694bc1e3cb5d2dcb082be0a4f65de8f
f900120ba96fec1f6c1c7d4950b385d223d1e08fcc13c50d67699fbe559b0a5f
fade9d28ebeb2a9986a36f992bbd1553daf19c160ff0350689488d1a1c2743f7
fd89aa9f859c7e784a7c6e10e7ed853b399c6c4c70f968f2c9036be8735dd250
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

post.gzelly.app Open in urlscan Pro 23.23.44.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

121 Requests

99 %HTTPS

64 %IPv6

27 Domains

42 Subdomains

40 IPs

4 Countries

5590 kBTransfer

14813 kBSize

13 Cookies

9 Outgoing links

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

post.gzelly.app Open in urlscan Pro
23.23.44.201 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

99 %
HTTPS

64 %
IPv6

27
Domains

42
Subdomains

40
IPs

4
Countries

5590 kB
Transfer

14813 kB
Size

13
Cookies

121 HTTP transactions
4 data transactions