urlscan.io logo urlscan.io
SecurityTrails logo

www.blogto.com Open in urlscan Pro
54.224.169.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Submission: On October 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 111 IPs in 9 countries across 83 domains to perform 584 HTTP transactions. The main IP is 54.224.169.121, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.blogto.com. The Cisco Umbrella rank of the primary domain is 521296.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 28th 2023. Valid for: a year.
This is the only time www.blogto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 54.224.169.121 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 65.9.66.95 16509 (AMAZON-02)
20 34.111.196.223 396982 (GOOGLE-CL...)
18 108.138.7.46 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
12 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:205... 16509 (AMAZON-02)
38 13.32.99.42 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
8 2a03:2880:f08... 32934 (FACEBOOK)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 5 13.32.99.105 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
5 2606:2800:234... 15133 (EDGECAST)
5 108.138.17.46 16509 (AMAZON-02)
2 18.66.112.59 16509 (AMAZON-02)
5 54.68.107.242 16509 (AMAZON-02)
1 2a04:4e42:e00... 54113 (FASTLY)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
7 2a00:1450:400... 15169 (GOOGLE)
3 2620:116:800d... 16509 (AMAZON-02)
2 52.218.132.232 16509 (AMAZON-02)
5 92.123.104.161 20940 (AKAMAI-ASN1)
1 18.211.77.186 14618 (AMAZON-AES)
1 108.138.17.6 16509 (AMAZON-02)
2 9 2a03:2880:f17... 32934 (FACEBOOK)
3 104.244.42.8 13414 (TWITTER)
1 2600:9000:223... 16509 (AMAZON-02)
22 3.33.246.75 16509 (AMAZON-02)
2 108.138.7.54 16509 (AMAZON-02)
6 23.35.229.56 16625 (AKAMAI-AS)
56 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
2 52.25.81.85 16509 (AMAZON-02)
11 20 142.250.186.66 15169 (GOOGLE)
6 15 104.18.27.193 13335 (CLOUDFLAR...)
6 16 37.252.171.52 29990 (ASN-APPNEX)
4 8 34.254.117.183 16509 (AMAZON-02)
18 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:249... 16509 (AMAZON-02)
5 45.133.44.4 39572 (ADVANCEDH...)
6 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 52.203.176.4 14618 (AMAZON-AES)
12 142.250.185.194 15169 (GOOGLE)
6 34.117.19.225 396982 (GOOGLE-CL...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
12 2600:9000:223... 16509 (AMAZON-02)
17 2600:1f13:800... 16509 (AMAZON-02)
1 3.215.243.137 14618 (AMAZON-AES)
9 108.138.1.25 16509 (AMAZON-02)
4 2a0c:5c87:524... 55081 (24SHELLS)
3 99.86.4.39 16509 (AMAZON-02)
2 2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 6 2606:4700:20:... 13335 (CLOUDFLAR...)
8 23.67.137.210 16625 (AKAMAI-AS)
2 65.9.66.122 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 34.249.118.122 16509 (AMAZON-02)
5 108.138.9.235 16509 (AMAZON-02)
4 54.164.248.204 14618 (AMAZON-AES)
5 5 46.228.174.117 56396 (AMOBEE)
1 1 23.56.202.187 16625 (AKAMAI-AS)
2 23.35.229.251 16625 (AKAMAI-AS)
1 98.98.134.242 21859 (ZEN-ECN)
3 34.98.64.218 396982 (GOOGLE-CL...)
3 23.35.236.201 16625 (AKAMAI-AS)
2 5 51.89.9.252 16276 (OVH)
2 76.223.111.18 16509 (AMAZON-02)
3 216.52.2.6 30282 (AS-INAPCD...)
1 2 2.21.20.200 20940 (AKAMAI-ASN1)
1 3.66.123.6 16509 (AMAZON-02)
2 69.166.1.34 27630 (AS-XFERNET)
1 18.214.104.9 14618 (AMAZON-AES)
1 192.132.33.68 18568 (BIDTELLECT)
3 3.125.57.54 16509 (AMAZON-02)
4 44.208.202.9 14618 (AMAZON-AES)
1 2 209.54.182.161 16509 (AMAZON-02)
3 35.71.131.137 16509 (AMAZON-02)
1 52.49.222.43 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 35.214.170.103 15169 (GOOGLE)
1 72.251.241.204 32475 (SINGLEHOP...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 3 185.64.190.78 62713 (AS-PUBMATIC)
2 23.35.237.56 16625 (AKAMAI-AS)
1 147.75.84.158 54825 (PACKET)
4 185.83.71.234 55081 (24SHELLS)
2 3 2001:678:cb4:... 56396 (AMOBEE)
1 35.227.252.103 15169 (GOOGLE)
1 2 69.173.144.165 26667 (RUBICONPR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
13 185.64.189.112 62713 (AS-PUBMATIC)
5 18.194.124.175 16509 (AMAZON-02)
2 6 130.211.23.194 15169 (GOOGLE)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 142.250.184.230 15169 (GOOGLE)
2 141.95.98.65 16276 (OVH)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
1 81.17.55.122 60781 (LEASEWEB-...)
1 108.138.17.40 16509 (AMAZON-02)
1 3.71.149.231 16509 (AMAZON-02)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
1 151.101.129.108 54113 (FASTLY)
1 2600:9000:223... 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 2600:9000:211... 16509 (AMAZON-02)
584 111
2    54.224.169.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-169-121.compute-1.amazonaws.com
www.blogto.com
4    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    65.9.66.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-95.fra56.r.cloudfront.net
launcher-sa.spot.im
20    34.111.196.223 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.196.111.34.bc.googleusercontent.com
asset.fwcdn3.com
18    108.138.7.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-46.fra56.r.cloudfront.net
static.blogto.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
12    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
9    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
googleads.g.doubleclick.net
3    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    2600:9000:2057:9a00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
38    13.32.99.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-42.fra60.r.cloudfront.net
media.blogto.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
8    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
5    13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googlesyndication.com
7    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
5    108.138.17.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-46.fra56.r.cloudfront.net
api-2-0.spot.im
2    18.66.112.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-59.fra56.r.cloudfront.net
publisher-assets.spot.im
5    54.68.107.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-107-242.us-west-2.compute.amazonaws.com
p2.fwpixel.com
1    2a04:4e42:e00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
2    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
7    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
3    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
2    52.218.132.232 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
5    92.123.104.161 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-104-161.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    18.211.77.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-77-186.compute-1.amazonaws.com
ping.chartbeat.net
1    108.138.17.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-6.fra56.r.cloudfront.net
direct-events-collector.spot.im
9    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2600:9000:223c:3a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
22    3.33.246.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: af2c2cffbd40f9b4e.awsglobalaccelerator.com
fireworkapi1.com
fireworkadservices1.com
fireworkanalytics.com
2    108.138.7.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-54.fra56.r.cloudfront.net
static-cdn.spot.im
6    23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com
a.teads.tv
t.teads.tv
56    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
25    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    52.25.81.85 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-81-85.us-west-2.compute.amazonaws.com
o.momently.info
20    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
15    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
16    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
8    34.254.117.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-117-183.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
18    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    2600:9000:2491:8a00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
5    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.spotim.market
player.adtelligent.com
6    2a02:26f0:3500:595::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
3    52.203.176.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-176-4.compute-1.amazonaws.com
track1.aniview.com
12    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
6    34.117.19.225 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 225.19.117.34.bc.googleusercontent.com
cdn4.fireworktv.com
1    2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
12    2600:9000:223f:8600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
17    2600:1f13:800:7782:763d:a432:e71e:5bc1 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
1    3.215.243.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-243-137.compute-1.amazonaws.com
go1.aniview.com
9    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
4    2a0c:5c87:5241::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.spotim.market
3    99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
2    2606:4700:10::ac43:4e7 (United States)

ASN13335 (CLOUDFLARENET, US)
c.aaxads.com
6    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
8    23.67.137.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-137-210.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
2    2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
2    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
3    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
2    34.249.118.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-118-122.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
5    108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net
aax.amazon-adsystem.com
4    54.164.248.204 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-248-204.compute-1.amazonaws.com
sync.aniview.com
5    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    216.52.2.6 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    2.21.20.200 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-200.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    3.66.123.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-123-6.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    69.166.1.34 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    18.214.104.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-104-9.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
1    192.132.33.68 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 68.bidtellect.com
bttrack.com
3    3.125.57.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-57-54.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    44.208.202.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-202-9.compute-1.amazonaws.com
s2s.aniview.com
2    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    52.49.222.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-222-43.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    35.214.170.103 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 103.170.214.35.bc.googleusercontent.com
csync.loopme.me
1    72.251.241.204 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)
proc.ad.cpe.dotomi.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
1    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    185.83.71.234 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
sync.spotim.market
sync.adtelligent.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    2606:4700::6813:9f13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
13    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    18.194.124.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-124-175.eu-central-1.compute.amazonaws.com
tlx.3lift.com
6    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
4    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
2    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
ad.doubleclick.net
2    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
id5-sync.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    81.17.55.122 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync.smartadserver.com
1    108.138.17.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-40.fra56.r.cloudfront.net
pix.spot.im
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    2600:9000:223d:3e00:10:43f:4352:ad61 (United States)

ASN16509 (AMAZON-02, US)
gw.geoedge.be
1    85.114.159.93 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    2600:9000:211e:f800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
Apex Domain
Subdomains		 Transfer
89 googlesyndication.com
googlesyndication.com — Cisco Umbrella Rank: 95
3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
501 KB
58 blogto.com
www.blogto.com — Cisco Umbrella Rank: 521296
static.blogto.com — Cisco Umbrella Rank: 615076
media.blogto.com — Cisco Umbrella Rank: 378371
5 MB
56 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
ad.doubleclick.net — Cisco Umbrella Rank: 173
678 KB
37 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1153
static.adsafeprotected.com — Cisco Umbrella Rank: 720
dt.adsafeprotected.com — Cisco Umbrella Rank: 658
448 KB
20 fwcdn3.com
asset.fwcdn3.com — Cisco Umbrella Rank: 25352
479 KB
19 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 588
image6.pubmatic.com — Cisco Umbrella Rank: 967
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581
19 KB
19 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 334
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657
aax.amazon-adsystem.com — Cisco Umbrella Rank: 426
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
214 KB
18 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2378
track1.aniview.com — Cisco Umbrella Rank: 2622
go1.aniview.com — Cisco Umbrella Rank: 6508
sync.aniview.com — Cisco Umbrella Rank: 2431
s2s.aniview.com — Cisco Umbrella Rank: 4549
288 KB
18 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
331 KB
17 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
secure.adnxs.com — Cisco Umbrella Rank: 542
acdn.adnxs.com — Cisco Umbrella Rank: 663
30 KB
15 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
ssum.casalemedia.com — Cisco Umbrella Rank: 1490
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
8 KB
12 btloader.com
btloader.com — Cisco Umbrella Rank: 1081
api.btloader.com — Cisco Umbrella Rank: 1150
17 KB
12 spot.im
launcher-sa.spot.im — Cisco Umbrella Rank: 13364
api-2-0.spot.im — Cisco Umbrella Rank: 2824
publisher-assets.spot.im — Cisco Umbrella Rank: 4831
direct-events-collector.spot.im — Cisco Umbrella Rank: 4619
static-cdn.spot.im — Cisco Umbrella Rank: 4570
pix.spot.im — Cisco Umbrella Rank: 4872
126 KB
11 spotim.market
player.spotim.market — Cisco Umbrella Rank: 7727
ghb.spotim.market — Cisco Umbrella Rank: 8455
sync.spotim.market — Cisco Umbrella Rank: 3573
190 KB
10 fireworkapi1.com
fireworkapi1.com — Cisco Umbrella Rank: 49854
20 KB
9 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
28 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2714
2 KB
8 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1235
208 KB
8 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1558
t.teads.tv — Cisco Umbrella Rank: 3060
sync.teads.tv — Cisco Umbrella Rank: 1584
135 KB
8 fireworkadservices1.com
fireworkadservices1.com — Cisco Umbrella Rank: 55889
4 KB
8 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1192
syndication.twitter.com — Cisco Umbrella Rank: 1427
148 KB
7 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 434
tlx.3lift.com — Cisco Umbrella Rank: 659
3 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
352 KB
6 fireworktv.com
cdn4.fireworktv.com — Cisco Umbrella Rank: 52289
115 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
825 B
5 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1191
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
12 KB
5 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 2304
gw.geoedge.be — Cisco Umbrella Rank: 2732
394 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 766
140 KB
5 fwpixel.com
p2.fwpixel.com — Cisco Umbrella Rank: 14842
711 B
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 179
6 KB
4 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1176
2 KB
4 openx.net
u.openx.net — Cisco Umbrella Rank: 739
us-u.openx.net — Cisco Umbrella Rank: 547
rtb.openx.net — Cisco Umbrella Rank: 912
755 B
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 649
2 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1164
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073
24 KB
4 fireworkanalytics.com
fireworkanalytics.com — Cisco Umbrella Rank: 74547
27 KB
4 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 957
271 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
174 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
248 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
r.turn.com — Cisco Umbrella Rank: 4738
1 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
445 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
436 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
277 B
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2033
a.ad.gt — Cisco Umbrella Rank: 2191
4 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1156
id5-sync.com — Cisco Umbrella Rank: 470
59 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1348
pixel.quantserve.com — Cisco Umbrella Rank: 1147
cms.quantserve.com — Cisco Umbrella Rank: 929
10 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2250
ssl.google-analytics.com — Cisco Umbrella Rank: 518
18 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1738
mab.chartbeat.com — Cisco Umbrella Rank: 2811
25 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3981
onesignal.com — Cisco Umbrella Rank: 1303
73 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1090
assets.a-mo.net — Cisco Umbrella Rank: 2099
709 B
2 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3029
791 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1111
851 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 620
1 KB
2 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2088
19 KB
2 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 4658
290 B
2 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 7392
sync.adtelligent.com — Cisco Umbrella Rank: 3512
2 KB
2 momently.info
o.momently.info — Cisco Umbrella Rank: 319630
360 B
2 amazonaws.com
s3-us-west-2.amazonaws.com
9 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6147
515 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
730 KB
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 893
237 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617
584 B
1 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 895
193 B
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
125 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
712 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145
274 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343
475 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1504
283 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
289 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 12024
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 624
433 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1013
163 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2652
368 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 621
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 847
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 951 Failed
45 B
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1858
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1263
642 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1445
201 B
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1649
567 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
902 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
751 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
27 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
584 83
Domain Requested by
56 pagead2.googlesyndication.com 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
www.blogto.com
c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
rumcdn.geoedge.be
58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
38 media.blogto.com www.blogto.com
25 tpc.googlesyndication.com 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
www.blogto.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
rumcdn.geoedge.be
20 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
20 asset.fwcdn3.com www.blogto.com
asset.fwcdn3.com
18 s0.2mdn.net www.blogto.com
s0.2mdn.net
rumcdn.geoedge.be
18 static.blogto.com www.blogto.com
static.blogto.com
17 dt.adsafeprotected.com 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
www.blogto.com
c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
14 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
player.aniview.com
acdn.adnxs.com
13 hbopenbid.pubmatic.com player.aniview.com
12 static.adsafeprotected.com 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
srcdoc
c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
rumcdn.geoedge.be
12 googleads4.g.doubleclick.net www.blogto.com
rumcdn.geoedge.be
12 securepubads.g.doubleclick.net www.blogto.com
www.googletagservices.com
securepubads.g.doubleclick.net
rumcdn.geoedge.be
10 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum.casalemedia.com
10 fireworkapi1.com asset.fwcdn3.com
9 c.amazon-adsystem.com player.spotim.market
c.amazon-adsystem.com
player.aniview.com
9 www.facebook.com 2 redirects www.blogto.com
connect.facebook.net
static.xx.fbcdn.net
8 secure.cdn.fastclick.net rumcdn.geoedge.be
secure.cdn.fastclick.net
www.blogto.com
8 fw.adsafeprotected.com 4 redirects www.blogto.com
rumcdn.geoedge.be
8 googleads.g.doubleclick.net 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
pagead2.googlesyndication.com
c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
rumcdn.geoedge.be
8 fireworkadservices1.com asset.fwcdn3.com
7 www.google.com 1 redirects www.blogto.com
tpc.googlesyndication.com
c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
rumcdn.geoedge.be
7 www.googletagservices.com www.blogto.com
securepubads.g.doubleclick.net
3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
a.teads.tv
c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
rumcdn.geoedge.be
6 api.btloader.com 2 redirects www.blogto.com
c.aaxads.com
6 btloader.com 4 redirects www.blogto.com
6 cdn4.fireworktv.com www.blogto.com
6 player.aniview.com static-cdn.spot.im
player.aniview.com
5 tlx.3lift.com player.aniview.com
5 onetag-sys.com 2 redirects player.aniview.com
rumcdn.geoedge.be
58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
5 aax.amazon-adsystem.com c.amazon-adsystem.com
5 analytics.tiktok.com www.blogto.com
analytics.tiktok.com
5 p2.fwpixel.com asset.fwcdn3.com
5 api-2-0.spot.im launcher-sa.spot.im
static-cdn.spot.im
5 platform.twitter.com www.blogto.com
platform.twitter.com
5 sb.scorecardresearch.com 1 redirects www.blogto.com
4 ad-delivery.net www.blogto.com
c.aaxads.com
4 ssum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
www.blogto.com
4 s2s.aniview.com player.aniview.com
4 sync.1rx.io 4 redirects
4 sync.aniview.com player.aniview.com
ssum.casalemedia.com
4 ghb.spotim.market player.spotim.market
4 fireworkanalytics.com asset.fwcdn3.com
4 player.spotim.market www.blogto.com
rumcdn.geoedge.be
4 rumcdn.geoedge.be static-cdn.spot.im
rumcdn.geoedge.be
player.spotim.market
www.blogto.com
4 static.xx.fbcdn.net www.facebook.com
4 connect.facebook.net www.blogto.com
connect.facebook.net
4 www.googletagmanager.com www.blogto.com
www.googletagmanager.com
3 sync.spotim.market rumcdn.geoedge.be
www.blogto.com
prebid.a-mo.net
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
3 match.adsrvr.org ssum.casalemedia.com
c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
3 x.bidswitch.net www.blogto.com
c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
3 ap.lijit.com player.aniview.com
rumcdn.geoedge.be
www.blogto.com
3 ads.pubmatic.com player.aniview.com
rumcdn.geoedge.be
3 config.aps.amazon-adsystem.com rumcdn.geoedge.be
c.amazon-adsystem.com
3 track1.aniview.com www.blogto.com
player.aniview.com
3 t.teads.tv www.blogto.com
3 a.teads.tv securepubads.g.doubleclick.net
a.teads.tv
3 syndication.twitter.com platform.twitter.com
www.blogto.com
3 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ad.doubleclick.net www.blogto.com
c.aaxads.com
2 ad.turn.com 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 sync.go.sonobi.com player.aniview.com
2 ads.stickyadstv.com 1 redirects player.aniview.com
2 eb2.3lift.com player.aniview.com
2 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
2 secure.adnxs.com 2 redirects
2 58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com securepubads.g.doubleclick.net
rumcdn.geoedge.be
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 id.hadron.ad.gt cdn.hadronid.net
2 cdn.id5-sync.com rumcdn.geoedge.be
www.blogto.com
2 cdn.hadronid.net www.blogto.com
2 tags.crwdcntrl.net rumcdn.geoedge.be
www.blogto.com
2 c.aaxads.com 2 redirects
2 c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 o.momently.info s3-us-west-2.amazonaws.com
2 static-cdn.spot.im launcher-sa.spot.im
2 region1.analytics.google.com www.googletagmanager.com
2 s3-us-west-2.amazonaws.com www.googletagmanager.com
s3-us-west-2.amazonaws.com
2 www.google.de www.blogto.com
2 stats.g.doubleclick.net 1 redirects www.googletagmanager.com
2 publisher-assets.spot.im launcher-sa.spot.im
www.blogto.com
2 ssl.google-analytics.com 1 redirects www.blogto.com
2 static.chartbeat.com www.blogto.com
2 cdn.onesignal.com www.blogto.com
cdn.onesignal.com
2 cdn.jsdelivr.net www.blogto.com
cdn.jsdelivr.net
2 www.blogto.com static.blogto.com
1 s.ad.smaato.net 58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 gw.geoedge.be rumcdn.geoedge.be
1 acdn.adnxs.com player.aniview.com
1 bidder.criteo.com player.aniview.com
1 ups.analytics.yahoo.com googleads.g.doubleclick.net
1 id5-sync.com cdn.id5-sync.com
1 pix.spot.im launcher-sa.spot.im
1 um.simpli.fi 1 redirects
1 cms.quantserve.com c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
1 r.turn.com c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 assets.a-mo.net prebid.a-mo.net
1 token.rubiconproject.com eus.rubiconproject.com
1 rtb.openx.net www.blogto.com
1 sync.adtelligent.com www.blogto.com
1 sync.targeting.unrulymedia.com 1 redirects
1 prebid.a-mo.net rumcdn.geoedge.be
1 a.ad.gt rumcdn.geoedge.be
1 cm.adgrx.com ssum.casalemedia.com
1 csync.loopme.me 1 redirects
1 ad4m.at ssum.casalemedia.com
1 match.prod.bidr.io ssum.casalemedia.com
1 bttrack.com player.aniview.com
1 cs-server-s2s.yellowblue.io player.aniview.com
1 match.sharethrough.com player.aniview.com
1 u.openx.net player.aniview.com
1 pixel-sync.sitescout.com player.aniview.com
1 secure-assets.rubiconproject.com 1 redirects
1 ssbsync.smartadserver.com player.aniview.com
c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
1 ssum.casalemedia.com player.aniview.com
1 player.adtelligent.com player.spotim.market
1 go1.aniview.com player.aniview.com
1 code.createjs.com s0.2mdn.net
1 pixel.quantserve.com www.blogto.com
1 rules.quantcount.com secure.quantserve.com
1 onesignal.com cdn.onesignal.com
1 direct-events-collector.spot.im launcher-sa.spot.im
1 ping.chartbeat.net www.blogto.com
1 secure.quantserve.com www.googletagmanager.com
1 mab.chartbeat.com static.chartbeat.com
1 polyfill.io asset.fwcdn3.com
1 googlesyndication.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com static.blogto.com
1 partner.googleadservices.com www.blogto.com
1 cdnjs.cloudflare.com www.blogto.com
1 launcher-sa.spot.im www.blogto.com
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
584 140
Subject Issuer Validity Valid
blogto.com
Amazon RSA 2048 M01		 2023-06-28 -
2024-07-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.spot.im
Amazon RSA 2048 M02		 2023-09-03 -
2024-09-30		 a year crt.sh
asset.fwcdn3.com
GTS CA 1D4		 2023-10-02 -
2023-12-31		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
media.blogto.com
Amazon RSA 2048 M01		 2023-06-03 -
2024-07-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-20 -
2023-10-18		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
fwpixel.com
Amazon RSA 2048 M02		 2023-07-15 -
2024-08-11		 a year crt.sh
polyfill.io
Certainly Intermediate R1		 2023-10-03 -
2023-11-02		 a month crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2023-12-28		 9 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
fireworktv.com
Amazon RSA 2048 M01		 2023-08-14 -
2024-09-11		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.momently.info
Amazon RSA 2048 M02		 2023-09-25 -
2024-10-24		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
player.spotim.market
R3		 2023-08-18 -
2023-11-16		 3 months crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-11 -
2024-09-11		 a year crt.sh
cdn4.fireworktv.com
GTS CA 1D4		 2023-08-13 -
2023-11-11		 3 months crt.sh
tls.adobe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-08 -
2024-03-10		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
player.adtelligent.com
R3		 2023-09-16 -
2023-12-15		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
ghb.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-08-19 -
2023-11-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-04 -
2024-04-21		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-09 -
2024-01-26		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
*.a-mo.net
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-09-21 -
2023-12-20		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh

This page contains 76 frames:

Primary Page: https://www.blogto.com/bakery/luna-bakery-toronto/
Frame ID: EAD2791031D14A89F3DFB86B14A1520C
Requests: 234 HTTP requests in this frame

Frame: https://www.google.com/
Frame ID: BC1F884A8CF2E98FAC23F1C65A5FB235
Requests: 1 HTTP requests in this frame

Frame: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 374B26B0A3950BBE76BED67CB9963390
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.blogto.com
Frame ID: 58C3624B99FCF40A21515632B4866EBF
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=100616073343311&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df39aa4d3feb0bc8%26domain%3Dwww.blogto.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogto.com%252Ff29da18de8ceb9%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&layout=button_count&locale=en_US&sdk=joey
Frame ID: 27F17EE9BF6EAB048FFDB5D9D16872B9
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/comments.php?app_id=100616073343311&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2db8e31f1f1578%26domain%3Dwww.blogto.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogto.com%252Ff29da18de8ceb9%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=http%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&locale=en_US&sdk=joey&version=v2.5&width=550
Frame ID: A536A71A9F47A3411D50B3F36637B2E4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/comments.php?app_id=100616073343311&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1032ca5527f694%26domain%3Dwww.blogto.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogto.com%252Ff29da18de8ceb9%26relation%3Dparent.parent&container_width=740&height=100&href=http%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&locale=en_US&numposts=4&sdk=joey&version=v2.5&width=
Frame ID: 3025FDC09CFF9F00A63BF052CC446BC8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D100616073343311%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3c6beb97b9618%2526domain%253Dwww.blogto.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.blogto.com%25252Ff29da18de8ceb9%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fblogto%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D300
Frame ID: 53D969F405FE3D91E35AA2CAA7AAA0CE
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html
Frame ID: 0853EB2BFEA1585962C9D3E10D2683BF
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html
Frame ID: D7CC6F14C4C1DAADA187CF1B9D0CCBC4
Requests: 1 HTTP requests in this frame

Frame: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 302772C381EC28A581535F04B6DA3E3D
Requests: 26 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJGK8KlhJI5GSVpeXL1n_SA7Wm8ML611rhHCpfTbWqC12fwgP99CumEnUsdVh-4CFb4pnMZzRhKxqn3fbDt31gUwKDmKAMHEtSXGLMhVnmwnbz_m7ZnIg31WJuBeCOyrKH1h6KVDBaDm4DiKOh2CMDNLB2Mk4Ta2bOESe5Hm_OyPim07EqU0rQxDfGTwc2lN1ahg1lH4hN5dcx1AhuFfVKtE-MRcZJGU8-wTzDFWHNsblVzq77Dyu2p8pIDudEZf24tfTbVrrRb6j9ZVmtV9gUCxi0G160j1hUvyqx9tg_6MLwdqZaApUqpSyO-NWquo7KyhESb89H2luBr1W8sNfelIdT7CvjqFRXvkTsLBv8eODcWD3CtQ&sai=AMfl-YSiEEgvwlzCmxuqFppQLiZa7Tc7_2ts84TAWNwV9lbka5BiTl9FgB16acyjZHL1kNGeWDYOln6Ktz6DAN09hLiCiL2YxXd1srsDFV3kqdYHdk_Ca5d_TcOoXju24TbaXwKiZjgXH6dwCmuvD7-f&sig=Cg0ArKJSzDbsdSRgqEHmEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3B78A72A89EE1452B3AAF7B66B8D8330
Requests: 5 HTTP requests in this frame

Frame: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7DB4B2B53EF5FEF1BDD7302EF6CA2511
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGL_tr-kBMAE&v=APEucNXF_FxdJZ6Fcr7caotsbouyhvh4x-nmTpYTsThwWKazr9sIYUI03_DDhNvUazfqI11sNdk6QxUZQmY4QWSf3O1G1y9AmEXgJlmCIzyA4fz8waeTc1245CSb5ms3dxs2Fc_VcaiKtWLemFMVsNZDvxot3hUfqUlDzBqwpOnBlu2VdeCz4-o
Frame ID: DBE4F5DE5E9A85D989A9E0AD528FD597
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPmChOMCEJfSweQCGN_19_IBMAE&v=APEucNXNuRfN_0cLBKCY8QEtmiKEHclp04YPONiWnat7Ypsq_wg7m9ybCRBB4t60y3hFd4hucDH-KfuIbJXHKrx1tlTd6YiegazcNcLnsN1B-ZTlQJWGFo9zcvfequwjCi6f8IS7AvG6AL5zzRBZV9I5MhnK1CyouVkN7uZM2xHEZBtkFoh3zmg
Frame ID: D1763D73BABB19A500E54DE9E529631F
Requests: 5 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: BD7F55C3A2BCB93510AF4916F33D8B4A
Requests: 47 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 8CF5D3F91B012F699E40E95F9A9B7F52
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10675493309707581418/index.html?ev=01_250
Frame ID: 78F5F5F11875E6C272D8B676D814E55B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3D8C5D56C43551E8A9092811477477C8
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D04C00680925CD88358688736CB39563
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 88CD4A36DCE01BD95653C8AED4418337
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
Frame ID: 09BD78F80677D41ECE05242B36AEC2FA
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 403A74F2F455D7EE64E6A94ECCD76452
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 2E1E6B40ED6C4D9482F12D532AE26758
Requests: 6 HTTP requests in this frame

Frame: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C8323D4000BF392599675AAD634B6514
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_970x250.js
Frame ID: D660A3496EBBC4EEE8DA0A36CC4CC0A2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 93051B322CFE3402A02E48E761BB0283
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F262533EA49133770FE8B166894D5DB2
Requests: 2 HTTP requests in this frame

Frame: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 74EEC5D0DAFC95EC635EFAD70B336649
Requests: 27 HTTP requests in this frame

Frame: https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A38C68C8B54CF72907F9BA9C95B88BB6
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D42%26key%3D
Frame ID: 0379B58C4A7DB7C560909396DDBFA222
Requests: 10 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1696898348168-945556496869-001642-010-000522&biddername=55&key=6300135777869648842
Frame ID: 1E717CC9B52604B0D55C9E3003D9D6FE
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1696898348168-945556496869-001642-010-000522&biddername=200&key=OPTOUT
Frame ID: 23FA1800E013B64A8E015CCD14A34D84
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=1&gdpr_consent=&rdir=
Frame ID: BA7171C3CC851D560C325A3C740412D9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: 877B04810FF12F185C04ABCA801C9840
Requests: 3 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D
Frame ID: 486026848A5C248FF42D9231A43D3300
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=5c25ba01-8014-471d-b115-9488b0bab07b&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D23%26key%3D
Frame ID: 3271CC0C21F736F0C9ADF6FAA4D75A21
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D1%26key%3D
Frame ID: 0D3A4F83B11FDF9AD24D0F5B66F55DD6
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=[AV_GDPR]&gdpr_consent=[AV_CONSENT]&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 49E3DA9A5E150199224274B37252521F
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D41%26pid%3D5e0e296628a061270b21ccab%26key%3D%24UID
Frame ID: 1D57133B0468227C7C4B91B7B917446A
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D18%26key%3D%24UID
Frame ID: 3EFD68CDB145834DA711C2068FD7B473
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=ffab7fb82a22ec4a8ac1a75d3272e2ba&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: E945300F1CAE092AFD1DBA2F42D53758
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 7905513B2A617DED87946EFA4A2657B3
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=E5RP5Qpb&gdpr=1&consent=&us_privacy=1---
Frame ID: DD1E3C904A31451EB2917CD823420345
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D60%26key%3D%5BUID%5D
Frame ID: 617E8CE3EED157550106EE8E81C6802E
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=aniview
Frame ID: 182DFC218457C89101DC9B2D9A35DA42
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D80%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BpartnerId%7D
Frame ID: C182EDD0BF4171447E743D1FE72C2F99
Requests: 1 HTTP requests in this frame

Frame: https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D204%26pid%3D62f53b2c7850d0786f227f64%26key%3D%7Bglobalid%7D
Frame ID: 8C40A8951FDF0C82FC606B4556A02B0D
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 4758BB564D0AC5CBD30F0F1894F02A72
Requests: 7 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 80C92E23D65C070D859F803B3D8C4113
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPmChOMCEJfSweQCGOPZ_twBMAE&v=APEucNUbRyOexI_0JRIxsuAuwObiYo_MNpM2mqwkWCslk9BG8viYmmxNGAd2cy0tU68Y0LjzPj1_NC3K6LZboXNDlslws4G4QcUmx3sbZUmsRPdv8HOMzt_B57GNYgMT5FbkiEf2N1t8yn-miTOAFtk7fFFqo_kqpROiAALCUs97Otb5ww4Qtao
Frame ID: D4A2E47E59F5CD14AC4B4AF648C0798F
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Frame ID: F7CBB4B71F2F9FD777F5F5AE272793E4
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: A26A0FCD807D89D88E5BB62E540E827E
Requests: 3 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=6300135777869648842&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: 1508A6DC2D7C36DB4064C37D4A877DA9
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Frame ID: 3BE61AC8AC74FF3B312585ED31191165
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 71B900570EC88307A88FC5833A10ECAD
Requests: 1 HTTP requests in this frame

Frame: https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7DD17B8F70F1B74BBC9706EEBF6221D4
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 77BF273FA2BCFB8C05895194330EF64F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 68437BBFA2B304E6A38EE992991FC550
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A386ABAB5CA4AF0F0F8AC2437A1A4680
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8F4B4C94A95721CD2E508326FC9CBDC8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPmChOMCEJfSweQCGJv49_IBMAE&v=APEucNU9QzrPkR2GcxCSCw1gbpBnNl9nK7cMp-THB4PPsgEDeyjh11zhvl6UOwdqpaQifm_3RUBf0ErSSxl1Dh4bJqkMzrcZ-UouYhn2gspLbjKePMX5rXI3roK0ZX4brdJv5sTRGnrhWYJ29XkC_jhO-uawMfS1kcQD4842IQgBIM6p3f7kqsE
Frame ID: 1D9BE617AB05871DEC818E15EEAB2EB7
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BF1A66795344190ECD83152177DB9B9A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16177400596801910314/index.html?ev=01_250
Frame ID: FC21BF818AFB5BED7A752AC446CF8C97
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813
Frame ID: 0409400DDA70FD77807D704A1B711243
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: FA9F3E8FD6FDFDCB3598048639C2E2F3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CA716DB0DDFCB0ABDD68580D0469B1F5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 203A8A9A9A5509329D70032433F0B6A7
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B091A1D5763B6A7280B2151B6934D963
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C801029E0E88D3889FAB483CAF90CAC9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18252920936102416340/index.html?e=69&leftOffset=0&topOffset=0&c=f06xrzKnrA&t=1&renderingType=2&ev=01_250
Frame ID: 127A0307B7687DB3EB86F16AE1CC0C6A
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_300x250.js
Frame ID: F00629A5AA12024CAAD3A5E1C233E1F1
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=100616073343311&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ba60fe7970208%26domain%3Dwww.blogto.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogto.com%252Ff29da18de8ceb9%26relation%3Dparent.parent&container_width=77&href=http%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&layout=button_count&locale=en_US&sdk=joey
Frame ID: AACD20A4ABF9A63EBC69F0774BE6AACB
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D100616073343311%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3db094a7d54afc%2526domain%253Dwww.blogto.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.blogto.com%25252Ff29da18de8ceb9%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fblogto%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D300
Frame ID: 4C6135EFBA6E1A4834A15986D103F33C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1858391015A4DACA79C34DE38071BD1C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA0A8BEE9EC806D6B51265418C6ABB7E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Luna Bakery - blogTO - Toronto

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

584
Requests

90 %
HTTPS

38 %
IPv6

83
Domains

140
Subdomains

111
IPs

9
Countries

11284 kB
Transfer

36445 kB
Size

63
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72
  • https://googlesyndication.com/ HTTP 302
  • https://www.google.com/
Request Chain 107
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=470149238&utmhn=www.blogto.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Luna%20Bakery%20-%20blogTO%20-%20Toronto&utmhid=563587538&utmr=-&utmp=%2Fbakery%2Fluna-bakery-toronto%2F&utmht=1696898344656&utmac=UA-220979-1&utmcc=__utma%3D5417440.1981056629.1696898344.1696898345.1696898345.1%3B%2B__utmz%3D5417440.1696898345.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=972008797&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-220979-1&cid=1981056629.1696898344&jid=972008797&_v=5.7.2&z=470149238 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-220979-1&cid=1981056629.1696898344&jid=972008797&_v=5.7.2&z=470149238 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-220979-1&cid=1981056629.1696898344&jid=972008797&_v=5.7.2&z=470149238&slf_rd=1&random=4124560498
Request Chain 118
  • https://sb.scorecardresearch.com/cs/34948124/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 153
  • https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=100616073343311&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c6beb97b9618%26domain%3Dwww.blogto.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogto.com%252Ff29da18de8ceb9%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblogto&locale=en_US&sdk=joey&show_facepile=true&small_header=false&width=300 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D100616073343311%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3c6beb97b9618%2526domain%253Dwww.blogto.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.blogto.com%25252Ff29da18de8ceb9%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fblogto%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D300
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUM3WuwTw6rnn3xsoILsu8&google_cver=1
Request Chain 207
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSSdKv8dTwVL0l6rBSwVHgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUM3WuwTw6rnn3xsoILsu8&google_cver=1
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEG9-dLa8htLxAFS2OR83ZMY&google_cver=1
Request Chain 209
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMwMDEzNTc3Nzg2OTY0ODg0Mg%3D%3D
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUM3WuwTw6rnn3xsoILsu8&google_cver=1
Request Chain 211
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSSdKv8dTwVL0l6rBSwVHgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUM3WuwTw6rnn3xsoILsu8&google_cver=1
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEG9-dLa8htLxAFS2OR83ZMY&google_cver=1
Request Chain 213
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMwMDEzNTc3Nzg2OTY0ODg0Mg%3D%3D
Request Chain 269
  • https://fw.adsafeprotected.com/rfw/st/1475223/71249298/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-2050825284400963&ias_chanId=1&ias_placementId=20111337730&bidurl=https://www.blogto.com/bakery/luna-bakery-toronto/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j754n9LHX-8PMBJBQFi6_t&adContainerId=brand_safety_Kp0kZeC1FMGigQeeiLzIDQ&cbFunctionName=goog_wrapCb_Kp0kZeC1FMGigQeeiLzIDQ&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.blogto.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.blogto.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c4682b05-5d66-236f-4abe-e03021c9594e,c:qBjaBi,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-9lvpw,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tSeUx3A+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d*.1475223-71249298%7C1d1%7C1d2%7C1d3%7C1e%7C1f1%7C1g%7C1h%7C1i,idMap:1d*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:39,oid:6b2b214f-6705-11ee-8efe-d2d800230e0a,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 274
  • https://fw.adsafeprotected.com/rfw/st/1301380/73124933/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1010839380&ias_pubId=pub-2050825284400963&ias_chanId=1&ias_placementId=19777388098&bidurl=https://www.blogto.com/bakery/luna-bakery-toronto/&ias_dealId=&xsId=ABAjH0iOBRBMoH499TGlEoI7i3hS&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iOBRBMoH499TGlEoI7i3hS&adContainerId=brand_safety_Kp0kZcfbFvePjuwPzaahiAY&cbFunctionName=goog_wrapCb_Kp0kZcfbFvePjuwPzaahiAY&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.blogto.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.blogto.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:159ebba7-d73e-2163-492a-a7a68722d9f8,c:qBjaCW,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-l5tt6,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:4,mot:0,app:0,maw:0,fm:tSeUx5k+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f*.1301380-73124933%7C1f1%7C1f2%7C1f3%7C1g%7C1h%7C1i,idMap:1f*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:33,oid:6b2bbd65-6705-11ee-ba4a-ee14edaedbed,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 328
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.blogto.com&ver=1.2 HTTP 302
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.blogto.com&ver=1.2&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=www.blogto.com&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=blogto.com&upapi=true
Request Chain 349
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1696898348168-945556496869-001642-010-000522&biddername=55&key=6300135777869648842
Request Chain 350
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1696898348168-945556496869-001642-010-000522&biddername=200&key=OPTOUT
Request Chain 352
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Request Chain 359
  • https://ads.stickyadstv.com/user-matching?id=3665&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=ffab7fb82a22ec4a8ac1a75d3272e2ba&_fw_gdpr=1&_fw_gdpr_consent=
Request Chain 376
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSSdKv8dTwVL0l6rBSwVHgAADJcAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSSdKv8dTwVL0l6rBSwVHgAADJcAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 378
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSSdKv8dTwVL0l6rBSwVHgAADJcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEI2CYpFdeBYquwtyQCSIjfI&google_cver=1
Request Chain 379
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6300135777869648842
Request Chain 382
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c7bfaed9-e5a1-4c4b-8294-af073896e65c&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIdGMBgSVeAuLguIKIJlfpM&google_cver=1
Request Chain 400
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEJCHH6iygNlkm7Kdx5RNpNY&google_cver=1
Request Chain 404
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=6300135777869648842&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 407
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr={gdpr}&gdpr_consent={gdpr_consent} HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1696898348961 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8541523928 HTTP 302
  • https://sync.1rx.io/usersync/turn/7957737046453556862?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-50230977-47a6-4cbc-b8ba-1295573f91fe-003?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-50230977-47a6-4cbc-b8ba-1295573f91fe-003 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-50230977-47a6-4cbc-b8ba-1295573f91fe-003
Request Chain 410
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZSSdKv8dTwVL0l6rBSwVHgAA%263223
Request Chain 439
  • https://api.btloader.com/websiteconfig?o=5080945107927040&w=blogto.com HTTP 302
  • https://api.btloader.com/websiteconfig?bt_env=prod&o=5080945107927040&w=blogto.com
Request Chain 456
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.blogto.com&ver=1.2 HTTP 302
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.blogto.com&ver=1.2&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=www.blogto.com&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=blogto.com&upapi=true
Request Chain 464
  • https://fw.adsafeprotected.com/rfw/st/1301373/68102612/4.js?adContainerId=brand_safety_LZ0kZcS_BfqTjuwPxOOqIA&cbFunctionName=goog_wrapCb_LZ0kZcS_BfqTjuwPxOOqIA&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.blogto.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.blogto.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:15db9d36-5273-9f41-2906-40d4221cf5fb,c:qBjbgZ,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-zlz7l,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:4,mot:0,app:0,maw:0,fm:tSeUxJn+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1h6%7C1h7%7C1h8%7C1h9%7C1i1%7C1i2%7C1i3*.1301373-68102612%7C1i31%7C1i32%7C1j1%7C1j2%7C1j3%7C1j4%7C1j5%7C1j6%7C1j7%7C1j8%7C1j9%7C1ja%7C1jb%7C1jc%7C1jd%7C1je%7C1jf%7C1jg%7C1jh%7C1ji%7C1jj%7C1jk,idMap:1i3*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:33,oid:6cd59cd6-6705-11ee-a6fe-027e37d507b0,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 468
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEG1fHTAkyQx8HaPx3BC8nZs&google_cver=1&google_push=AXcoOmR6UtR15TAJ9wcSIvvcMBBYDhlEIj8QUCJrVKEs_R-zUF_D12Y2rqKpXnJ2FKdVHoZTCCQMQl3CVVamAUMTIRm56gLGB8T4rA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk1NzczNzA0NjQ1MzU1Njg2Mg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG1fHTAkyQx8HaPx3BC8nZs&google_cver=1
Request Chain 470
  • https://um.simpli.fi/gp_match?google_gid=CAESELj7RBvLx4FfnXFiaZMUgbg&google_cver=1&google_push=AXcoOmRAPwKP6C1u6xtqLJ97aL-EvuXhPOKZOOrDN0RIKUVhLno29zDWD6HVUo1059Yhn0GeNOJFg9CC1iwHEeTixuebe1YkXWjX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=74C797EF56124624825CCDE688411BE7&google_push=AXcoOmRAPwKP6C1u6xtqLJ97aL-EvuXhPOKZOOrDN0RIKUVhLno29zDWD6HVUo1059Yhn0GeNOJFg9CC1iwHEeTixuebe1YkXWjX
Request Chain 472
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGSCRljrT2nJTBMnTS2Hiyg&google_cver=1&google_push=AXcoOmTskSYw9jlZcF0hZGWwGBcEHrxenhup-CBuXqt5SVvfsRJHsPa4B_3s7euzoglOt0fwryFgS-ma00FaCKGgVnXjPzagWSlMIQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTskSYw9jlZcF0hZGWwGBcEHrxenhup-CBuXqt5SVvfsRJHsPa4B_3s7euzoglOt0fwryFgS-ma00FaCKGgVnXjPzagWSlMIQ
Request Chain 493
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJICukL4ycfgkS7nldBLGCQ&google_cver=1
Request Chain 518
  • https://api.btloader.com/websiteconfig?o=5080945107927040&w=blogto.com HTTP 302
  • https://api.btloader.com/websiteconfig?bt_env=prod&o=5080945107927040&w=blogto.com
Request Chain 538
  • https://fw.adsafeprotected.com/rfw/st/1301380/73124926/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1010839380&ias_pubId=pub-5616046187545019&ias_chanId=1&ias_placementId=19777387339&bidurl=www.blogto.com/&ias_dealId=&xsId=ABAjH0ipjz4KS9gUKb2OostmPMn8&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0ipjz4KS9gUKb2OostmPMn8&adContainerId=brand_safety_LZ0kZfCxNZ2RjuwPpIawiAk&cbFunctionName=goog_wrapCb_LZ0kZfCxNZ2RjuwPpIawiAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.blogto.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.blogto.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:4b25cfac-dece-c9e8-2e4c-54dee174223e,c:qBjbry,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-5299t,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:3,mot:0,app:0,maw:0,fm:tSeUxTQ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1h6%7C1h7*.1301380-73124926%7C1h71%7C1h72%7C1h81%7C1h9%7C1i1%7C1i2%7C1i31%7C1i32%7C1i33%7C1i341%7C1j1%7C1j2%7C1j3%7C1j4%7C1j5%7C1j6%7C1j7%7C1j8%7C1j9%7C1ja%7C1jb%7C1jc%7C1jd%7C1je%7C1jf%7C1jg%7C1jh%7C1ji%7C1jj%7C1jk%7C1jl%7C1jm%7C1jn,idMap:1h7*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:38,oid:6d4156b3-6705-11ee-a197-9e7a57daf38c,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 541
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIeKv9hIyIOpww-3Yq1xrcI&google_cver=1&google_push=AXcoOmRXkFCDZ1CchFXFbcZBiz8EIh9rwOz6NrKFPaVZ6p09cI21bcf4KZNdl2zJFgNZu0nAfJLsTrMhvX8wvFaUsYr4gp1uqGJ1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4ODEyMjkxNzg5MTA3ODMwMQ%3D%3D&google_push=AXcoOmRXkFCDZ1CchFXFbcZBiz8EIh9rwOz6NrKFPaVZ6p09cI21bcf4KZNdl2zJFgNZu0nAfJLsTrMhvX8wvFaUsYr4gp1uqGJ1
Request Chain 542
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMbo2epbJd8lPsf-GT9_E6o&google_cver=1&google_push=AXcoOmSCuOIDCHaCKlon3mkNrV2kMM1It8IFP-K9v47RlkMPbzqs7fhtK-9XKX8i1LT1SMWadRId8FEhVIa9IS738Kn_X6jG_r4e HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMbo2epbJd8lPsf-GT9_E6o&google_cver=1&google_push=AXcoOmSCuOIDCHaCKlon3mkNrV2kMM1It8IFP-K9v47RlkMPbzqs7fhtK-9XKX8i1LT1SMWadRId8FEhVIa9IS738Kn_X6jG_r4e&rdf=1
Request Chain 543
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECS9H7NiuV-xQ3uXtL2QqN4&google_cver=1&google_push=AXcoOmSFquhUJm7hxrGQ5lgvjFOi3_86U5qiPJyjlFx2sgn4o5G6Izx9aZwNIc6Xdx9tgl7FonZDA3dM38iHRJlasYgks3USMoqwQA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5KTEdRVk0tSy1FRkFB&google_push=AXcoOmSFquhUJm7hxrGQ5lgvjFOi3_86U5qiPJyjlFx2sgn4o5G6Izx9aZwNIc6Xdx9tgl7FonZDA3dM38iHRJlasYgks3USMoqwQA
Request Chain 544
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI2CYpFdeBYquwtyQCSIjfI&google_cver=1&google_push=AXcoOmSUC_REOswWakCeU1BF_Llf0HDGV27ANOXxzBLGC8pOVs34FVO6hM0fB9VIeedPTZ9c3xjTeAnV6oXElj_rgb7HZFErgHArzQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEI2CYpFdeBYquwtyQCSIjfI&google_hm=ZSSdKv8dTwVL0l6rBSwVHgAADJcAAAIB&google_nid=index&google_push=AXcoOmSUC_REOswWakCeU1BF_Llf0HDGV27ANOXxzBLGC8pOVs34FVO6hM0fB9VIeedPTZ9c3xjTeAnV6oXElj_rgb7HZFErgHArzQ
Request Chain 546
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGSCRljrT2nJTBMnTS2Hiyg&google_cver=1&google_push=AXcoOmSpyyx9DV2yryQfavIjvRnXfvfoEV7VnhxQU8971W0U6z9pqkzsgcOjXrXuzjdW25RI2JlNa0SeskFCYsNmSPZ5QDLolcisWw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSpyyx9DV2yryQfavIjvRnXfvfoEV7VnhxQU8971W0U6z9pqkzsgcOjXrXuzjdW25RI2JlNa0SeskFCYsNmSPZ5QDLolcisWw HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 575
  • https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=100616073343311&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3db094a7d54afc%26domain%3Dwww.blogto.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogto.com%252Ff29da18de8ceb9%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fblogto&locale=en_US&sdk=joey&show_facepile=true&small_header=false&width=300 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D100616073343311%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3db094a7d54afc%2526domain%253Dwww.blogto.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.blogto.com%25252Ff29da18de8ceb9%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fblogto%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D300

584 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.blogto.com/bakery/luna-bakery-toronto/ 		97 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.169.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-169-121.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6f8148e9429a21205ca6bc71c8987e8f0495ed56f6cb7b17a0063ec657657f8c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,*,X-Requested-With
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
access-control-allow-origin
*
age
309
cache-control
max-age=300
content-encoding
gzip
content-length
19081
content-type
text/html; charset=utf-8
date
Tue, 10 Oct 2023 00:39:03 GMT
server
nginx
vary
Accept-Encoding, Cookie
via
1.1 varnish-v4
x-app-server
ip-10-0-0-253
x-cache
HIT
x-cache-hits
13
x-cache-svr
varnish1-vpc
x-varnish
533466826 533758197
js
www.googletagmanager.com/gtag/ 		238 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y8FQYHZ5SK
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c065c958c870ddd04bca9749c517a4465563aaf8b8a57babffb356bd60a44b4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85085
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 10 Oct 2023 00:39:03 GMT
gpt.js
www.googletagservices.com/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
868a90c8d90118ba24a45aba34b91bc63ed80255733acd5fced944cad8238919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29598
x-xss-protection
0
server
cafe
etag
639 / 19640 / m202310050101 / config-hash: 3619239551914878840
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 10 Oct 2023 00:39:03 GMT
prebid.js
cdn.jsdelivr.net/npm/prebid.js@latest/dist/not-for-prod/ 		3 MB
728 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid.js@latest/dist/not-for-prod/prebid.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e514d38f025dee832c3c129b2f5462dc1bbf68ae816a23262d4a0aac7d50aa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16022
x-jsd-version
8.18.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230124-FRA, cache-yyz4520-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"285458-m5u+fbvsp8Ew1QfTzIRW7BT6NDw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BPIkZYqVQVpVR1XPBCWpAhxvNmY9eb61BMz9l%2F6qdH498hkW4ono%2Bse6s%2B%2F0ja2q0TUMeoWbMviX6VuMRBJGmPLrIVt3CS0M89RkaUmBFAPjiOoQgtojUl7bSBjdmMz59dk9kqjbjeH0JPwpdc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
813acdd9edd19b4f-FRA
js
www.googletagmanager.com/gtag/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GTM-T24HWP4&l=gtm.blogTO
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
sp_mnhjJdcW
launcher-sa.spot.im/spot/ 		189 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher-sa.spot.im/spot/sp_mnhjJdcW
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9545b52eb558eb7d63a5881a02e7878b4af4d46d54dc20d1b2c543797878c535

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
KaYSalSt6mxo9C8ZV8sOOmYTdr2k76xt
content-encoding
br
via
1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
date
Tue, 10 Oct 2023 00:36:45 GMT
x-amz-cf-pop
FRA56-C1
age
139
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
47427
last-modified
Mon, 09 Oct 2023 10:40:36 GMT
server
AmazonS3
etag
"2c05288c5c77b2b84c11a737ccaac1c8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
HjODqAAsMLW9ql3Q5SOrQzitDNCPGAxMdL9mq7IipOBOjVDAj8ug7g==
storyblock.js
asset.fwcdn3.com/js/ 		347 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwcdn3.com/js/storyblock.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
69fcbc10685c946e921d8998d001c80ca6526e7bdb622d0de1ae2b2a52be098d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:07:36 GMT
x-amz-request-id
5796BWD1SRJVYE04
age
16288
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104297
x-amz-id-2
fthk6m0x3V/sBYiKSDvoWBgPU8+xY7RpYTBjSVr8x9PqN7ixGgDy6+WBRe2PKbVNyKQUC6IrR7g=
last-modified
Mon, 09 Oct 2023 20:05:01 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"1ee3aaaabc89ff344e7c488d723d7084"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
embed-feed.js
asset.fwcdn3.com/js/ 		457 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwcdn3.com/js/embed-feed.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
ac7537a17e404695f67e2e19693f59b5cf941af74a426fabd749d2d8012ace8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:07:36 GMT
x-amz-request-id
5797S4RV1TPV3PG1
age
16288
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133757
x-amz-id-2
obAjY9eEedsaU70IPlv/+YC3nDOt7hTO01Utos4hsfRHEsr8PvjxnQOWTnpTfmvQ97I9LP6tgFs=
last-modified
Mon, 09 Oct 2023 20:05:01 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"246d99f7026cf6cab0e83beee4cbc8be"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
blogto-lib-a2b3819e8e8fb229ce494ccdce73588d.css
static.blogto.com/static/dist/ 		13 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.blogto.com/static/dist/blogto-lib-a2b3819e8e8fb229ce494ccdce73588d.css
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad78d3049e9946374dde6c6e02b03386f29c483d7633a63030e0c7cbb3539e33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 06:24:43 GMT
x-amz-version-id
kCSkmrWyvLsuwAdoqvxA1bB17JnF6ABg
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 16:37:33 GMT
server
AmazonS3
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"a2b3819e8e8fb229ce494ccdce73588d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
age
65661
x-amz-cf-id
X5pLoRsaw622YrLK3AfyukvylaC4eP7xlOlEi81RaAtZrP_2wP6xmQ==
blogto-app-e9e1d48a15e1b311fe334eb5e5445e8d.css
static.blogto.com/static/dist/ 		1002 KB
107 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.blogto.com/static/dist/blogto-app-e9e1d48a15e1b311fe334eb5e5445e8d.css
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
736a32b4f4dba8d4777e9ae99e095a5ecc6db00f121a2d89f3296a5521dbebd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
FTkLAt0vIUQQGlMsUrn5dPOuyBWSklQb
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date
Mon, 09 Oct 2023 02:48:58 GMT
last-modified
Tue, 03 Oct 2023 16:37:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
78622
x-amz-server-side-encryption
AES256
etag
W/"e9e1d48a15e1b311fe334eb5e5445e8d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
JmSAZyFqNQhzde2aEDfXmYoiCuvbwI1CvjZKnmXVObJF0oG7MifR8A==
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
212209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26646
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1499c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLr2NM0gHi7zjFA8C4er3gZXru79a11QuZRa87wEzCxA822v7JfoKf%2BcU9KVsqDyoPsf%2FYDfssRgzMR8rPpem4ivl5SbLVWQbJiKv1ZnGaKzSGRBAJpY3MomtGtXivXwJm9b1Jh3TKAvsmoWzsgOD9Nv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
813acdd7999965db-FRA
expires
Sun, 29 Sep 2024 00:39:03 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28cedc5adecf88127594ec050de623389d03ada8faa8b92f3afdd73fb29e7ece
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29597
x-xss-protection
0
server
cafe
etag
198 / 19640 / m202310050101 / config-hash: 3619239551914878840
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 10 Oct 2023 00:39:04 GMT
google_service.js
partner.googleadservices.com/gampad/ 		1 KB
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/google_service.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27860bbd92fc2f77d8f4c4b0c01ab7649cc8002ad183240e7289338d217b0566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:08:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
1839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
341
x-xss-protection
0
server
cafe
etag
953604975598805376
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 10 Oct 2023 01:08:24 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:03 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3278
etag
W/"2a3bbde818bef34d53a0df862ead5d5f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
813acdd9edbe1cc9-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 13 Oct 2023 00:39:03 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9a00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 16:56:20 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
27764
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
CSR_4nDoVqeYKzTsorMttozvULUg-uPFF17I4u_X7JZAd8gGbN-iDQ==
expires
Tue, 10 Oct 2023 16:56:20 GMT
20230724-LunaBakery-31.jpg
media.blogto.com/listings/ 		172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/listings/20230724-LunaBakery-31.jpg?w=2048&cmd=resize_then_crop&height=1365&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5e463c30039e8a35f5ae73df025b65211361f9d38c4ff4245951549eacf45c57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:59:23 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72400
etag
"f6a191dd242b8dde0bbfc83f7aacd74e"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
176116
x-amz-cf-id
XE1jTEdh30PbSfTyIlteUR6IlexY89Is5K1PsiPyzy94uoN0DdoEOg==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359396-20230724-LunaBakery-37.jpg
media.blogto.com/uploads/2023/10/03/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359396-20230724-LunaBakery-37.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
905ee24c7a31f468137514814f8697c6ee0c9fd6b43aa0e817c4e731150d791f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:57:02 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72400
etag
"09b93f1115cb14f4c80812d19b51e0d5"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
101536
x-amz-cf-id
zd2ptd1AP1er2vyLGGU97A-vdrWrdwwWnRKqfsuF7quooXgVT_GEug==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359395-20230724-LunaBakery-36.jpg
media.blogto.com/uploads/2023/10/03/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359395-20230724-LunaBakery-36.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8ca4dd01d1d8c5af51269340b33c8433fcabe755a19145ed33bc1765be7bfce4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:57:02 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72400
etag
"d8a4d2222035022bcf4c871362ec725a"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
63152
x-amz-cf-id
AUUPzdWMutHDoBANLpZiPS6RkH8ZrhWipiUdxKJe-md6tpVQXQ3_RA==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359374-20230724-LunaBakery-9.jpg
media.blogto.com/uploads/2023/10/03/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359374-20230724-LunaBakery-9.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
37a34003fb8b5ce2d75a0dff478b3001f362f3ffd31087534aef3279e0ba44d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:56:52 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72400
etag
"14a9058d9dcc91b7a774747910f8c9cd"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
96178
x-amz-cf-id
0aIIYVsuf3_D6F6nnjZbqRvv90G6isjzVcfRPsYCLNxsfxbHk85OlQ==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359375-20230724-LunaBakery-10.jpg
media.blogto.com/uploads/2023/10/03/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359375-20230724-LunaBakery-10.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2dcaa1b25e6ca3f74383aec53bc9e13045f959c4665427f1a611782d11596982

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:57:03 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72400
etag
"cc590d0246f39a0ac7fe05ec4b07958a"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
95600
x-amz-cf-id
VFa-yzy_Af0EWf8sLpZsRxvPO8heNTYozohcGFoLkMbp2iYlCWus9Q==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359372-20230724-LunaBakery-7.jpg
media.blogto.com/uploads/2023/10/03/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359372-20230724-LunaBakery-7.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
08f7cff1275d692238eeafd58a169bd9e95ca5f49b64948acb2cb4f4fd27e12d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:56:54 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72400
etag
"924fb76c55eb3fc82be5845c39ac05cd"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
103800
x-amz-cf-id
T0wA7smlSlPKDDTFy5QW2_FVwWWhzaHgpJ1fGm_VW4-g1R88awWw8A==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359371-20230724-LunaBakery-5.jpg
media.blogto.com/uploads/2023/10/03/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359371-20230724-LunaBakery-5.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1391a652cd39ee6569c9bc65607e05ac6f579308c2a085d8419da1c2347217f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:56:52 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72400
etag
"45871e424e7d5eb6334d68091e037778"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
90482
x-amz-cf-id
0-86pHAKS1N5xZ-D7Ph8pbT2I7TuXvqlFjvRaqktxNPLH29SYorGAg==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359375-20230724-LunaBakery-11.jpg
media.blogto.com/uploads/2023/10/03/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359375-20230724-LunaBakery-11.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a845345cd977a6543894b1938de5a4402b99900ded07d4f4dae618bd6038aa1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:56:54 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72400
etag
"a95d5b52abb4f5fad12f35596fd99d89"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
84550
x-amz-cf-id
Kl0hU0Vns-RiRcMUR2TpPmmu6i07Pb68zOVsVtRc42AE1LH04HnjpQ==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359378-20230724-LunaBakery-15.jpg
media.blogto.com/uploads/2023/10/03/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359378-20230724-LunaBakery-15.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7dc83d2b2def26d111d9fad25ab064d7ec712e6c604334b01a5eaf6626abe75c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:56:54 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72400
etag
"881b2c0859ff9a5deb70370cdb3844fe"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
47176
x-amz-cf-id
kBjxbAqCTI8SbZvnghu-Qa7DsMyl5vC1YHV1Nq7SR01HKPDpw97GUQ==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359377-20230724-LunaBakery-14.jpg
media.blogto.com/uploads/2023/10/03/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359377-20230724-LunaBakery-14.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a86b434f76ebfa992699afb4bae79a3528b97c0426d831ae60046d09b63c761e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:56:56 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72400
etag
"7db54d2980346dfb0312cb72042cd3d3"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
51878
x-amz-cf-id
nUZa0hG0ugHwAJZyqm-vJWvSCdCoqRdoGBr0uT26COPbBQJ1NBpnMg==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359382-20230724-LunaBakery-21.jpg
media.blogto.com/uploads/2023/10/03/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359382-20230724-LunaBakery-21.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
10ec41b3891bd83bab6b883981a27d7892782a8af05861f25bd3cb8c44c27945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:56:56 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72400
etag
"9cd98f881d050b304088f9de8b8f31ae"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
66500
x-amz-cf-id
j_toDkpggOSUm9jaXvqXNWXBTEupqko9fgfWrYT46jVR8UGcyggMNw==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359387-20230724-LunaBakery-29.jpg
media.blogto.com/uploads/2023/10/03/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359387-20230724-LunaBakery-29.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
387d6d3023f2a5d73184edcf298aa1867ec4aa563049990e1da488195066c431

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:56:59 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72400
etag
"cbe562ce2eba678427507232808fdfca"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
79132
x-amz-cf-id
KlIVw3EqZeMtjsxoXAP5C9Yq9BAqKmERkdzR-wev1Peae-n8U9fDHA==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359382-20230724-LunaBakery-22.jpg
media.blogto.com/uploads/2023/10/03/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359382-20230724-LunaBakery-22.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c5541794665f1c9043ac86bb924aa0558ff75f94600c9a9d81379c42367cb0a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:56:57 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72400
etag
"956566e598e2eba0b185f78cf176ceef"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
83544
x-amz-cf-id
rokkURW1esIkE-etcQrVOy-d1UamKr_hHN1dK-IdLSbk_HyDXCWPFg==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359379-20230724-LunaBakery-18.jpg
media.blogto.com/uploads/2023/10/03/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359379-20230724-LunaBakery-18.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e2502db2ce3d5345fa38fbab7f1af8a3739e9096debacc7d8bec8361edc7b60f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:56:57 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72400
etag
"b541981f6f4c222e58f896b5fe23557e"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
72480
x-amz-cf-id
lU9r5W4fWJo-RmKYenmmH-pAhyT_aAaQaqtuPNuf5ggKXKOo1V18Zw==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359384-20230724-LunaBakery-24.jpg
media.blogto.com/uploads/2023/10/03/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359384-20230724-LunaBakery-24.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0d7211e54b0841836bf368c1a45cdf789aa8f30c62be6f43f547b3b6fd8d71c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:56:58 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72400
etag
"b88de971fdbb6cd683d62c4626b79707"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
38774
x-amz-cf-id
XEO8PuZVUOK8LQEQSwyqXxvYeKKBmT_FJk4oXi3c7a72Q23gSPrBnQ==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359367-20230724-LunaBakery-1.jpg
media.blogto.com/uploads/2023/10/03/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359367-20230724-LunaBakery-1.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8fe4c73c03f0423d75be50f798fd02a5bd1bc9d8c346f559dbd1901a79b9e004

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:56:50 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72400
etag
"b8affe5fc0056f3d318d522e6d539f18"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
47848
x-amz-cf-id
3cxsB3qQs4J0ly1MKCLoXxp8-6fejxGVBZrhW32abqtc4_XjqKQYDw==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359381-20230724-LunaBakery-20.jpg
media.blogto.com/uploads/2023/10/03/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359381-20230724-LunaBakery-20.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
53afa4f03fb940df8dce7ccc9948204306781a7c5bc4801612dce3b9e4f1c414

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:25 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:57:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72399
etag
"9e9feca87bd58a2c9051912797a815aa"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
57756
x-amz-cf-id
HLsP8iee26JpB2tVOSYvRTsaAShnyrA7kKHIU08vzpHU0lR9iqLSnQ==
expires
Mon, 16 Oct 2023 04:32:25 GMT
1696359371-20230724-LunaBakery-6.jpg
media.blogto.com/uploads/2023/10/03/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359371-20230724-LunaBakery-6.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ea8cfe0496b40adf85b240134c1c595e01abb11c15f6660d9a60248ad2fff881

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:56:52 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72400
etag
"d4b8279cfc73ea158c6508f29ec13631"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
66326
x-amz-cf-id
mkkpmIQZFgALQo-vAe00co8GGE29j78ETQsuWmvV0HRsoO7BB789xQ==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359388-20230724-LunaBakery-30.jpg
media.blogto.com/uploads/2023/10/03/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359388-20230724-LunaBakery-30.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
157a4b06b826c6b0e3600cda297355fb5f72617928312c2a88187478125f7fe1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:25 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:57:00 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72399
etag
"156b3e1d36f895b986d9395934359346"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
61552
x-amz-cf-id
PX8xMjf-CfV987qWr8ArMsxD66new_W3tg1ZpUSy2InrLXVlUM2jsw==
expires
Mon, 16 Oct 2023 04:32:25 GMT
1696359386-20230724-LunaBakery-27.jpg
media.blogto.com/uploads/2023/10/03/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359386-20230724-LunaBakery-27.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
df9cd6e555a4f9e8a56e6e46787d6af020cb9cb4d044e90576f8574aac115099

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:57:02 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72399
etag
"702bb35d821027b5d6bc58768313f080"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
62842
x-amz-cf-id
jUqtxluH7vUguOJ4nfhCL39-Nk5SYfafROYBFMT_BhpHxdcbknl_Lw==
expires
Mon, 16 Oct 2023 04:32:24 GMT
1696359392-20230724-LunaBakery-34.jpg
media.blogto.com/uploads/2023/10/03/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359392-20230724-LunaBakery-34.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
25854529dfd80da9454358daf40864b45bc80b929a20f4093e9d94968e702905

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:25 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:57:03 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72399
etag
"9fe5692c3e4870abb865cf6656dfb385"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
97202
x-amz-cf-id
zl24sr8OpVT0BXEPm3B6cR0dhMvEUyItzATByztIrlMGQ8wf1Jncwg==
expires
Mon, 16 Oct 2023 04:32:25 GMT
1696359385-20230724-LunaBakery-25.jpg
media.blogto.com/uploads/2023/10/03/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359385-20230724-LunaBakery-25.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dae198bf28ccb316d8dbee5edfe5097cd24a6211bca5d2bda0314c4c2ebf7641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:25 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:56:59 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72399
etag
"31a869c6b95cb9117ed0b4e15166d236"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
70558
x-amz-cf-id
pI9QyDAz4ONmDZgKW6Huk5rQXLlDIlNQRN75yUUIZYW8JSkF3lNSxw==
expires
Mon, 16 Oct 2023 04:32:25 GMT
1696359376-20230724-LunaBakery-12.jpg
media.blogto.com/uploads/2023/10/03/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359376-20230724-LunaBakery-12.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1527b716a084a56631f99a3bf619418bc570b527e25301f0fe9fcdfbc45523a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:25 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:56:56 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72399
etag
"6891eeef7f22151b8b34ab1ba418040d"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
117864
x-amz-cf-id
6jZSEqPzKYoZABY8dtmLeV-eO8DXR0ie7FFx63zmenugZln0btzgOQ==
expires
Mon, 16 Oct 2023 04:32:25 GMT
1696359373-20230724-LunaBakery-8.jpg
media.blogto.com/uploads/2023/10/03/ 		276 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359373-20230724-LunaBakery-8.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
885716c3681ae2ba93757fe434fa72fd335116dee9ee727fafae7fe91b3fe968

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:25 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:56:52 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72399
etag
"b4b343ba08ab6eec0e79ad364adc05f0"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
282974
x-amz-cf-id
a05977FOtTcKOMyeYVOlLxBVxi9ImcMRu-JpMD_ClEqdRqRpg4w3HQ==
expires
Mon, 16 Oct 2023 04:32:25 GMT
1696359370-20230724-LunaBakery-4.jpg
media.blogto.com/uploads/2023/10/03/ 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/uploads/2023/10/03/1696359370-20230724-LunaBakery-4.jpg?w=1400&cmd=resize&height=2500&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
33282533cc24514d5d9232e9b77c9068d5e1e8082478576fe1b3ccc1e6346800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:32:25 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:56:50 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
72399
etag
"bbd631ec0d877cef5150b0c1d6201607"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
141170
x-amz-cf-id
CeZ3K3C-8rg0ElGx83ltWmZ-OCyyL6SHQM9xNygNbFLnIRJbRPBkuA==
expires
Mon, 16 Oct 2023 04:32:25 GMT
map-placeholder-image.png
static.blogto.com/static/img/backgrounds/ 		602 KB
603 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogto.com/static/img/backgrounds/map-placeholder-image.png
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06db1e97d5fbf48380a7b896d5f4648ff5d1e697ee405b2df07cb67606fb5c0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 04:15:34 GMT
x-amz-version-id
G_P2goE6eH3tTnvmCbin7cqrrwRPzZQk
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
last-modified
Wed, 13 Feb 2019 10:20:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
73410
etag
"f46b0152cdfba17e7bc5efc38bf945aa"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
616614
x-amz-cf-id
mWT4kS7ZdlFDU_WT140DRrQynl2nCvenBQ6W33Pc5CBkC2RN0G2v6g==
20171108-2048-HodoKwaja13.jpg
media.blogto.com/listings/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/listings/20171108-2048-HodoKwaja13.jpg?w=1040&cmd=resize_then_crop&height=700&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5cb55a19282949ab74b2d6552e07fa969ff3808fe38b7e00c5daa8a27e0a07ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 05:33:50 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Fri, 09 Oct 2020 18:06:17 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
68714
etag
"36f37f3fd8187728819efe6f41776907"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
108020
x-amz-cf-id
_LzHi7ZCsIwVSESBpl_u009ITEWBLyUdn4IQEie7rki-5zPLhn3h9w==
expires
Mon, 16 Oct 2023 05:33:50 GMT
20230724-LunaBakery-31.jpg
media.blogto.com/listings/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/listings/20230724-LunaBakery-31.jpg?w=1040&cmd=resize_then_crop&height=700&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a82819baeb35e91d6f9071fc4a81f6c3196a01c23715377ceb9ce89768fffa50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:05:14 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 04:03:54 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
74030
etag
"fff65114728f2345e78bfa35c2510e5e"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
77664
x-amz-cf-id
pgTIEtfNSf1jQje5p_QHD7wkVctWfnvyAQxNy4h26sld9xMz3yPqmg==
expires
Mon, 16 Oct 2023 04:05:14 GMT
20230922-Kream-12.jpg
media.blogto.com/listings/ 		147 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/listings/20230922-Kream-12.jpg?w=1040&cmd=resize_then_crop&height=700&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d786bf4b4abb3053f46344d2ff42504311ce2409a03eee695da0834d0f7667b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Tue, 03 Oct 2023 06:21:00 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Wed, 27 Sep 2023 22:23:45 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
584284
etag
"01e69d171b1d39e522c2b7e6910e510f"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
150954
x-amz-cf-id
WFCkuqUWZkj8L5idlWkRWq-pjWs7NvpMWlxWBAzjAPmLk19--suojQ==
expires
Tue, 10 Oct 2023 06:21:00 GMT
20230729-PostmanWaffles-33.jpg
media.blogto.com/listings/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/listings/20230729-PostmanWaffles-33.jpg?w=1040&cmd=resize_then_crop&height=700&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
661dafee20fc0fed2a44c98b931be80992e5bdcbe6d6eb924162c5396ae2ca29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Sat, 07 Oct 2023 13:59:17 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Mon, 25 Sep 2023 22:35:03 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
211187
etag
"4056c85eb2b9844b6f24bbce342d1d96"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
61110
x-amz-cf-id
xp8-D10p6hqarkKNB1kugnL7K_ynnF--MH9x2pjbCVNa0-BEFnFTrw==
expires
Sat, 14 Oct 2023 13:59:17 GMT
20230914-FrancescaBakery-9.jpg
media.blogto.com/listings/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/listings/20230914-FrancescaBakery-9.jpg?w=1040&cmd=resize_then_crop&height=700&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b05bfaa39d48eaeedba31bdb1ab40438529ef39eac030e203dfaafad10cfd1b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Wed, 04 Oct 2023 05:35:30 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Sun, 17 Sep 2023 12:29:07 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
500614
etag
"c1eb62b061109e98df77954ddd5d4d6f"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
99306
x-amz-cf-id
yu6imGlwrIsFBqoSBfw7qYK9vndYVmmfMsWWC31562-0-SIbagfF3w==
expires
Wed, 11 Oct 2023 05:35:30 GMT
20230908-OishiiSweets-20.jpg
media.blogto.com/listings/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/listings/20230908-OishiiSweets-20.jpg?w=1040&cmd=resize_then_crop&height=700&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
17566ae000c7d2c9c789b4bd6beb073ab414f62dd0431207714c8ce80519edc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Sun, 08 Oct 2023 08:04:41 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Sun, 10 Sep 2023 14:08:10 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
146063
etag
"e2395c89a29cdc0380b4847b902745d6"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
96394
x-amz-cf-id
eK_S8VhafPsD0Wdg5VhYVRdTKF5kcJXzCiegE-WlnswdycNMAlLqLw==
expires
Sun, 15 Oct 2023 08:04:41 GMT
20230708-Evanas-17.jpg
media.blogto.com/listings/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/listings/20230708-Evanas-17.jpg?w=1040&cmd=resize_then_crop&height=700&quality=70
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
29818f1649bcbc5f650e74a39ede3535f341caa863bebcfdf6a43e2368dafe2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Sun, 08 Oct 2023 08:04:42 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Mon, 24 Jul 2023 22:15:54 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
146062
etag
"42b629db564ff849c4cb6bd2471ccd6b"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
64674
x-amz-cf-id
WpmSiDbLCHQxez7RliEuuCKP6qMoUezg8p2TKPjVO9_ztqUHqYTbag==
expires
Sun, 15 Oct 2023 08:04:42 GMT
facebook-darkgrey-36.svg
static.blogto.com/static/img/icons/social/ 		563 B
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogto.com/static/img/icons/social/facebook-darkgrey-36.svg
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13a9a0c27458ad3b7c04f8c65734d82f8b55c012fbda4a7f0f9038d3adb69aeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 06:44:49 GMT
x-amz-version-id
.1kgkufkgQeU1_4iYuIsrCYtPt8rvQUv
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
last-modified
Wed, 13 Feb 2019 10:20:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
64454
etag
"05b8eb4b76a30e322996eb55118a1a9e"
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
563
x-amz-cf-id
h75ZL_MJh2VxduQ5NIcNtpHXeuBZrOHp7-ELSXWN0W6Im5T9O2Vx-Q==
twitter-darkgrey-36.svg
static.blogto.com/static/img/icons/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogto.com/static/img/icons/social/twitter-darkgrey-36.svg
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d153b2b8a32200a9491a23c25e7d6888ebcc96ed23841005d0782c52d046a887

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
eKOky5YUxle5MW07z6vI3qsTrwmtQlrt
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date
Mon, 09 Oct 2023 04:26:43 GMT
last-modified
Wed, 13 Feb 2019 10:20:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
72740
etag
W/"a566fb48fede9fc8b6af2b009b6880b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
0j8Du_ht07AkOYThkXwVc1ojzS0kJYPNy9B51Y9T9xAIOFIpDvlwdQ==
instagram-darkgrey-36.svg
static.blogto.com/static/img/icons/social/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogto.com/static/img/icons/social/instagram-darkgrey-36.svg
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25c960e6973d48c6e7a4f595992a62bef31c01831f03900cb812596232ad0798

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 01:28:27 GMT
x-amz-version-id
iAheRe7YqBap4.pSx9m4VlquFaufuN1X
content-encoding
gzip
last-modified
Wed, 13 Feb 2019 10:20:14 GMT
server
AmazonS3
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"34e590f29c1e3c1e1e0b03a21484ca4f"
age
83437
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
qbbLRRV5vBQrKAGA_76fJHM-REjVdDUKp2HYs18NkaPlCpGgIH7fgg==
tiktok-darkgrey-36.svg
static.blogto.com/static/img/icons/social/ 		326 B
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogto.com/static/img/icons/social/tiktok-darkgrey-36.svg
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5a5cfcdc9ccc4d0219f66983e0d6e5c835251ff7a68357b081af49e17f2011

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
biVjz6pjMMpV4QGTV_gh3_nxTklhqh6l
date
Mon, 09 Oct 2023 06:24:25 GMT
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
last-modified
Mon, 19 Oct 2020 08:40:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
65679
etag
"09709f3b26a5c8f97d9a1a9c275fae34"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
326
x-amz-cf-id
rMqE__ALijSxfbX7Da_3DVRWOKcvOq77Tc40FIMVCE91jBNWEQimHA==
youtube-darkgrey-36.svg
static.blogto.com/static/img/icons/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogto.com/static/img/icons/social/youtube-darkgrey-36.svg
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16a54696372b35f9f9c55857bf5415fa5d929fb2d3d879eeb094b512fb942eba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 02:52:46 GMT
x-amz-version-id
SIUn4lnVhAuzy6jkjA..1YdBUkukN9A.
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 08:19:48 GMT
server
AmazonS3
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"b675c4059a1095ef9fae2b99720a651e"
age
78377
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
G8I7gU6W0oqavugaXSPVpjqRZQ4qrtYAn7priXeUOzk7iTc7OKdTEQ==
flickr-darkgrey-36.svg
static.blogto.com/static/img/icons/social/ 		590 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogto.com/static/img/icons/social/flickr-darkgrey-36.svg
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f87e7118373094e7151d57fc105e5c2c284ce3cb3b55cdf0adc7593fc366eb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:09:07 GMT
x-amz-version-id
lQlpDotGfKew0q1xvzF0wavq8DyvM9xF
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
last-modified
Wed, 13 Feb 2019 10:20:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
62997
etag
"e4c5e9715b5ce80841e5c454045b39f5"
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
590
x-amz-cf-id
Y2Ervrzi0P2r1Bnu0Cytt7KRxsL0XqkrgU-7CF3DT-8lpaWDyYsrHQ==
rss-darkgrey-36.svg
static.blogto.com/static/img/icons/social/ 		1011 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogto.com/static/img/icons/social/rss-darkgrey-36.svg
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a122fc2dffcd8565cbcb6ff53c83b0738c6cafdc6c410a9272bd360e1f0e2907

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:24:17 GMT
x-amz-version-id
DsyBt15fhbpraUBHFzeBFRfSYQpXoGIt
content-encoding
gzip
last-modified
Wed, 13 Feb 2019 10:20:15 GMT
server
AmazonS3
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"519a7f5a533ceddbb49b0f5eac9f53ce"
age
58487
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
wS-Rhnw-3h03YA-UtbQFf_CYB_lLHwtZgv8ZEAwmvTl87U5H8S5tTQ==
commons-chunk-bootstrap-a86b7b0469498401322d.js
static.blogto.com/static/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.blogto.com/static/dist/commons-chunk-bootstrap-a86b7b0469498401322d.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7415cba464cc2277879d8a46ba2e72860777ee6311d1665deb078f0ca04972d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
Otr1e545JE5Ln0m03RMiZ.qmFkyvkb3U
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date
Mon, 09 Oct 2023 06:01:06 GMT
last-modified
Tue, 03 Oct 2023 16:37:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
67094
x-amz-server-side-encryption
AES256
etag
W/"42eb8ff9e3756e6823d971c49bb7e6e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ndBhrvTVePdpM3gX8Gdlv1QevqWlRAwhTnifCYsGLHQyl6imEHkN5g==
blogto-lib-50a8a180fdfb36ac2e34.js
static.blogto.com/static/dist/ 		2 MB
486 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.blogto.com/static/dist/blogto-lib-50a8a180fdfb36ac2e34.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd1586528a16384635aba918b665e59acb7df92eda64289f1b352053b3dfaa98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
zwMpAl_crNPw62AaV0jKEZwdAeBe3XCl
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date
Mon, 09 Oct 2023 18:20:04 GMT
last-modified
Tue, 03 Oct 2023 16:37:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
22823
x-amz-server-side-encryption
AES256
etag
W/"b5db47bfe91cbda730b497094047b91c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
dufSF7enabOSkCl_1vm_yAWtMiMd8sO-1rOUixQ4ewt3a1d6-Ik5ng==
blogto-app-cda4c968e0a595f6812e.js
static.blogto.com/static/dist/ 		651 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.blogto.com/static/dist/blogto-app-cda4c968e0a595f6812e.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7803873001f00b8bdc5efc897f77f6064c8b0e66b20faef333b2832930612f01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
uLvChI08pqrcSiurSZ.FdtoCxXSSAxBC
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date
Mon, 09 Oct 2023 03:50:45 GMT
last-modified
Tue, 03 Oct 2023 16:37:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
74958
x-amz-server-side-encryption
AES256
etag
W/"6e40e41785897d8a2d15d68ee4e8e0d0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
lzmWEn4mGFn8rLQcoR1Uh0e6kZXuWUU-DJCVWmTw1OBQnkICJ5-gRA==
listings-detail-app-ee827b5a066f13ca94e2.js
static.blogto.com/static/dist/ 		250 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.blogto.com/static/dist/listings-detail-app-ee827b5a066f13ca94e2.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81a12caf8ddc6a1365b530411369c2e44dcc496074bd6957d79fa53ea9c2fc65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 05:18:14 GMT
x-amz-version-id
VcPaLvEYbY8iFhOED6YbWsItW8NVUraq
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 16:37:37 GMT
server
AmazonS3
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"c1baeb14f09e0af54c376415c8882b79"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
age
69650
x-amz-cf-id
pziFBCxpCONZsTtGDH-0BtTKfUH-617emcVnDepgOLg69gtKS7Fdqg==
gtm.js
www.googletagmanager.com/ 		204 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T24HWP4
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9fa48a13434253e43c7a1ba7d0bbf4828afd1d6081868c8338a4be5a1e2effc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75031
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 10 Oct 2023 00:39:03 GMT
css2
fonts.googleapis.com/ 		1 KB
902 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=League+Spartan&display=swap
Requested by
Host: static.blogto.com
URL: https://static.blogto.com/static/dist/blogto-app-e9e1d48a15e1b311fe334eb5e5445e8d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dcdb8c55c8e5bc637bf94e6e3b3a8014d8fa2ce825a09bffaa91ddb202750fd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 10 Oct 2023 00:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 00:39:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 Oct 2023 00:39:03 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/ 		419 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e3ef90c6df625cd4e0cb72b725bfd6f5dc98101da5eaa109fdbf9b5081cc3a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 10:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
49420
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134450
x-xss-protection
0
server
cafe
etag
18225737291834661133
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 08 Oct 2024 10:55:24 GMT
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Y8FQYHZ5SK&gtm=45je3a40&_p=563587538&cid=1981056629.1696898344&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAE&_s=1&sid=1696898343&sct=1&seg=0&dl=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&dt=Luna%20Bakery%20-%20blogTO%20-%20Toronto&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y8FQYHZ5SK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.blogto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 10 Oct 2023 00:39:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
ruEODZBpVJ8+Kd7Q3fk+NGGXER51XDc2cgfXKrmBU9cy7hovm8c34UPw+peuxB6X+G3jSgG3ZsAeAdhlSw2K1A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 09 Oct 2023 23:51:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2846
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Tue, 10 Oct 2023 01:51:38 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 09 Oct 2023 03:45:03 GMT
content-encoding
gzip
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
75241
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
Giad9Wamg8hqzN-4wWCKIhkzkyPr_pMLfc3coCLmB3d76VggfbKYBg==
b
sb.scorecardresearch.com/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=7517117&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1696898343941&ns_c=UTF-8&c3=&c4=&c5=&c6=&c15=&c7=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&c8=Luna%20Bakery%20-%20blogTO%20-%20Toronto&c9=
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:03 GMT
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
nFqnRkB6bb2HpJKvBf_BXsOXzbJ5baigbzZ5yHOB0AkQh1xQhYDvkQ==
x-cache
Miss from cloudfront
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9a00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:21:52 GMT
content-encoding
gzip
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
26232
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Lw6j6h5r7B4Vynb3jV23HgthUtO-a8yJ2_vczYhvo9kXTpSB7p8d5g==
expires
Tue, 10 Oct 2023 17:21:52 GMT
truncated
/ 		260 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
760be05035c413a0a8b4f236087a0738496e1147e7f955c3471bebe0001c417b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		332 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
211c5202d9ca4c12ec8ffc1fc2718748f961d92736b78c9383ee482063809344

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		326 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
078b2ee98beb7269ae3ea1e2b78277223b475ce904b15d959d3309a75ffcc8b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
leaguespartan-bold.woff2
static.blogto.com/static/fonts/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.blogto.com/static/fonts/leaguespartan-bold.woff2
Requested by
Host: static.blogto.com
URL: https://static.blogto.com/static/dist/blogto-app-e9e1d48a15e1b311fe334eb5e5445e8d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b56542256f067f68cd0115c9947cfdcc78da05c3b411535f82f1b75c46fd20bb

Request headers

Referer
https://static.blogto.com/static/dist/blogto-app-e9e1d48a15e1b311fe334eb5e5445e8d.css
Origin
https://www.blogto.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:08:46 GMT
x-amz-version-id
spGnucDhtZiSvpO0cHZzh63Ce9EtJITv
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
63018
x-cache
Hit from cloudfront
content-length
12584
last-modified
Wed, 13 Feb 2019 10:19:55 GMT
server
AmazonS3
etag
"3812d86fa4f162846016e03340c94427"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
iDl3T_FzEjRI7w_AqjI2tYeHQmyvhoSPCYSTorNxM2UDrFANk8gVNw==
merriweather-regular.woff2
static.blogto.com/static/fonts/ 		0
0
/
www.google.com/ Frame BC1F
Redirect Chain
  • https://googlesyndication.com/
  • https://www.google.com/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
70918
content-security-policy-report-only
object-src 'none';base-uri 'self';script-src 'nonce-nwMHk4mBkyQh_NuZ50Qhqg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Tue, 10 Oct 2023 00:39:04 GMT
expires
-1
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
220
content-type
text/html; charset=UTF-8
date
Tue, 10 Oct 2023 00:39:04 GMT
location
https://www.google.com/
server
sffe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/webp
merriweather-regular.woff
static.blogto.com/static/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.blogto.com/static/fonts/merriweather-regular.woff
Requested by
Host: static.blogto.com
URL: https://static.blogto.com/static/dist/blogto-app-e9e1d48a15e1b311fe334eb5e5445e8d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
964e6b87e7c76a069a86650b904648737a173563e099c9ca81934d02bc2fba8e

Request headers

Referer
https://static.blogto.com/static/dist/blogto-app-e9e1d48a15e1b311fe334eb5e5445e8d.css
Origin
https://www.blogto.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
Zk.3UBb9vX1k4W1GBV2ZbQysOGVTUsTM
date
Mon, 09 Oct 2023 06:01:07 GMT
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
67145
x-cache
Hit from cloudfront
content-length
18500
last-modified
Wed, 13 Feb 2019 10:19:54 GMT
server
AmazonS3
etag
"9e07eccb0f9663f30846abebdbe4bc6b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
4Vm6JCMpR3Ye9p2AfQf3MDoPd4JPTmXZd-0N7udu3E61GajEwTznYw==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7d32428e9c5952c382e8f4002f3749c82d782672fedb85652c015526385f03f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 10 Oct 2023 00:39:04 GMT
content-md5
O3hS0jJmOFaDR1U4mK5Kng==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
NEefnP61vZ+ocbe2pzK86e4Yp8StLYY/zGzmoFZ1RfsuNs0fWOFOjTU2BLUvQ+UmkdqQSgmpeC0CzbRTSkpd3g==
x-fb-content-md5
f7e0512214ecc96083b9b1990696ea4f
cross-origin-opener-policy
same-origin-allow-popups
etag
"59fc6c50100df4564e6c65b3154717bd"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 10 Oct 2023 00:43:13 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Tue, 10 Oct 2023 00:39:04 GMT
Content-Encoding
gzip
Age
1292
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27598
Last-Modified
Mon, 09 Oct 2023 20:29:49 GMT
Server
ECS (frb/67BE)
Etag
"391b7fdf0c468036f27102529636f0ca+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
/
www.blogto.com/api/v2/photos/ 		52 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blogto.com/api/v2/photos/?limit=5&listing=17295
Requested by
Host: static.blogto.com
URL: https://static.blogto.com/static/dist/blogto-lib-50a8a180fdfb36ac2e34.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.169.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-169-121.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0595424161ea863805d9b92c0e52d7aa1e3c46ec58cd8f0d6933759006a5fb74

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.blogto.com/bakery/luna-bakery-toronto/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:04 GMT
content-encoding
gzip
via
1.1 varnish-v4
x-app-server
ip-10-0-0-125
age
0
x-cache
MISS
ngx-cache-status
MISS
content-length
63
server
nginx
vary
Accept-Encoding, Cookie
allow
GET, POST, HEAD, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-methods
POST,GET,OPTIONS,PUT,DELETE
x-varnish
441733807
cache-control
max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type,*,X-Requested-With
x-cache-svr
varnish2-vpc
heart-not-animating-24.svg
static.blogto.com/static/img/icons/social/ 		620 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogto.com/static/img/icons/social/heart-not-animating-24.svg
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76d8d86da2f5b73d7a58094ba3307a1001d2b8cfa3729259e1362fde2ece3622

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:03:52 GMT
x-amz-version-id
Oue2MQgo28nRX94335U0a4CATQK_nlLQ
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
last-modified
Wed, 13 Feb 2019 10:20:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
59713
etag
"5f1d1c9878d8eb85b74838f5c0693133"
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
620
x-amz-cf-id
F0TMr_du5gNeumh4cLQZADqPlYSItB1jhmxMe-lkwD0Z80NDrVZSFQ==
todo-not-animating-24.svg
static.blogto.com/static/img/icons/social/ 		1 KB
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.blogto.com/static/img/icons/social/todo-not-animating-24.svg
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab6875ed4c1b203f3f0b89314e3ea0ca6687a9e0fa8a7463f707134486c9a0c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
mwo.qrMoLaZnZ3r2Vu22HiSaaqSZoy4o
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date
Mon, 09 Oct 2023 06:44:50 GMT
last-modified
Wed, 13 Feb 2019 10:20:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
64455
etag
W/"f369046d2ed90b24c425f4e404958984"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
h1hY1Iyitq_0kss2qKOLN_ntbsuSNyDEVStBXLrCDaiFi5F6ESS-kQ==
20230928-KathysGrill-6.jpg
media.blogto.com/listings/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/listings/20230928-KathysGrill-6.jpg?cmd=resize_then_crop&h=400&quality=70&w=600
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
47cd44d492a4e589c6c5d62e14637d8f805657af3bb8fe5d0294d764374c75fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 04:10:09 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 03:20:24 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
73735
etag
"8232d035426697882f08edc755786fdf"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
45514
x-amz-cf-id
ri01uC7FlrpKTuUgumPasXifCQqJe__vfODd0pheCQtAxSBchiuUVg==
expires
Mon, 16 Oct 2023 04:10:09 GMT
20230815-OldYorkTavern-31.jpg
media.blogto.com/listings/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/listings/20230815-OldYorkTavern-31.jpg?cmd=resize_then_crop&h=400&quality=70&w=600
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b7dcc6281435fa895e69d4a3b08c50ef3fc121828e9b765215ead6b7ed72f09c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Sat, 07 Oct 2023 22:08:44 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Sat, 07 Oct 2023 19:01:23 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
181820
etag
"a4eb8a211f2ff7783ff8d339076b8f8f"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
50112
x-amz-cf-id
7gGMqjoUBKUam20qmhripQAxIorDeZRvIckcCM1b7VIA4E2ybQN_Lw==
expires
Sat, 14 Oct 2023 22:08:44 GMT
20230921-JArthurBar-6.jpg
media.blogto.com/listings/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/listings/20230921-JArthurBar-6.jpg?cmd=resize_then_crop&h=400&quality=70&w=600
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7f1f0c01e67e3068dca57d02a59a7a122d0105cca80121f34e92d6d9e12b9eba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Oct 2023 19:17:24 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Fri, 06 Oct 2023 19:16:43 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
278500
etag
"816066b03dfed9c37a97f91830e0916a"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
57798
x-amz-cf-id
wm5gUQr_HBHsLvY3AcQcIACuYUIfBCXbg2Rr9xZcgfzZ2-IyEwK_6Q==
expires
Fri, 13 Oct 2023 19:17:24 GMT
20230926-TheBarJokbalNightMarket-10.jpg
media.blogto.com/listings/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/listings/20230926-TheBarJokbalNightMarket-10.jpg?cmd=resize_then_crop&h=400&quality=70&w=600
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b83a0656c5a202c0aba5b14950ddb6efb36414a7fa1e6431a41fadeb3e1f9bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Thu, 05 Oct 2023 17:56:07 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 17:52:15 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
369777
etag
"63be3037850b8ef14a91d05506d39fbb"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
59390
x-amz-cf-id
ReU12OjnxmQDlCWtYAZ81MbQdcDvKU1lZcXyQrxoqGCGOQM6Y8RJKQ==
expires
Thu, 12 Oct 2023 17:56:07 GMT
20230928-ShaazIndianCuisine-26.jpg
media.blogto.com/listings/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/listings/20230928-ShaazIndianCuisine-26.jpg?cmd=resize_then_crop&h=400&quality=70&w=600
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4d0c930a651c31c3e7e55fe247530b5da4f470c233fdd473ab9c168e4a331ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Tue, 03 Oct 2023 18:53:17 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Tue, 03 Oct 2023 18:53:14 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
539147
etag
"9364397a95a8a6c40c0c13e4b11827fe"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
67650
x-amz-cf-id
QGjYWernz4ypjGivIFCVtW4iha2hKBTJHO2iciK1MJwJQ7tL0LTW_Q==
expires
Tue, 10 Oct 2023 18:53:17 GMT
20230921-PragueRestaurant-11.jpg
media.blogto.com/listings/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.blogto.com/listings/20230921-PragueRestaurant-11.jpg?cmd=resize_then_crop&h=400&quality=70&w=600
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-42.fra60.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
03a88d69cc5306d553a494e56ddc317cde9c41a44b8ec5e6572d1bffe18f4995

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Sun, 08 Oct 2023 12:25:41 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
last-modified
Sun, 01 Oct 2023 12:20:11 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
FRA60-P3
age
130403
etag
"146d790ca81e6173bba673a40e37b2c4"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
51840
x-amz-cf-id
0eHOqm6QvjxYumt4_yd_gZ2R0V47ZvsNhVKhuBvPEHY9_lZRxjticA==
expires
Sun, 15 Oct 2023 12:25:41 GMT
device-load
api-2-0.spot.im/v1.0.0/ 		36 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/device-load
Requested by
Host: launcher-sa.spot.im
URL: https://launcher-sa.spot.im/spot/sp_mnhjJdcW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-46.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash
eb580236f5f05da93521702a73d1ec14ee1260eb0a8ac8b63908b2dee130efa6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:04 GMT
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-spotim-device-uuid
a7d747d2-2b89-4216-b343-76780cc75d43
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-length
36
x-guid
a7d747d2-2b89-4216-b343-76780cc75d43
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.blogto.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
UGToqLQGvxKFIe7fwj9OJpevdkrVAbLpqrwczG-gW6xnsu85_jQs0w==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher-sa.spot.im
URL: https://launcher-sa.spot.im/spot/sp_mnhjJdcW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 18:02:56 GMT
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
62536
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/html
accept-ranges
bytes
content-length
0
x-amz-cf-id
CU6Mqim4lTm8BWDwBerk6_zJORAWiCA4RhFT2nS1NQwHICss5OmIJw==
system:page_load
p2.fwpixel.com/trk/ 		2 B
143 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://p2.fwpixel.com/trk/system:page_load
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.107.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-107-242.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarygM2ggzNzEap18bAC

Response headers

date
Tue, 10 Oct 2023 00:39:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
server
openresty
content-type
text/plain
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/webp
polyfill.min.js
polyfill.io/v3/ 		155 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=AbortController%2CArray.from%2CArray.isArray%2CArray.prototype.entries%2CArray.prototype.every%2CArray.prototype.fill%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.flat%2CArray.prototype.forEach%2CArray.prototype.includes%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CArray.prototype.some%2CArray.prototype.sort%2CArray.prototype.values%2CArrayBuffer%2CBlob%2Cconsole%2CCustomEvent%2CDataView%2CDate.now%2CDate.prototype.toISOString%2Cdocument%2Cdocument.currentScript%2Cdocument.visibilityState%2CElement%2CEvent%2Cfetch%2CFloat32Array%2CFunction.prototype.bind%2CgetComputedStyle%2CIntersectionObserver%2CJSON%2ClocalStorage%2CMap%2Cmodernizr:es5object%2CMutationObserver%2CNumber.isNaN%2CNumber.MAX_SAFE_INTEGER%2CNumber.MIN_SAFE_INTEGER%2CObject.assign%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.freeze%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyDescriptors%2CObject.getOwnPropertyNames%2CObject.getOwnPropertySymbols%2CObject.isFrozen%2CObject.keys%2CObject.seal%2CObject.setPrototypeOf%2CObject.values%2CPromise%2CReflect%2CReflect.construct%2CrequestAnimationFrame%2CResizeObserver%2CSet%2CString.prototype.includes%2CString.prototype.padEnd%2CString.prototype.startsWith%2CString.prototype.trim%2CSymbol%2CSymbol.for%2CSymbol.iterator%2CSymbol.prototype.description%2CSymbol.toStringTag%2CUint16Array%2CUint8Array%2CURL%2CURLSearchParams%2CWeakMap%2CWeakSet%2CXMLHttpRequest&flags=gated&callback=_fwnRender_io
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:e00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bce778572057ee32bb544cab2e1e9b3356379a57b0666f16939bf254d99d2e68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://www.blogto.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 10 Oct 2023 00:39:04 GMT
age
0
detected-user-agent
Chrome/117.0.5938
server-timing
MISS-CLUSTER, fastly;desc="Edge time";dur=7
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
147
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/117.0.0
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
437af9604de773de6150aff27bde1800e7a469935bca76a1f6bac5adf15b8c06

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		582 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7456261de4f1cc0176d6fc11e939616420eff75243df25d2968e3dbf907b56cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		306 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1fd4758251411d8b132349243c48e9fa888e6d99e8b002ca4e7762ea704cb531

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		420 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1241163426c4ab8fb08befcd763e68f564af7812711ea98bbf5a8b2a7fc138cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		146 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c9d7693c1c890c7ef6acb44503d90e8ff96048ac861958db5145eb03e1fbf0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		451 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d93cf62fe4e9345c6babc3daad1957f801b0c56e39be078803a83900428072b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac9cf2c6d068439fdf335c59f39407a516757394c5ba7b3d275ae8524e2bd16e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		524 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcbe779ec8f02306de65b4e0bfaae4f14c3ec101f7e01bad8e0778f8186fab8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		524 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d5c1c66afc282390c76698e0d250c73310e86544eff2c7cef8c4e3e30449d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		340 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7c85eceb8c8f8da6573aa5561dd2f62ca9163296df703a231bb6ddd7e0b605a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		429 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e001aa51b4e31f78dbc6884ec502cc6c8855d8b24beffc8e071608614232e37

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		309 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c8314a496dcd259d4962b8951f563fb204fc20dee6d31768dabdd16e459cfd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		671 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
069f0fa2580bf07c83fe8ee0660687b669e38b625d0d7935e8d99f6aa55ded09

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		343 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30f35dfe26352e21674cba1debc159f8546a9ca2c5e5d5026bf91447590941b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		432 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70719b44d4bf56d563da3b9585204780fd9fe97ad312fa004a886501ee375a3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		650 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e0e9aee59a8919c4ee9af9c84bcc909203fd3ffc60e2f40166738ce95f18324

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=470149238&utmhn=www.blogto.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Luna%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-220979-1&cid=1981056629.1696898344&jid=972008797&_v=5.7.2&z=470149238
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-220979-1&cid=1981056629.1696898344&jid=972008797&_v=5.7.2&z=470149238
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-220979-1&cid=1981056629.1696898344&jid=972008797&_v=5.7.2&z=470149238&slf_rd=1&random=4124560498
42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-220979-1&cid=1981056629.1696898344&jid=972008797&_v=5.7.2&z=470149238&slf_rd=1&random=4124560498
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:04 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-220979-1&cid=1981056629.1696898344&jid=972008797&_v=5.7.2&z=470149238&slf_rd=1&random=4124560498
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
833832351168298
connect.facebook.net/signals/config/ 		131 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/833832351168298?v=2.9.132&r=stable&domain=www.blogto.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
71b557942694d032d2f95f529acadc3a764fa01e6afd8e948c459dc23437835e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 10 Oct 2023 00:39:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
34853
x-xss-protection
0
pragma
public
x-fb-debug
/p+5Pe8bS61LrpzLXemQDVfu8ZciMll9V4kpnGa+LTH/b3RYosDndToruMc50lZyNlsdWWjMoOZZqBop5Xl4ow==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
freewheel-mapping.json
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ 		14 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid.js@latest/dist/not-for-prod/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 10 Oct 2023 00:39:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11002
x-jsd-version
1.0.0
content-encoding
br
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4570-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYCSRSzSwlo0Aoh19LeiLaDIRSA5l0NXZYrbb0pG1pshnTWi%2FN9ca%2BeWGpyAf6zIkzdFYgHqGbr7dzq%2F3%2FBhz2qBkyvShKN1TvkItf2y4My61g2PRsvDpIFp5EL39uTzQ%2Blrkcnornc1N1Hpk3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
813acddf0e310394-FRA
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:04 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1171
etag
W/"7f9669464fe15e6a516c0eb693b26dbb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
813acddef8731cc9-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 13 Oct 2023 00:39:04 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		180 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=blogto.com&domain=blogto.com&path=%2Fbakery%2Fluna-bakery-toronto%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3df7ef31e8580d0dbac134e8aaa8321d2224df1c6f33cc8fd9d795cb163747ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 10 Oct 2023 00:39:04 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
140
x-served-by
cache-fra-eddf8230060-FRA
x-timer
S1696898345.832023,VS0,VE99
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sun, 08 Oct 2023 00:39:04 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2201199093601539&correlator=3905067958506220&eid=31078448%2C31078636%2C21065724&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fifs&iu_parts=70671651%2CblogTO300x250topROS&enc_prev_ius=0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696898344821&lmt=1696891144&adxs=265&adys=277&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&vis=1&psz=300x250&msz=300x250&fws=516&ohw=1600&ga_vid=1981056629.1696898344&ga_sid=1696898345&ga_hid=563587538&ga_fc=true&dlt=1696898343585&idt=1030&prev_scp=advert_position%3Dnull&cust_params=article_id%3Dnull%26article_category%3DNot%2520an%2520Article&adks=3461282252&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fb18066726ae46176c82d96903be70aa13130cfbd86c7bc6ac50303faff45f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9746
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.blogto.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 374B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:04 GMT
expires
Wed, 09 Oct 2024 00:39:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2201199093601539&correlator=3905067958506220&eid=31078448%2C31078636%2C21065724&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fifs&iu_parts=70671651%2Cblogto%2Cdesktop%2Cbakeries%2Cleaderboard_top&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x90%7C970x250%7C1x1&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696898344837&lmt=1696891144&adxs=230&adys=89&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&vis=1&psz=1140x68&msz=1140x50&fws=4&ohw=1600&ga_vid=1981056629.1696898344&ga_sid=1696898345&ga_hid=563587538&ga_fc=true&dlt=1696898343585&idt=1030&prev_scp=refresh%3Dtrue%26advert_position%3Dnull&cust_params=article_id%3Dnull%26article_category%3DNot%2520an%2520Article&adks=1715623156&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f83b11be8add7edf935e43601ad69f2b916c3b37270e4544c2a902ea91d7c2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9908
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.blogto.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2201199093601539&correlator=3905067958506220&eid=31078448%2C31078636%2C21065724&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fifs&iu_parts=70671651%2Cblogto%2CBlogTO_Teads_InArticle_OutOfPage_Desktop&enc_prev_ius=0%2F1%2F2&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696898344842&lmt=1696891144&adxs=628&adys=1766&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&vis=1&psz=707x1&msz=707x1&fws=4&ohw=1600&ga_vid=1981056629.1696898344&ga_sid=1696898345&ga_hid=563587538&ga_fc=true&dlt=1696898343585&idt=1030&prev_scp=advert_position%3Dnull&cust_params=article_id%3Dnull%26article_category%3DNot%2520an%2520Article&adks=1861015929&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8871f9b05daa2f0679fdd3584a3fa8e263ba2c7782111f964bd8992749116929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12357
x-xss-protection
0
google-lineitem-id
6228183032
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138423212906
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.blogto.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T24HWP4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:05 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 17 Oct 2023 00:39:05 GMT
gbVWQAAmASk_momently.js
s3-us-west-2.amazonaws.com/momently-static/loader/ 		535 B
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/momently-static/loader/gbVWQAAmASk_momently.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T24HWP4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.132.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
02ce50443002f8b05aca20da10ad8ab431086d00d9f54f1c622c289dc4d1a4a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Tue, 10 Oct 2023 00:39:06 GMT
Last-Modified
Mon, 20 Mar 2023 20:06:42 GMT
Server
AmazonS3
x-amz-request-id
E2MNP1KZPF0PRJWH
ETag
"d78e6cd241be137bbb1ab5e425f67077"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript; charset=utf-8
Accept-Ranges
bytes
Content-Length
535
x-amz-id-2
w691O1PMiqSmf5WD0EtYFPevpVZZHfTHnUpiFjdWhwByyB2Uo2dQWP6fKEiVepfkF99hJYuKcoM=
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/34948124/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 05:25:39 GMT
content-encoding
gzip
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jul 2023 09:10:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
69482
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
jtScN_wBmzBO0QrRfqucTGeNjg1qHwiDdwEWa6n8llMdLKAG8d5VKw==

Redirect headers

date
Tue, 10 Oct 2023 00:39:04 GMT
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
kwrmBqLRfAhyxw-Sr26x5xUh85jNN4SNq1c6FZmX_zomEjYmgS7rwA==
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CK4V0MBC77U0BUL4H4FG&lib=ttq
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.104.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-104-161.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0b96c945b1fa26301d14649d61f104e76b6f548f742ce60c7b3e36ea4e99a059

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id
30d75fb
date
Tue, 10 Oct 2023 00:39:05 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-67-40-33.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
server-timing
inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=95
content-length
1710
pragma
no-cache
server
nginx
x-tt-logid
20231010003905E34C67D15422572A5089
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
95,23.67.40.33
x-tt-trace-host
0165e47387a63d2aa752b09d3ce4dcb185d538f326f482442a895cae7df5d90cfb6f7390be467fa3c569a6a7f2978f1fc3617b0f9ba77c07d561796ea4cd40541075dbd8e81d4013263187bd5f5599b3047763073c17b2c84cdfeceefb6fe40b86
expires
Tue, 10 Oct 2023 00:39:05 GMT
js
www.googletagmanager.com/gtag/ 		276 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z46FS9DEKY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T24HWP4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f5015ee440c02bca300bca5995e7372d53ff8ed6de9da75d94aac5107832ac0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93760
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 10 Oct 2023 00:39:04 GMT
sdk.js
connect.facebook.net/en_US/ 		299 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=372ba18dd9d99239f1aec9363b26ca44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f09d039bcebf600f7ca6668936d3e817b05928d8da0bf35d149107124bea1c18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.blogto.com/
Origin
https://www.blogto.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 10 Oct 2023 00:39:04 GMT
content-md5
3KFp8NKi1B9Px29Brv49Uw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86663
x-fb-debug
GxzCvHzPYbmZxRQyu6BO2NuKHxJRPYRJnTzd2Yx1hU8bp7cmD0UXSC7vBO8Vd9HQZTPSlmeLsyH/ozDtjqRuSQ==
x-fb-content-md5
bfe19ef6d7366aaa757d128fec95ff62
cross-origin-opener-policy
same-origin-allow-popups
etag
"a68d2a746ad3d18fcb85a1b9a4ddcc7e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Tue, 08 Oct 2024 19:00:57 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=blogto.com&p=%2Fbakery%2Fluna-bakery-toronto%2F&u=aDfprCs7wN7BZwgve&d=blogto.com&g=40495&g0=Bakeries&g1=Agnes%20Ryoo&n=1&f=00001&c=0&x=0&m=0&y=18882&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&b=1785&t=BQ6FEgCBajBdmCTIkDmzU4rDyQpYS&V=141&i=Luna%20Bakery%20-%20blogTO%20-%20Toronto&tz=-120&sn=1&sv=CZApaHC0noj5DmVIp4B4gC_nDiY6u1&sd=1&im=067b0fff&_
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.77.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-77-186.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 10 Oct 2023 00:39:05 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html
platform.twitter.com/widgets/ Frame 58C3 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.blogto.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
14790
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Tue, 10 Oct 2023 00:39:04 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 09 Oct 2023 20:29:18 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6795)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
no_post
api-2-0.spot.im/v1.0.0/config/ab_test/sp_mnhjJdcW/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_mnhjJdcW/no_post
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-46.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://www.blogto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.blogto.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Tue, 10 Oct 2023 00:39:05 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
x-amz-cf-id
526RhJSQ7hx6Lbgng2grzEuBNYtCLiIlsv7N7IJY6NA0smdMd_yZLQ==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
events
direct-events-collector.spot.im/api/v2/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher-sa.spot.im
URL: https://launcher-sa.spot.im/spot/sp_mnhjJdcW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-6.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 10 Oct 2023 00:39:05 GMT
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
LcsD61jgJByAOvaq1jXE6bE9Gq5z15MMMFK-JzqruJ_vO00Wd1oCAw==
x-cache
Miss from cloudfront
no_post
api-2-0.spot.im/v1.0.0/config/ab_test/sp_mnhjJdcW/ 		147 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_mnhjJdcW/no_post
Requested by
Host: launcher-sa.spot.im
URL: https://launcher-sa.spot.im/spot/sp_mnhjJdcW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-46.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash
43177c0da7d5c1d00724bc555f5714efddbc14722f6d4ac54829eb3bf3003632
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.blogto.com/
x-spotim-device-uuid
a7d747d2-2b89-4216-b343-76780cc75d43
x-spotim-page-view-id
1e6e2174-2a67-4dd9-840b-9ec0c571ce56
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:05 GMT
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-length
147
x-request-id
6a5b391f-6705-11ee-901d-26ad57e15fee
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.blogto.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
JkKDvvXWYL-2vrhg96MXhF6nR3qkF-sa9OmhvvVb9X-2yUx7i0jxOg==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=833832351168298&ev=PageView&dl=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&rl=&if=false&ts=1696898345032&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696898345030.2138698304&ler=empty&it=1696898344674&coo=false&exp=a1&rqm=GET
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 10 Oct 2023 00:39:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
web
onesignal.com/api/v1/sync/b9950f9f-a70d-41ac-8bbf-38890d6ca4d7/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/b9950f9f-a70d-41ac-8bbf-38890d6ca4d7/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
387a8fc487fc3d10c734b00079b652de1271bef8dff6fcb766882e77adb62549
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:05 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
701176ad-db9c-45c6-8b6a-401b1e4daa23
x-runtime
0.041132
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"387a8fc487fc3d10c734b00079b652de"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
813acde149d31cc9-FRA
access-control-allow-headers
SDK-Version
expires
Tue, 10 Oct 2023 01:39:05 GMT
settings
syndication.twitter.com/ Frame 58C3 		869 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=b13fb71e0906d7de860645d2e9dfbba490904896
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.blogto.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time
103
date
Tue, 10 Oct 2023 00:39:04 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Tue, 10 Oct 2023 00:39:05 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
550d1539c133d2bc
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
26d4215a0bd6dbd3312a8bb21c52cfde989437a920141138726cb6f611c6a716
content-length
337
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-Z46FS9DEKY&gtm=45je3a40&_p=563587538&_gaz=1&cid=1981056629.1696898344&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696898345&sct=1&seg=0&dl=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&dt=Luna%20Bakery%20-%20blogTO%20-%20Toronto&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z46FS9DEKY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.blogto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
108 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Z46FS9DEKY&cid=1981056629.1696898344&gtm=45je3a40&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z46FS9DEKY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.blogto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Z46FS9DEKY&cid=1981056629.1696898344&gtm=45je3a40&aip=1&z=866585866
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-gTmyTcsbfANDJ.js
rules.quantcount.com/ 		160 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-gTmyTcsbfANDJ.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fca1e63ba63c621bd26786262371a997c68e26819b1a468bd4343b93937687d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:05 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
611
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 06:33:31 GMT
server
AmazonS3
etag
"41be3577d08312b0385f20abaf931acf"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
lNtL6HMmlVq4j0RkLCYnyxkOnuI1zc4TFiD_0FgQLNoXKzhLIEjVRw==
8747-3d6ef8cb562e1b9a841c.js
asset.fwcdn3.com/js/chunks/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwcdn3.com/js/chunks/8747-3d6ef8cb562e1b9a841c.js
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
743d23a83f13080779947faf2b8ed4857bb9d0980c23e44678aa2df2a65386ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:08:38 GMT
x-amz-request-id
CE4S84GWGAB0HY9A
age
16227
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5471
x-amz-id-2
8WBTwlLf1XrM9PvR9CQ+0aiZtW1LELaiYWzLPqIyJ36Btv7iOR1d8ew1U1CrT8chK7VfgYMbA5E=
last-modified
Mon, 09 Oct 2023 20:05:01 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"c8189fa44f19dd571909a2c5861c7bca"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
7723-535140a941f2ce750a8f.js
asset.fwcdn3.com/js/chunks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwcdn3.com/js/chunks/7723-535140a941f2ce750a8f.js
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
22faf336d6a4ffc65e2b4c703d4c01056cdbdfe1af67e83a954274fc7bdb77a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:08:38 GMT
x-amz-request-id
CE4V30EAGQVV2S7B
age
16227
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2524
x-amz-id-2
2eHbyW8DvNUVs6W1ZABHGQNbzXnji2Y3qx5uJ3QJHrt/AOFkyPiamf0M3P3yVCeNkaVroMltlwO3MKBLG0MjBg==
last-modified
Mon, 09 Oct 2023 20:05:00 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"2fe2c35b885eac9cb4d63e86ad7585e9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
8532-a2fb2f5fe1f303438556.js
asset.fwcdn3.com/js/chunks/ 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwcdn3.com/js/chunks/8532-a2fb2f5fe1f303438556.js
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
4649d635fc0e0761db66bd0542d8671bf6f6fccfb2b9668bf6fefaaffa9cd65f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:08:37 GMT
x-amz-request-id
DF91K1EKXTWVMWBD
age
16228
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37185
x-amz-id-2
A5JjuIgDu9zBU8KOlY+LM14d6hd+C1hEhS7xPQeo+HXxWAzyO/qWXLtYAYYYtnmK3LC7ln60RwQ=
last-modified
Mon, 09 Oct 2023 20:05:00 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"9551b27da76c1d6161907c5055b3a8a9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
248-e8a41c6a2b6f16be9209.js
asset.fwcdn3.com/js/chunks/ 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwcdn3.com/js/chunks/248-e8a41c6a2b6f16be9209.js
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
2ab18b4ed2b880165b454d2f5c3e9783d7eea3a8e090502e49f4a8281041e965

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:08:38 GMT
x-amz-request-id
CE4R16ABWYDCQ150
age
16227
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13209
x-amz-id-2
/7anRmMw3pEC2W4InDYP99UsvW0bHRCPANzBCEIpJkRSnXYLU4bbsQqXM7UIjOcM+0OpqIirK78=
last-modified
Mon, 09 Oct 2023 20:04:59 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"fd6d4a0bab64c4806c99878972d271df"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
3439-e84733c946152d675c59.js
asset.fwcdn3.com/js/chunks/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwcdn3.com/js/chunks/3439-e84733c946152d675c59.js
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
ed4d586ee6f39350c8d3c9f4d28fe03707c737f2565e0c4b91c2bb665677af12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:08:38 GMT
x-amz-request-id
CE4YRW4ZZPQ1C4XP
age
16227
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1307
x-amz-id-2
MKZ9Yo0fCS5/MqW8IkuOvpoljA3UriJmxkVKyrIkY2keG4x8LCebyGG94sU3QK5PJkAuCBoG7g0=
last-modified
Mon, 09 Oct 2023 20:04:59 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"1cbe0c962f3d0908b4f89acf17f5d329"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
5468-be9497d881a9b4d216f1.js
asset.fwcdn3.com/js/chunks/ 		145 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwcdn3.com/js/chunks/5468-be9497d881a9b4d216f1.js
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
8fc89f7dfdbbb53e1206c74da9b618a6f93bba6521d7accf89d005589c907c0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:08:38 GMT
x-amz-request-id
CE4Z5MRYVW2JVW1Z
age
16227
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45807
x-amz-id-2
Yzc81JCHj+Ab8xzCBbnB5Q639bXNplsPqbNIpLrwUMwuWQEaFW5JG1F66O0L6n9mm4LvKwMCVXE=
last-modified
Mon, 09 Oct 2023 20:05:00 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"2125ef1462786889c7a34a649da80759"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
8331-b1d9f3a10c61271bd382.js
asset.fwcdn3.com/js/chunks/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwcdn3.com/js/chunks/8331-b1d9f3a10c61271bd382.js
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
5862a40771dfb77dcd3b253b53a19aa19d9e7c47d4a06bc283ac7c57a4b7af2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:08:38 GMT
x-amz-request-id
CE4PAR4B17S86YPJ
age
16227
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6068
x-amz-id-2
nObdeeRAWeqlu1Z/Uvx2v0pRsUHF73aw6peoy13KnIsXYFkJnGqatIyHurL0o9aHYUuDKQ8a3wY=
last-modified
Mon, 09 Oct 2023 20:05:00 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"8b181dd21f8dca0ead32cba9b5532f79"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
3119-20662e59344f02d287ee.js
asset.fwcdn3.com/js/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwcdn3.com/js/chunks/3119-20662e59344f02d287ee.js
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
f9f1da66dcb2ea5d6555967c329a1df7e1d7d8d3c3a37129fdb6762312e78715

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:08:38 GMT
x-amz-request-id
CE4GVX2AQRPA6RVR
age
16227
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3678
x-amz-id-2
DrFtQNsQ3Fn0AWJRsxMvs1aEJf5+5TdiIHKwKkmSLac3RiVfR0Kl0Qhl6HFDQU42LXsJNoIwJpE=
last-modified
Mon, 09 Oct 2023 20:04:59 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"33c8e22fc79128ce4660ae5a6a480a5d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
3504-d09a1f9d1b7f05584fc5.js
asset.fwcdn3.com/js/chunks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwcdn3.com/js/chunks/3504-d09a1f9d1b7f05584fc5.js
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
d078e14db3212424bf96b19b3670ccfbe56b10d080f0b628de33670588b1737b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:08:37 GMT
x-amz-request-id
DF96W1EW4ZS6EZ6X
age
16228
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2461
x-amz-id-2
qL9CGN8AGLLe16Ekf9rZM8U1IQXQAd1opTwJnXUB+egVVM7XJvJbH04fGslzkT0Z1vVFDIiMeQo=
last-modified
Mon, 09 Oct 2023 20:04:59 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"68627de3a1decf2a8217e978afe79997"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
4400-38716c6779f1b1752ca4.js
asset.fwcdn3.com/js/chunks/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwcdn3.com/js/chunks/4400-38716c6779f1b1752ca4.js
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
2487528f549e07da1ef9f87e0ef32beddba1d839f9a2058e7455fd177f02a853

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:08:37 GMT
x-amz-request-id
DF9941WKEDJN2YV5
age
16228
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1931
x-amz-id-2
X69cDNgh9Tv6/oMLOWNBxiFVUCFnZyVRPyLYR00DP4bmic8zy9av4ixtcQngqLGpCTlnAJ51XPI=
last-modified
Mon, 09 Oct 2023 20:04:59 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"8630c15e159e039a8458765ba5ac9c80"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
3415-557c3e3e077c52cab0b8.js
asset.fwcdn3.com/js/chunks/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwcdn3.com/js/chunks/3415-557c3e3e077c52cab0b8.js
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
23d9eea584ebae7bfd4e41df1187e975547b9819804df73db54d7026a6f2579e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:08:38 GMT
x-amz-request-id
CE4TBY6PA5BGDCQ7
age
16227
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-amz-id-2
g/PMU2UN2sp0DXk4WI/7Ya1c4L12gdtXNqRO4EFkggkyBti9DNbNVZPdMcXOCfkT5vJdzbh8R4ZxzbjDVjv4vw==
last-modified
Mon, 09 Oct 2023 20:04:59 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"9e56e0ae01683230ebfe00e85ea4ad33"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
2237-e37539b6bda8cdf7a275.js
asset.fwcdn3.com/js/chunks/ 		82 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwcdn3.com/js/chunks/2237-e37539b6bda8cdf7a275.js
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
16535deee5386a7bd6187aa2cdd631f3fafbc46db78c260fd95700f7512b7a6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:08:37 GMT
x-amz-request-id
DF952VS0VG2PZDTC
age
16228
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26088
x-amz-id-2
XISLqVPgu7h32J5k6co+LY17Ncz7NoqKw0ZZoCOM3duD2qCHT8m0NdF0abwUIp2b1EnQtEGeQNc=
last-modified
Mon, 09 Oct 2023 20:04:59 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"ad99adb984ce896e16021ec3029ca963"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
6673-25c27a3ce63cbe2749ea.js
asset.fwcdn3.com/js/chunks/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwcdn3.com/js/chunks/6673-25c27a3ce63cbe2749ea.js
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
b08ee4f76b058a3366c880dfa532b787e9688628e70d274315f5b54047f0751a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:08:37 GMT
x-amz-request-id
DF9315BZBT6YCH7J
age
16228
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10926
x-amz-id-2
fgLRn6OwFgiA9L1ekCqTl1a+A8+xxRkit/hM66wOBUEqNyV+uacOnrAOhBQyBpnTFFgfPzU8kW0=
last-modified
Mon, 09 Oct 2023 20:05:00 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"a19cb79765a3b69f901a61c8d4208c52"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
1065-48a1f855e91b32c352b8.js
asset.fwcdn3.com/js/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwcdn3.com/js/chunks/1065-48a1f855e91b32c352b8.js
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
8374977b079d19ee5ec4f69a9aef62152cc6c0c4f39c4a3809d8e3bf2922bbc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:08:37 GMT
x-amz-request-id
DF99JM9NHKQNSPZW
age
16228
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2124
x-amz-id-2
jExoiweyib4UWrG5tDoqohksYJvfcVXOkDFeZGXWq7FTcgby+U64IX0Gy+9291iWopC+9DWTEeM=
last-modified
Mon, 09 Oct 2023 20:04:59 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"3000eea87798070b72907a559c833ae5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
videoplayer-a1d940e5ddd05e93ce1f.js
asset.fwcdn3.com/js/chunks/ 		309 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asset.fwcdn3.com/js/chunks/videoplayer-a1d940e5ddd05e93ce1f.js
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
5801870e6b4db1a649de08f8f8d09e35e53787fe1ab611e79b2deade128e79ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:08:37 GMT
x-amz-request-id
DF9CW7QSYW72E6NQ
age
16228
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87403
x-amz-id-2
JUfY3sxBAnLI2sVHDuFZ/stRS2fQMgYLQJklqaZ6xYiLu5at8huUOIkEcIYOFJ1ctw75Xiy0uE4=
last-modified
Mon, 09 Oct 2023 20:05:01 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"501ba5ff777101e281d89d1d50c28400"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
truncated
/ 		668 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b1c04ef107237523cb7b3d130bee53a510afd282d540d5267a45b64045d8ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
share_button.php
www.facebook.com/v2.5/plugins/ Frame 27F1 		43 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/share_button.php?app_id=100616073343311&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df39aa4d3feb0bc8%26domain%3Dwww.blogto.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogto.com%252Ff29da18de8ceb9%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&layout=button_count&locale=en_US&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=372ba18dd9d99239f1aec9363b26ca44
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
12df823ffd0780b75681323619a3289ce81323d0aa5a022766699c6acde1050a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:05 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v12.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
shFDrLcWfwqKYqt1X+EfVZkrbbMJdNmgkoa2quToxtEJhzSKnJsDHQlWMlVNIsJ1H4NsmgL0vYH6ZAX83bfhbQ==
x-xss-protection
0
comments.php
www.facebook.com/v2.5/plugins/ Frame A536 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/comments.php?app_id=100616073343311&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2db8e31f1f1578%26domain%3Dwww.blogto.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogto.com%252Ff29da18de8ceb9%26relation%3Dparent.parent&container_width=0&count=true&height=100&href=http%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&locale=en_US&sdk=joey&version=v2.5&width=550
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=372ba18dd9d99239f1aec9363b26ca44
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 10 Oct 2023 00:39:05 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
iZOVQWvQOuzllxRZtBvcJjx4ff6TUz3+wrxnb6muXEI+FjQqkvBrFxdb4DPpF7iT/gBfI3XIAM3i4nw0FDitnA==
x-frame-options
DENY
x-xss-protection
0
comments.php
www.facebook.com/v2.5/plugins/ Frame 3025 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/comments.php?app_id=100616073343311&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1032ca5527f694%26domain%3Dwww.blogto.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogto.com%252Ff29da18de8ceb9%26relation%3Dparent.parent&container_width=740&height=100&href=http%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&locale=en_US&numposts=4&sdk=joey&version=v2.5&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=372ba18dd9d99239f1aec9363b26ca44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 10 Oct 2023 00:39:05 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
sbQTti0bomr2p3PB9saRGbk8zZvmwYC5ImTy8AAg/R1qLX4Z7vNWM1Ih7RErEOndroiv14OQc4bAyHGD4GI39Q==
x-frame-options
DENY
x-xss-protection
0
/
www.facebook.com/login/ Frame 53D9
Redirect Chain
  • https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=100616073343311&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c6...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D100616073343311%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D100616073343311%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3c6beb97b9618%2526domain%253Dwww.blogto.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.blogto.com%25252Ff29da18de8ceb9%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fblogto%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=372ba18dd9d99239f1aec9363b26ca44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 10 Oct 2023 00:39:05 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
rPythiFKRFKZ1MtqhZ93lwSZRuaH+pl4OMxdFI9Plh5ZEgextIw15JDJdmc4Xb87fWbpKh+w8TIJKzKF0YAEZQ==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:05 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v12.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D100616073343311%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3c6beb97b9618%2526domain%253Dwww.blogto.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.blogto.com%25252Ff29da18de8ceb9%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fblogto%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D300
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
priority
u=0,i
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
3QWLlMYyFab63WLyyQvcczwrtIJDTXNksRNxQ/9fUXV4kREa8aNSpa+dydG9mRKARwKEyOvZjGhTCPdqKyRF5g==
x-xss-protection
0
main.MWQ0NWRkZTlhMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		389 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CK4V0MBC77U0BUL4H4FG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.104.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-104-161.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id
30d76a7
date
Tue, 10 Oct 2023 00:39:05 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202309211453038AFB77A1E36A474A963B
vary
Accept-Encoding
x-cache
TCP_HIT from a23-67-40-33.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01e94c84abdee5d1278a4ae97d9636465917ec86e6bcf596c39ed6a0aa0e8686f649ee881fa7f4f70438c937fe1c5d75e86596eda78873003d6bdb5f31911620e593a3007cf6956b642f5de358ed5c1b371295f2a19e0eea11ca833f52d6d65050
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
102774
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=34948124&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1696898345374&ns_c=UTF-8&c7=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&c8=Luna%20Bakery%20-%20blogTO%20-%20Toronto&c9=
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:05 GMT
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
bBMrh1nbiTNhMWl7D8CbQG6zjq8F-SBPfSGaKGhnfMkW7RlxF8oI3A==
x-cache
Miss from cloudfront
blogto
fireworkapi1.com/embed/v2/channels/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fireworkapi1.com/embed/v2/channels/blogto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.blogto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
PUT, PATCH, DELETE
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
content-length
0
content-security-policy
default-src 'none';
date
Tue, 10 Oct 2023 00:39:06 GMT
server
Cowboy
x-request-id
F4yYDiUvgq--waUKDGRC
ad_setting
fireworkadservices1.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fireworkadservices1.com/api/ad_setting?playlist_id=5m8Zbv&ad_target_platform=desktop_web&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.blogto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
PUT, PATCH, DELETE
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
content-length
0
content-security-policy
default-src 'none';
date
Tue, 10 Oct 2023 00:39:06 GMT
server
Cowboy
x-request-id
F4yYDiUWUJAEk1EJy6YD
feeds
fireworkapi1.com/embed/v2/playlists/5m8Zbv/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fireworkapi1.com/embed/v2/playlists/5m8Zbv/feeds?page_size=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.blogto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
PUT, PATCH, DELETE
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
content-length
0
content-security-policy
default-src 'none';
date
Tue, 10 Oct 2023 00:39:06 GMT
server
Cowboy
x-request-id
F4yYDiUxnEI4heoHFbvE
ad_setting
fireworkadservices1.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fireworkadservices1.com/api/ad_setting?playlist_id=5m8Zbv&ad_target_platform=desktop_web&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.blogto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
PUT, PATCH, DELETE
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
content-length
0
content-security-policy
default-src 'none';
date
Tue, 10 Oct 2023 00:39:06 GMT
server
Cowboy
x-request-id
F4yYDiUZyWXGVy8K77lB
blogto
fireworkapi1.com/embed/v2/channels/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fireworkapi1.com/embed/v2/channels/blogto
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
e57e4530e1485e779cf6831af4f943e87f0c2f6b9c73a5a3218cc265a96cefcb
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

accept
application/json
Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type
application/json

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-security-policy
default-src 'none';
content-encoding
gzip
server
Cowboy
vary
accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
788
x-request-id
F4yYDi7Xr7812CwKPKtB
ad_setting
fireworkadservices1.com/api/ 		1 KB
904 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fireworkadservices1.com/api/ad_setting?playlist_id=5m8Zbv&ad_target_platform=desktop_web&
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
9ae93204e6f56e5165c67884e09048f19fca83cfb6c8302098328a6f3ad00a7c
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-security-policy
default-src 'none';
content-encoding
gzip
server
Cowboy
vary
accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
607
x-request-id
F4yYDkAguACeWC4GxXbE
feeds
fireworkapi1.com/embed/v2/playlists/5m8Zbv/ 		46 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fireworkapi1.com/embed/v2/playlists/5m8Zbv/feeds?page_size=10
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
44106fd9db6e577cf179be391a2b6feaa199b3cad396f157569737cc5a392ee0
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

accept
application/json
Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type
application/json

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-security-policy
default-src 'none';
content-encoding
gzip
server
Cowboy
vary
accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
4519
x-request-id
F4yYDi7UU-ho6_8JUncD
ad_setting
fireworkadservices1.com/api/ 		1 KB
903 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fireworkadservices1.com/api/ad_setting?playlist_id=5m8Zbv&ad_target_platform=desktop_web&
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
9ae93204e6f56e5165c67884e09048f19fca83cfb6c8302098328a6f3ad00a7c
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-security-policy
default-src 'none';
content-encoding
gzip
server
Cowboy
vary
accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
607
x-request-id
F4yYDkAfqCsZnV8KqLpB
feeds
fireworkapi1.com/embed/v2/playlists/5m8Zbv/ 		46 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fireworkapi1.com/embed/v2/playlists/5m8Zbv/feeds?page_size=10
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
4d012e48d01bafe1ad92cce8c15a0395b3e61cf13255fc9411983e72cd04b2c0
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

accept
application/json
Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type
application/json

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-security-policy
default-src 'none';
content-encoding
gzip
server
Cowboy
vary
accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
4504
x-request-id
F4yYDi5tXB_P3jgKla5B
feeds
fireworkapi1.com/embed/v2/playlists/5m8Zbv/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fireworkapi1.com/embed/v2/playlists/5m8Zbv/feeds?page_size=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.blogto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
PUT, PATCH, DELETE
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
content-length
0
content-security-policy
default-src 'none';
date
Tue, 10 Oct 2023 00:39:06 GMT
server
Cowboy
x-request-id
F4yYDiUwtZJfzfIGFiSE
ads-independent.js
static-cdn.spot.im/production/ads/tags/v22.5.0/ads-independent/ 		216 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.5.0/ads-independent/ads-independent.js
Requested by
Host: launcher-sa.spot.im
URL: https://launcher-sa.spot.im/spot/sp_mnhjJdcW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-54.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19103b4bf312768c55bd121f684b49e8a85008ada61ed982a4873323b504a9b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 05:29:11 GMT
x-amz-version-id
laTNzmUr3_zq2Z8qO4cEXgwp4D6ThBKZ
content-encoding
br
last-modified
Tue, 19 Sep 2023 07:59:07 GMT
server
AmazonS3
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"68136d9a44becb0dd2cfa78bd20d6679"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
age
68995
x-amz-replication-status
COMPLETED
x-amz-cf-id
bKofYM-xsK7Wq6m1JjctX9JHptUwldvbTTKw49oozIJUYy_TEh31vQ==
ads-independent.css
static-cdn.spot.im/production/ads/tags/v22.5.0/ads-independent/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.5.0/ads-independent/ads-independent.css
Requested by
Host: launcher-sa.spot.im
URL: https://launcher-sa.spot.im/spot/sp_mnhjJdcW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-54.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
090b801ac43b5eb383164481cc4138c9e77b48515ffbe82b6cea2a3dbaf39f1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 05:01:29 GMT
x-amz-version-id
M.z2djyDLZJsnBkvM7bMissXjWTv8zAd
content-encoding
br
last-modified
Tue, 19 Sep 2023 07:59:07 GMT
server
AmazonS3
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"2d3e70599ac2d9cf1f69020d10f6bd49"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
age
70657
x-amz-replication-status
COMPLETED
x-amz-cf-id
N2efGRmGL730vLLX7IpHKTfNm2HaT4knqWormC3W6Q-W6HC29FRPvQ==
pixel;r=633156625;source=gtm;rf=0;a=p-gTmyTcsbfANDJ;url=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F;uht=2;fpan=1;fpa=P0-1170434163-1696898345273;pbc=;ns=0;ce=1;qjs=1;qv=44310d19-...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=633156625;source=gtm;rf=0;a=p-gTmyTcsbfANDJ;url=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F;uht=2;fpan=1;fpa=P0-1170434163-1696898345273;pbc=;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=blogto.com;dst=1;et=1696898345406;tzo=-120;ogl=site_name.blogTO%2Curl.http%3A%2F%2Fwww%252Eblogto%252Ecom%2Fbakery%2Fluna-bakery-toronto%2F%2Ctitle.Luna%20Bakery%2Cimage.https%3A%2F%2Fmedia%252Eblogto%252Ecom%2Flistings%2F20230724-LunaBakery-31%252Ejpg%3Fw%3D1200%26cmd%3Dresize_t%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cdescription.Luna%20Bakery%20is%20a%20Korean%20bakery%20and%20cafe%20located%20on%20a%20busy%20strip%20of%20Yonge%20St%252E%20in%20%2Ctype.business%252Ebusiness%2Clatitude.43%252E7745528%2Clongitude.-79%252E41454440000001;ses=c600fac9-ac8b-483e-bf62-2e0b191467e1;mdl=
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
button.13c48d2966337fafa1c1eb5533fdf29d.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.13c48d2966337fafa1c1eb5533fdf29d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Tue, 10 Oct 2023 00:39:05 GMT
Content-Encoding
gzip
Age
14793
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2617
Last-Modified
Mon, 09 Oct 2023 20:29:15 GMT
Server
ECS (frb/67BE)
Etag
"def6f3052007521ae22a38b870dfd318+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame 27F1 		272 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=100616073343311&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df39aa4d3feb0bc8%26domain%3Dwww.blogto.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogto.com%252Ff29da18de8ceb9%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&layout=button_count&locale=en_US&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-fb-debug
Q+8n/fqGoCstFE+8iX62FRQdrNzd5q506kN4aU5clfRW+Xhln1hMVeZReaudzYp0fwc8nNc49NwTMu0YpKkPXA==
date
Tue, 10 Oct 2023 00:39:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
272
expires
Wed, 02 Oct 2024 23:13:41 GMT
identify_7dd78.js
analytics.tiktok.com/i18n/pixel/static/ 		134 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.104.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-104-161.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id
30d7705
date
Tue, 10 Oct 2023 00:39:05 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202309071529201AEE598441AFABB396C9
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-67-40-33.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01cd3c81413cdeb416500b7f9893673dfe341ba52473e142fafb1eb6d4093ed48f42f59b5e47acd15577840d45191b29b310c247440148230967fc70b528287057de44b00b3626baadadfcdc5f224887832a4b0d61ef939aadf2bb5b81e057a045
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
35662
pixel
analytics.tiktok.com/api/v2/ 		0
790 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.104.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-104-161.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
6bddb4b.30d7713
date
Tue, 10 Oct 2023 00:39:05 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-67-40-33.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time
158,23.67.40.33
server-timing
cdn-cache; desc=MISS, edge; dur=109, origin; dur=56, inner; dur=50
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231010003905E2E7346987A4BD2BADCB
x-cache-remote
TCP_MISS from a23-220-104-212.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
56,23.220.104.212
x-tt-trace-host
0165e47387a63d2aa752b09d3ce4dcb1852e6c37609a717c7016073c0683d5720a6d10c7f3da5d9b1695b6175443a9798991418faef93cf82b5ee485f7d45a7255ebef16959ae11ee43f9eab71fdfb9f9f930324cdc421aaa2ed99b5208d049726a832b2c89d3b8726c403708e7f44279a
access-control-allow-headers
Authorization,*
expires
Tue, 10 Oct 2023 00:39:05 GMT
DPyYT2RpcN9.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yt/l/en_US/ Frame 27F1 		522 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yt/l/en_US/DPyYT2RpcN9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=100616073343311&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df39aa4d3feb0bc8%26domain%3Dwww.blogto.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogto.com%252Ff29da18de8ceb9%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&layout=button_count&locale=en_US&sdk=joey
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46c4a807a44b06fea1ec016132365b39deb80ad5d5b24631c61d60a9a7052e9f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
KkCgFhyXOQybVh6KDDbX0A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
137910
x-fb-debug
tX+xn7xTB5l+fAwO9i6pdsWqYjOqSQDMciJzl2CIVN8UpVe3t7JODENZhXzIxFYETflkM/xgslpYIZv4uNbVjw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 05 Oct 2024 19:13:15 GMT
tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html
platform.twitter.com/widgets/ Frame 0853 		34 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
856377fde78e4bdc57703db6457f6e243db704c135a4829e1951185173cec9b7

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
14794
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12585
Content-Type
text/html; charset=utf-8
Date
Tue, 10 Oct 2023 00:39:05 GMT
Etag
"8c8e58156094069be7351386d79afb40+gzip"
Last-Modified
Mon, 09 Oct 2023 20:29:17 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67BE)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html
platform.twitter.com/widgets/ Frame D7CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
14794
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12585
Content-Type
text/html; charset=utf-8
Date
Tue, 10 Oct 2023 00:39:05 GMT
Etag
"8c8e58156094069be7351386d79afb40+gzip"
Last-Modified
Mon, 09 Oct 2023 20:29:17 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67BE)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22blogTO%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1696898345655%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=b13fb71e0906d7de860645d2e9dfbba490904896
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time
105
date
Tue, 10 Oct 2023 00:39:05 GMT
strict-transport-security
max-age=631138519
last-modified
Tue, 10 Oct 2023 00:39:05 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
288022afe21cd9bd
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
26d4215a0bd6dbd3312a8bb21c52cfde989437a920141138726cb6f611c6a716
content-length
43
embeds
syndication.twitter.com/i/jot/ 		43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22blogTO%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1696898345656%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=b13fb71e0906d7de860645d2e9dfbba490904896
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time
112
date
Tue, 10 Oct 2023 00:39:05 GMT
strict-transport-security
max-age=631138519
last-modified
Tue, 10 Oct 2023 00:39:05 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
689d0d76d5fc70e3
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
26d4215a0bd6dbd3312a8bb21c52cfde989437a920141138726cb6f611c6a716
content-length
43
container.html
3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3027 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:04 GMT
expires
Wed, 09 Oct 2024 00:39:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
momently.js
s3-us-west-2.amazonaws.com/momently-static/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/momently-static/js/momently.js
Requested by
Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/momently-static/loader/gbVWQAAmASk_momently.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.132.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
0aaaceb366990eedec33d0da514f76c8b20a7ed698e5b92d921bdc37ee25a1fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Tue, 10 Oct 2023 00:39:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Nov 2022 04:47:02 GMT
Server
AmazonS3
x-amz-request-id
E2MH27F6FP45D1VM
ETag
"a940c3b8480ea510e4f0ff2398744d6b"
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
7715
x-amz-id-2
jUL9lr2m60X/jPSa4X1dYCiwAYjFElniixlRaV7AAr4iulE/stbcBNpTweY3+/X6aIXl6y789xI=
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_mnhjJdcW/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_mnhjJdcW/v2
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.5.0/ads-independent/ads-independent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-46.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash
b23543d16101531b886bae44aeecc20f0e1782e9ed31fdbcf295fa9c93602af5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-guid
a7d747d2-2b89-4216-b343-76780cc75d43
x-post-id
no_post
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
x-spot-id
sp_mnhjJdcW
x-spotim-page-view-id
1e6e2174-2a67-4dd9-840b-9ec0c571ce56
Referer
https://www.blogto.com/
x-access-token
null

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-encoding
gzip
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
x-request-id
6adc5baf-6705-11ee-8d80-3a19a5990507
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.blogto.com
access-control-expose-headers
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
x-amz-cf-id
hJ7sgbE8MfsfF2mHlZSA3e9d_sp2XhR5k6XFGxyLg6MGh6FvMfXIdw==
truncated
/ Frame 0853 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml
act
analytics.tiktok.com/api/v2/pixel/ 		0
786 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.104.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-104-161.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
7e1fb0c.30d776e
date
Tue, 10 Oct 2023 00:39:05 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-67-40-33.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
x-parent-response-time
186,23.67.40.33
server-timing
cdn-cache; desc=MISS, edge; dur=104, origin; dur=92, inner; dur=75
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231010003905371383AD827019309569
x-cache-remote
TCP_MISS from a23-220-104-202.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
92,23.220.104.202
x-tt-trace-host
0165e47387a63d2aa752b09d3ce4dcb1852e6c37609a717c7016073c0683d5720a67b803edc8a52ca95c4e1ad2173295b64c392cafe806619dc4a1aee746ba84b2f96a2d5fe2448e6bb67bc7de01a785da11a0e62199481eae7b0bbfaaced229a4169633b2fe47bce5b943491ddcb38bd1
access-control-allow-headers
Authorization,*
expires
Tue, 10 Oct 2023 00:39:05 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3B78 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJGK8KlhJI5GSVpeXL1n_SA7Wm8ML611rhHCpfTbWqC12fwgP99CumEnUsdVh-4CFb4pnMZzRhKxqn3fbDt31gUwKDmKAMHEtSXGLMhVnmwnbz_m7ZnIg31WJuBeCOyrKH1h6KVDBaDm4DiKOh2CMDNLB2Mk4Ta2bOESe5Hm_OyPim07EqU0rQxDfGTwc2lN1ahg1lH4hN5dcx1AhuFfVKtE-MRcZJGU8-wTzDFWHNsblVzq77Dyu2p8pIDudEZf24tfTbVrrRb6j9ZVmtV9gUCxi0G160j1hUvyqx9tg_6MLwdqZaApUqpSyO-NWquo7KyhESb89H2luBr1W8sNfelIdT7CvjqFRXvkTsLBv8eODcWD3CtQ&sai=AMfl-YSiEEgvwlzCmxuqFppQLiZa7Tc7_2ts84TAWNwV9lbka5BiTl9FgB16acyjZHL1kNGeWDYOln6Ktz6DAN09hLiCiL2YxXd1srsDFV3kqdYHdk_Ca5d_TcOoXju24TbaXwKiZjgXH6dwCmuvD7-f&sig=Cg0ArKJSzDbsdSRgqEHmEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 10 Oct 2023 00:39:05 GMT
tag
a.teads.tv/page/154121/ Frame 3B78 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/154121/tag
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
343cdcef906fe4982aafcc55a8b6a2df176b9067dbc44ef7cc7da620fca7c10e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, no-store
access-control-allow-credentials
true
content-length
1271
expires
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3B78 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696851335058330"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 00:39:05 GMT
container.html
3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7DB4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:04 GMT
expires
Wed, 09 Oct 2024 00:39:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_mnhjJdcW/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_mnhjJdcW/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-46.fra56.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-access-token,x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://www.blogto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.blogto.com
access-control-expose-headers
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Tue, 10 Oct 2023 00:39:05 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
x-amz-cf-id
MdEwxz3wRMX-E6u5dREQ4mh4T7jlFYXucpOaOT5N0JXW3ygFMSsEGw==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
pixel
googleads.g.doubleclick.net/xbbe/ Frame DBE4 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGL_tr-kBMAE&v=APEucNXF_FxdJZ6Fcr7caotsbouyhvh4x-nmTpYTsThwWKazr9sIYUI03_DDhNvUazfqI11sNdk6QxUZQmY4QWSf3O1G1y9AmEXgJlmCIzyA4fz8waeTc1245CSb5ms3dxs2Fc_VcaiKtWLemFMVsNZDvxot3hUfqUlDzBqwpOnBlu2VdeCz4-o
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3027 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 10 Oct 2023 00:39:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3027 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ChwRouBC7wHEVbmhk0BL70lg9oTqnWoDk-x0Beuwq4kZlMhRGq4ZJ3ilxJukQfcOFGe-QlAoAT1WiquBgzTjzvLdqtdcWG7gsGFK6Am9q_smJsMQY
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3027 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13012814080041857181&x=1&ct=76
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 3027 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:33:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
57931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 08:33:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 3027 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
39777
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:36:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3027 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696851335058330"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 00:39:06 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D176 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPmChOMCEJfSweQCGN_19_IBMAE&v=APEucNXNuRfN_0cLBKCY8QEtmiKEHclp04YPONiWnat7Ypsq_wg7m9ybCRBB4t60y3hFd4hucDH-KfuIbJXHKrx1tlTd6YiegazcNcLnsN1B-ZTlQJWGFo9zcvfequwjCi6f8IS7AvG6AL5zzRBZV9I5MhnK1CyouVkN7uZM2xHEZBtkFoh3zmg
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7DB4 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 10 Oct 2023 00:39:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DB4 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ByVprISkUTD5uUcEYPJP6RyXUz7z5yVCLkpQfPA04pMVUweqYbagw21H3M6IVTUyNrYAmb-8EF2230X_9zm_qudHkq-qWH2w6LEfw296Na3NEOX1I
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DB4 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16637368296633029645&x=1&ct=76
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7DB4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:33:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
57931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 08:33:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7DB4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
39777
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:36:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7DB4 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696851335058330"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 00:39:06 GMT
i
o.momently.info/ 		176 B
276 B 		Script
General
Check archive.org
Download Go to
Full URL
https://o.momently.info/i?a=gbVWQAAmASk&h=www.blogto.com&v=2&l=1&r=&x=%2Fbakery%2Fluna-bakery-toronto%2F&n=&f=1&pc=1&al=www.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&i=w4000&callback=_mnt_callback_json1
Requested by
Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/momently-static/js/momently.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.81.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-81-85.us-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
bfe8d1e906a6f97906f9d41a502ff80816fc0a84787076107dbeb8379fe983ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
cache-control
no-cache
server
awselb/2.0
content-length
176
content-type
text/javascript; charset=utf-8
teads-format.min.js
a.teads.tv/media/format/v3/ 		579 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/154121/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
abf9f1e60c38cef91027437a6cdbcd914fddbf5b599c3e52f85ec0434c6081f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-encoding
br
last-modified
Mon, 09 Oct 2023 09:35:42 GMT
x-amz-request-id
WX23A0W1657SKA0X
etag
"4907ba9997aa08b43cb037726e39e936"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
6
accept-ranges
bytes
content-length
135004
x-amz-id-2
II171Eo2MAvmnLKz3LRvtdZXHpVruBENRbMzU0Zq/g2pWT9b8hRewbtmkBHZlB7q7zvYwOcQEJI=
expires
Tue, 10 Oct 2023 01:09:06 GMT
truncated
/ Frame 3B78 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4389015248ad482bdb15fc61adff9eae30f0f02185d7fcd1eb54e34a082e2a0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3B78 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5Ta-7YCHMOIFAKKnDOF92tAC2owWioVsKzP1pDfSyWxRDt-Lw--4xsLA_Y8FoVYfCvfLUme5PHEAa85nQr4WQ0Bj1FX70qdL3AKhGbsJAWaRHh3S25Z4H7nTVoh1REP6fR8158QCJoluf-WntUSoI3P1fYAvFhk3yzghGNl99sAKWQ6zExujJucbn_4pgDq5EpAlZdwYmsmnXSgMfpw4yfNIWQHdwx9iRff0AOkKjgMfJZnOBuu1mUPtcJDhIYHtXsg02yli8CZEJqt33sh1l0_bNznQXy0SfO_MaXmzD0cbFe_73oo8p90odPTNaQbVX-kJHHQkNwK9WIokOoradloumtn7H5yG_ZtMfBpNzsJgfAJ5kvxJ3&sai=AMfl-YQKQxB6YTX2cVN_rlwRH4kM4SbNSJrbaM9hO7muWHc7jY05J9I5vRtpWAeqc1Qjo-zpOiofKzlmeYbe2TTviO6ULk1IMCJKwK7p7gNBTUo-G4nR-0igRD3kBgRgwKgNUyDaeQxjgt21SxqvnpA9&sig=Cg0ArKJSzF3ply-nH0ENEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 10 Oct 2023 00:39:06 GMT
rum
dsum-sec.casalemedia.com/ Frame DBE4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUM3WuwTw6rnn3xsoILsu8&google_cver=1
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUM3WuwTw6rnn3xsoILsu8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGL_tr-kBMAE&v=APEucNXF_FxdJZ6Fcr7caotsbouyhvh4x-nmTpYTsThwWKazr9sIYUI03_DDhNvUazfqI11sNdk6QxUZQmY4QWSf3O1G1y9AmEXgJlmCIzyA4fz8waeTc1245CSb5ms3dxs2Fc_VcaiKtWLemFMVsNZDvxot3hUfqUlDzBqwpOnBlu2VdeCz4-o
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LjcTMChd9D4OPFYD4gysYREBDEZib%2Bk1vEdH1x28FFKJaQGDGJPZb2R3uOUSWYlu8mxWzCcEWJXgJX0Qmcn01E4G3bk2m28kwEv3y2o8WWftnbcsnP6cS7kadOLUQNdi%2FFVGPq1Bg3kTA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
813acde898d5bb67-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUM3WuwTw6rnn3xsoILsu8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DBE4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSSdKv8dTwVL0l6rBSwVHgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUM3WuwTw6rnn3xsoILsu8&google_cver=1
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUM3WuwTw6rnn3xsoILsu8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGL_tr-kBMAE&v=APEucNXF_FxdJZ6Fcr7caotsbouyhvh4x-nmTpYTsThwWKazr9sIYUI03_DDhNvUazfqI11sNdk6QxUZQmY4QWSf3O1G1y9AmEXgJlmCIzyA4fz8waeTc1245CSb5ms3dxs2Fc_VcaiKtWLemFMVsNZDvxot3hUfqUlDzBqwpOnBlu2VdeCz4-o
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C08YE7WPXvOKL%2FEvEvjc0v%2B1rg1ywIY4BlabV01J8fwzQHQT7bVz3%2Fc5gAvpWXPlM%2Frfta3oc4D3rhCCXtdt9x2JVoQGSiv0EgNwCbpLrYfzCc%2Foqsv4shrE1Y%2BwTkSOKYzSKiC4cnfTrw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
813acde97aa16927-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUM3WuwTw6rnn3xsoILsu8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DBE4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEG9-dLa8htLxAFS2OR83ZMY&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEG9-dLa8htLxAFS2OR83ZMY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGL_tr-kBMAE&v=APEucNXF_FxdJZ6Fcr7caotsbouyhvh4x-nmTpYTsThwWKazr9sIYUI03_DDhNvUazfqI11sNdk6QxUZQmY4QWSf3O1G1y9AmEXgJlmCIzyA4fz8waeTc1245CSb5ms3dxs2Fc_VcaiKtWLemFMVsNZDvxot3hUfqUlDzBqwpOnBlu2VdeCz4-o
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
an-x-request-uuid
c9db81c3-f444-4fd0-9458-0b29fd7450ea
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.132; 178.162.209.132; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEG9-dLa8htLxAFS2OR83ZMY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DBE4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMwMDEzNTc3Nzg2OTY0ODg0Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMwMDEzNTc3Nzg2OTY0ODg0Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGL_tr-kBMAE&v=APEucNXF_FxdJZ6Fcr7caotsbouyhvh4x-nmTpYTsThwWKazr9sIYUI03_DDhNvUazfqI11sNdk6QxUZQmY4QWSf3O1G1y9AmEXgJlmCIzyA4fz8waeTc1245CSb5ms3dxs2Fc_VcaiKtWLemFMVsNZDvxot3hUfqUlDzBqwpOnBlu2VdeCz4-o
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
an-x-request-uuid
25f1f0dc-1847-4642-bca5-b1894060ce7a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMwMDEzNTc3Nzg2OTY0ODg0Mg%3D%3D
x-proxy-origin
178.162.209.132; 178.162.209.132; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D176
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUM3WuwTw6rnn3xsoILsu8&google_cver=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUM3WuwTw6rnn3xsoILsu8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPmChOMCEJfSweQCGN_19_IBMAE&v=APEucNXNuRfN_0cLBKCY8QEtmiKEHclp04YPONiWnat7Ypsq_wg7m9ybCRBB4t60y3hFd4hucDH-KfuIbJXHKrx1tlTd6YiegazcNcLnsN1B-ZTlQJWGFo9zcvfequwjCi6f8IS7AvG6AL5zzRBZV9I5MhnK1CyouVkN7uZM2xHEZBtkFoh3zmg
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKPgjvXBCqtmvWwRSJVzNlfQc8u3jVxgiPi7k1NanJkIrCN%2FKsPzN9az0J9JMQfV7vedXI6qxKhsvnksvSnL%2FgRnDFveZtAPlnzXZ7YQiGTDApAc%2FATqmYjhArYh1XCUzhj1jWdXOgiXMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
813acde898d6bb67-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUM3WuwTw6rnn3xsoILsu8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D176
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSSdKv8dTwVL0l6rBSwVHgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUM3WuwTw6rnn3xsoILsu8&google_cver=1
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUM3WuwTw6rnn3xsoILsu8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPmChOMCEJfSweQCGN_19_IBMAE&v=APEucNXNuRfN_0cLBKCY8QEtmiKEHclp04YPONiWnat7Ypsq_wg7m9ybCRBB4t60y3hFd4hucDH-KfuIbJXHKrx1tlTd6YiegazcNcLnsN1B-ZTlQJWGFo9zcvfequwjCi6f8IS7AvG6AL5zzRBZV9I5MhnK1CyouVkN7uZM2xHEZBtkFoh3zmg
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAnAKm07XrX80fCZwTduG2uKKMaRbkxv5tBGNntBpGpDhod5iAHeDHWC17Z1vMDcn19ZQB1Sd%2BKd0P3y0e7MFzYKSVqboRksYxlfFvEwxqQld6eV6h7Pp8ddlm4HiV42KQCFrlYcy0ldqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
813acde97aa06927-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJUM3WuwTw6rnn3xsoILsu8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D176
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEG9-dLa8htLxAFS2OR83ZMY&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEG9-dLa8htLxAFS2OR83ZMY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPmChOMCEJfSweQCGN_19_IBMAE&v=APEucNXNuRfN_0cLBKCY8QEtmiKEHclp04YPONiWnat7Ypsq_wg7m9ybCRBB4t60y3hFd4hucDH-KfuIbJXHKrx1tlTd6YiegazcNcLnsN1B-ZTlQJWGFo9zcvfequwjCi6f8IS7AvG6AL5zzRBZV9I5MhnK1CyouVkN7uZM2xHEZBtkFoh3zmg
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
an-x-request-uuid
dc509e2e-b911-45c9-8282-1cbf0c2211cf
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.132; 178.162.209.132; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEG9-dLa8htLxAFS2OR83ZMY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D176
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMwMDEzNTc3Nzg2OTY0ODg0Mg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMwMDEzNTc3Nzg2OTY0ODg0Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPmChOMCEJfSweQCGN_19_IBMAE&v=APEucNXNuRfN_0cLBKCY8QEtmiKEHclp04YPONiWnat7Ypsq_wg7m9ybCRBB4t60y3hFd4hucDH-KfuIbJXHKrx1tlTd6YiegazcNcLnsN1B-ZTlQJWGFo9zcvfequwjCi6f8IS7AvG6AL5zzRBZV9I5MhnK1CyouVkN7uZM2xHEZBtkFoh3zmg
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
an-x-request-uuid
168643ae-c70f-4bd7-bf3e-b63cf5606496
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMwMDEzNTc3Nzg2OTY0ODg0Mg%3D%3D
x-proxy-origin
178.162.209.132; 178.162.209.132; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3027 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4971746259447&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3027 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4971746259447&version=m202309260101&ct=76&x=1&cor=13012814080041857000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3027 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AmTHjnqQyucG0My0BPeHRpjx_ypfL0nFdJoin9SRLHNfTHytd0hpPqMb1taztA_EqMqZ7gVRpNLF7r-c5Y8RzF6OpawqK1AG4IxQ7FSGuTrBoOyNI20k4FBg3q0IQTnAh4IJZ-Z3TFt7A5wo31TJmHtagM6IcR7npZ8aofeSSmUnB7jA8&dbm_d=AKAmf-CxhDcnZIj5_wjYRW7I4-GPEI8vI2Tm0BGI4DDAKVGzIoedIiIh7hmsSGEShPkGaBh_j-N1OYZkagI8NGYT1S00CsLwfmXBYtK_aBrTWejbw4-ZNmIXgRZ4YZSuJukKa9TBLkb363zbLLBXwMKkece4o5yPWG32FmMvdLINEaVgEuTEguJpgJgchZb7rYAHY_UPzERAC21Gh0pv_I93nddTP1K0HaEtZh4QrCSzDIOsdUDiOn8k5zYv51zlYgswLuXRNGaAqo99xH6CDN-q0Raw4FA6TBqTLXGNYlCu77L1-EeEVj7GNkaYBXxs7kn8DgJfIxH_Zwjo7n5rawrr2fLoEa2WtmzDVSN8wc5hv4AGmrvlLSpaibY1tZaIzz96QhFkg0_bylEOTLaMV5G9DxCGsPWOQcwaevRVzc82Pnh6XifPX_t9kx-SIebRw4wCY2aA1WvaNEw1yxL8ZSX6SBM1zKC_1IACdx9IF45sUriF0hwqcWtotJzTGrzzbyOB_afKboGCe7eQAOdejiLYNfNko2fznvs8AiMx0fZUdUWH2NLFREK2yVTrrEReizMoC4RAzT_n8EcmMJiWhqg-yty5aD4CLciDmS6VUukXtleICTq54z_cqm1I701fmO-pdYi28KtaKPMTss1wRPQovrzyn8HBXefTKw6QkIGiGZ9wcUDWd6JSUZ0uKOExfKqrljiHjnW5u2qSCKvloUTNudS7YLFjYowMcq7jVIczKZcEXJxft8IdnstyvOCDxs19pXkkMeFnDzZxNDOHZDQI47W1bq8Dofc1Gdy0xB-HnaB5aT-PLpRTBPRWTtQ9KIL5t5ks40KZzIYxxSbuQ82YpBwh7Cgnxi5FFxSP6_0oxhiF7MZ9WAmNkSvAyT-FKQBrl4jT6D8_e1tHYluQ-Ke-Eyuz9D4PTwNiZUB_i7C1tFudwBvnYeMYmYZ0EWBIB4fxh2PatjPo9MlQGsydaa9x5K1TsrpFtBrcIIlltM-5XkwsoYHqYQwr-InPD8-ZbyfQ1KK3vSkkKAbjwG88vbEC_BIlZl8YM2_X1u7RTOz1t_RVoBR4IbE7S7yC39DXUNaa4rkhOcXB_a1HGjt-pdimCxE6WVd4oOGI0JkZNG3D90pxOfmK1jSzpCpS91mK3PB47WBAstC6PJ-cJ4Pnf1ffqsKGsy9ybLM9-hJadJSZ7F_K8dCdcNVy4jli6Cmi-PlQEE6tw6KCx2wN923k3nd_MrlFuoa3K-g9M7qMug8SI0jDaNzRJMct6s2Ul8wcVdu8NZ_lxjXc7fVFqtP-dsdL60uWiSG1X3Lg-NV1DctLGIdegcYSRkxBCFKT7Uq8Hnz0qqcFDSTiMavLdmcsQxC5IdS2YfGKRRYrEnMju8eiXuRzbuX7W_zRkZTCtR8KHZISHijF6gOXzA4VbKgLptViskNxm8sVo88cWqVG_B2YGILJ8gTsblytubmSyvrgGnh3NK3SWQm9ZIm27rKIyqUSRtusgNxqSN-QGiT7pmXVS32fr1QUeJ9ePoWLXjGqzl9xBokDuzOgaQlikNZBfiHGkRXjp8rd7quFcQFK5MIQbiddO5SseP4rIbbOuSrEIUeIobdUS3hYLN_RJptp46zIwwqEPBAvqRlI9EdqpCJNogqvl_cIWkij_DVj7pzxVZbSNASHc3AiSq8PvhqCOxDvQBuzBPA-6Eyf_SyzQnkrx7FEBVGONYCIhx4nVrB9YeIr0sdeOBTTb_eckjfQcXfdTNchjPcJ1JC5_PPV8fDN1E6ie9qdZekNQNoMoScob_RVkuS6n2T7GkxeylIOZF2J3JFUkPYtBTwXebC47AgqmDAFSRXnnSnzw8tRmiAKyAQl2i2nRoiseqZgnbxPxFZ4bestCN82DMadGKuMpakzsDEkw6_OJgTqFXMuPNhS01AnYSA41ID6GI0JHcAXl-qh8S6bSXPZQvviqQv290LzJXq-DFzkXRg51qoh-lGc5OG98E0vdWE-eXcFNxZL7SypLl03REQp_Kq58p1W1LJEgVug5X09sohtJnE56QWQl0jPLML5SGrPNphKNwSN3KS-nWHO72plxm2GtjC7NTMklFyDTfSeUB5roXp_7qBV0avjB1ZI26i-CN7FePNtJ0CbECdF4h1Z5dczx6JbvdfcXKxRG0qxrGZ1ojeHCRaeXlRUgO0iafPx2q-rzAOfkWdyEuXabrCrDfUSjT5NuyqSU3r5jfGLtUhD2FLakihzocecpOmA8MNr7cXAOriqNwW4N8G7WE2NZzcbDpKSVOzqpGoP5HInq6CizWRcbM9vKwEzh5Kg12WKXbSVuVPpfaoCownPsEUOkk1meV8KkT2zJjSTF_dcUA1hJ1zMRXKsFgwB4k5cZKneIvF744nx4zHP7s3VEYVmAHZuaWFVtBxO6d3pi5Yq3LG-3qPAtWIgEt6tc3F1H48knZZ0TBh7MenQ_6Psuq1zNkZLF-GbRZFoW9Gh29MeCOyUq2SG6PQDD6UepOqO-6wINb73WfunBq3TAwzJJvWfbnXdyiV66m-c65Jn1SLLAXJ8-nDo9iKR18sNc3fcHRYdtLoShd26xZlFpgPTZlu53rLCNs8n90w9d0wWYBUZDBr7GX8HnMCIF0ALhZUuk3hNge7R8bpw57olHQ_rI5UgT27wHdAWk3_r6B8iXnAXZvN3TMhcKqnw_Cg2QXNwa8YqAbPwZ_RoWfY4fTQ7AVjfmnzBkg467K7GwRzkL1BW8Hap97bTQgi1n97UAaMw0rLJzNHkmGa4JHNwmrAyX5GhLoAFT-SyqwFw3w_iTqtcd36omvAmEu1AJV741ucv3Y0YKEPj6w5j63y4w_avgF3ufEKixwEo44gTdvc0-bjfi4STDgQovAQj0OzhcMjxY_1FiLJZaxUNS3dI1SWxESe6Rtx5pL9ZAijZg4qvLcWf7I8RN3fAbIW1rFijKGQNAyv0GmW4TKOX8WA3u1_DGrYl2bxny2ZcUo5ZZRNPKMr79sLIs7GqcUrendDFNLPp9oOJwx6W94LdX6Scl1DvjA47bsYHusCV0J0kCcjkgHNnmuL75BH1Kl56Xgxpw6w21jYy_2xcp-ZGTUPuJ-SXlPMtr_X4Tr4ehgvzRrD9it4lF2C35gwoCErhHKed_0k53poM56d-aADfSitA8BAPk5F2qwk8ko3zgUbXncheE69sKmzTbzUop01C-L4H6htiAwIqKMDLYxwY6xlO50YGCiMeiYbxh3QXJOupYhLbCUermur3VgkVSVhqtwhHwdzwEdGvn9UpGQiSJrRPMbXH8Fx7mN6Z7t7dmMDeV8oONm3gFwo9Ql9i4k0R_bHvkL0gAr6ff3ERp1a8FLNR6pf49XSQ5Ge3ic-CKwiSyevUXNtCAtNxVZdDtFAU9CTnv77g2KX0OW4_XSlB1icjbqUpkmbwwPuNQTC37EBIARMUPprfoTGXRJyYoTyO6Expq4o4oaPf0dO3EvinxBU-QZSVMkcbUgtC3owDi0W13xPn4gaiDR9XqT_d9Oudj-TZh7M0oJ22rwDZZEt2SvfRQOkPg2kdJVxF5oe1r9xk2JXRIw1xKeUqzkI3QxN07AXYa7mPCt-0X3k47zP7qPlX5qNjIu8LKIg5hDOKfYbyGTgg3tZAZZwj8T9O8ALNv4NFpC38yABP8Q-cVXn1S232eh6yzLRXWDUchb6Zi3xKx59lzZPWXIM44pjO0Rluzelh2Q5lRvho2GWLw7oKD9DAGPcrC6MUSUwbn7fB70y5Zoh0x0aWQfpEpFjZd5iOEI3cGjeIO4lvDTTDhMOr4U-2GzxZyJ06ByveudSaihUWQV23dsGqCq8IzjGmuXeNyrdM7kjJF0vIdV9Y5czVGO-zLWL3P2HGYkDqGtvf3tXB-ZImTsSRZ34&cid=CAQSLgDICaaN2AcZaNXd1h__8MSl3D1DUjase6BaPMeDzam0vQpVEL-g3kV8IfMH3DcYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.blogto.com%2F&ds=l&xdt=1&iif=1&cor=13012814080041857000&adk=1033480531&idt=88&cac=0&dtd=76
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8830fb6f3f48ec331c4eb729a181e5a21785e97d9885791af90f5cbcd24c84e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41594
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DB4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3120417710449&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DB4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3120417710449&version=m202309260101&ct=76&x=1&cor=16637368296633030000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7DB4 		116 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Akwq0HWDCfRiXKAJ1Adf1RupfkwE3vulZ6mk7Tqo8b15A3GwwbZs2OkvFPua6ARcaJA-FBQ_BRUBxNbenrMSoTodmIaFsqTOfawQHR9c6b7qfM4OeWqhGnekHlytc9XM-WNZH2fM80HxGZ-fDDDDAQQ2gSQXFQXTE8jJWKgKE8AFCZGfw&dbm_d=AKAmf-A4opVkz_afVHqiC5geOC41FukXIe-L7R8Q5dLfEK4f2Y7ljWigbM9fXHPHETjUilWkAYUbLJDNBUrhRcs9Vie680krd3KMmpoBgkXn-4KqslYv64Fs9EvMb3CDvJFjkPdQc4ombU8_QNcvZ4LVLuyRbDgvsBQcJlM2pNJTteJm1jhKoj0ySr-VwebAJlFw1zQrE2beP-NzmKx1V0wGiYvNdQ3lzwW00tr_a4LaHMvezgpSCg8WNufMxlicB64Y2vUcWkk6kPThj4_S-XsXqc0iAHZIAJistz5qnTqohN7MFnu3VzH1Wvx9WItbNBx-E9RsXV6Vswu5PYoK34djOLMheTHI0px_pb6hVVUwVppgxt31oiu_fHo3QOvXG2O9qdUTxzXmNvCP2AF6Z7AgCcdTBC-9zfYDvZt48i1gTyprd-ehJftVr5rkvgE1k6BAagcJtY5rywErIoFjrG7k5OubTg2s3LAx5W8IOot4wmhLNCr33PmH6Sepy3CPNKf3Brrbjrfp_xFlLilZxsEIpqZI-hWTFJXnmwtIOygl9679hhsTthB4XAX-mYcWOYl93hMuVCb6LFWbl3dFeui66A_B39wVwa6Ja9q0KvMPAaMv7Y__asH37-IfB3fJNfHStdt0K-v4AmrkSEB-N59bTPxgX7DY6b_Wlr5SGZX_JvOX87qU704GjEDIyVF_sXjKTf1sU-2VYCnoCLkqr55RpO61cBoke8lmHIBHXj8kgJCS7uOc0ht0D4WsiUi-0bjUeOtSKLUxM5ysFVLhMBATz1-B1xWopQnrpvWSqojKlXJJmQCG1sLC6XYha-1o5ERHt-izlqMUSVlW5QUmZeDoSULXq09_7PdjT_jBMLAmjABh86gd1QIghcuUFC02tep3Yjp_dJsJwL6yg9m0YPTpNRajWHWmKhZTEajnDuYm2sITwIttxPmXA7ONfCwHUHAO41vl25233ExihQR_0Gc3hBRglGB8tAQWBDTAEEu2dFHVRCmRrGB85xKHiXDukr23N16E22PP1rVJYSDuYXBrdzUd2UpoPMtwRdlFjp97JyvQOG2OWlDpeRYnO279VkqNyPG78n9Z0sb_xNWWTWU9U5HVOqKdJ8aHFUehMOSmRjhuqPVB9EPzvFGUsVPpp4nTQKQGfY4SQyVrNjxkfoNL8eOV39VP1R9_ZQWia-puJcwYPc91Un9BWsuliBiCaz8VlRLh5I2nQ9PBm-dbFxOjfbECFNDunQN0IaOn8pj6r_-EV96siSgEQtuYiQ2sbaTZuc7kMY3BQDYRTMpPRrLU9HsyromR7M7k_xe8VY2sG8KHyhIjhftj6M-SD063cxOrBT--5J0Ak-VVeGtepb2EYN9nbSkzkUftvmSU7XrgnzJ7neQ5YboWyTtI7DVN4p042Dc8rgKbnYobCauUwIfZPqshsnUyVexBR9nnUTlfDCdf-Vmi6qsZpW8vq3UehQ6YnZYsIhJ3yKNziw__EDcB-SWcqau7r10n5kY2t_dI8MYgVGUIBislWja495-6gRyB8fRciEEtHhjZrDXH49RhSgkxJClV0bUhbwo79fzZFffI81uNGVF43uIAgBiPowtMqpgGEh-kl5HbonKcOw_BIcUMztHAzhFRcEKlrVoveKBupzCJADYXRpXpCe5BuRAW0eHoyIuZZ2JTThWrFnyhvy_clGOuy_mhtXfxfLkhOmqc5-Hht0i1ikozYgI-G5KrkvjJYXYrcc0ddr1XHrY1EccfHaDyvsh9Ij-zReUwdYVNLezjP1Cr6roC3MvmmZ8PuPVwCF1EBwT1nYxmfGGqTX6ta1wR8jGaFO1gFcp7I-bBBGFQifmqIYdb7F7pDqEpKMZIAchlMnoT9xFMU29zEUuDl5QqiBdiFVSCKBrJCBXTz_IbnsElAacPdmOawca0wM-m_LBy2BPbo0E6vsJyvCCn1P91J-yQB-5NIVRF-zo6NgIeXs99w3t_u-3Bzgg4EXth_hQXHgkqPtKwjqSyUKbuU6Ig39nGOV-BKS90TmQE43wNDCBsMv8oZyY27_exuQNdVx697tMc15Iy0x3o4FFBAMmdYCep0uNGoQGZkTPndRXvoez-whjf6S073qcDHITsPNiVcDiQfnZ6zgxtyCmImYaqWmFK7rP5KsoXlwUgd8gcVfN1Oa60nUR32QDWhtR6sgq8odFsAfN9NxB59NUhtisL344LjVUOGprkvk2YAB__Yw77OQsrmWrR50NiTCxuEgBniqlh38eSy9lpm6-qTb2S7CiENp4X_zhXeK_LMR-Yei38fGfBxBpoVjFwKnUxM50trC6aIzUYRbaJk7SrtAuA50CTmsSfI_rhCwGnHqEE5tK94IyIxqabeaoNNc7jZV73XQ1QOYAkEV-zpx15lGQWfX3OBiTi8BFUuXLsIFn0l_IghtiK6p2kXKYGVAR1fOXphwuOLoo_mvH01HEcrqVSkrKiy8QK-bzVOGAdRlgZrOQ8ysuzq-ibLVrYrH5NvRWMMdaVYyhO2lWaDerlPaJ6UoBBzy74QscvyhL5mZs0N5oPepl9o5pP_KmKXmW_2F3G_dLHziM31_iKXpn3SVsZ0ULzDkftbPBV0-MAHdNhXg0eL-r8CLQYMlRZnnE5zbauWCNNgxiFEo5BploA38ZmO6GRPryiGm90-8SyS9tvxUeBPe0Z4szT4DnQOE5ZTN95lnfy-cS2bPREcZmmNMDQvJqPMfR60xWH0lDNPa0XV-ZRi-RF7EQ2j5RXs3Nq-6GW85mgAWOQBZ96trRYZ2N7MJPWPfKlTS1qNlt9p39rWi0f4aFBhvolVn4mrFORJBQE8RjrkkmhgQDtYFFchn9H5e3aQs6L1BuECwBP2fTJnIPg73Xl5h9uCKqXPpNSVoBe7URK6F1t7O5JeKLp3gWnXj_11ftZLbI4fmFVSofOCuzSw1z7ZzKsXALkWkij26iHsU98koji0wbJGdrTYNfyvQtjWlIlH6d_d35Kgf4dYWJEXQoVl0qoY5rTBl9PRHIT4R_GpZRlJG5KM0wOAdmY3D1i_sOHhcy-d6qzOsWZRN6VW_mjG9-o71R6wwNHCwESCpz1qYiIG01skz8K0LipXF9VWs9HWvsMbT_6EPbACkMqhdyROxS4xBA_xpBFQph59JqZ4UCODeW0EudWel_gvAtqTxViUjzOJsawxOlgiJr6018wHq16MQU1g8_osNQheOEjS26EXCKGO8_7F3KknnZVUhQ2Aok91OVaLFjHIuI-Ovf-GIC9RCUH12xUTtSx01pYDzA8-SDrgW4fBq2T7bU5r02dvWrgKZti7CPIYoH_agoL8BNvdrBnoTzd73agO4vIKslsFGDLS2C5BWpxeRTE10ulH0Q3PmPuYzxs_iPlcCZyLMZQTgi4FGH1f7D8iilL-8WZQ9m1x5Z8GqqVvv8auYjgBBX9trmPue_xY51Caqnlftr_PS_ze7d3yKvQFfS66RmAfy6hubvO18fcAtiXcEx4Du9sezTMsVuhzGCUuUuvlkHDyLTuzalY4PwuwFwdUPZ0JnCd5zp89Ztv0tx4h3cT-qd_TbHwS8dqWW43DODOXz1c3e0Yjwv94vfQFuJHIu1-Eui4MFuE1qAsdQYls9ejManbj7lCGnwUu6ecsDuhw4l2NJX9iT6Zp-FRpEN40YnheGbN-DCRMsz8PKUi_eC-RI6tHWYXN5YLDaDaa5bpl587__YY0jyEiq2a9Lb5GZ9xvb9L0h_FADYV6x-i0zAK5ATUqh3ajDxrRb1qrzcr4HyvLFVOgRQUAAaxkqbkiuqtFp6r82mSGBsmJV0ziY6t0x7JQX_PvSwQ82O12je77E2w5qI5AKaRjNJp3fF7M17ZF3qmxc5Xlsu3LwEx8CFB33rdQ8t15_0yD7PAsVAlxrrs-ETyKFvqF2XWEXwLh8eLIdG6oxl0wo0iiDD30D79IO3p3ztKJvj8LaY&cid=CAQSSwDICaaN0oxa_K-9YvKtMM6jkTedJdq0Soq7SXAsm-rt4y8ZFa_TgJfo8KLLH3VkeOd49oO_YzYEVU6ZdnWS0PvtW19hB_To65LlhRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.blogto.com%2F&ds=l&xdt=1&iif=1&cor=16637368296633030000&adk=3037181500&idt=95&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd625e5fd8fc3058566964a2f467e314adb5e2d1a2aaf7fc8f3f59272be927ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43211
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
t.teads.tv/ 		23 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=039a9ad3-b748-4bd0-984e-6b1b12aa5c87&pageId=154121&pid=168488&debug_metadata=ruXkMmEbRx&fv=1265&ts=1696898346394&f=1&referer=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=039a9ad3-b748-4bd0-984e-6b1b12aa5c87&pageId=154121&pid=168488&slot=native&fv=1265&ts=1696898346400&f=1&referer=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Tue, 10 Oct 2023 00:39:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
ad
a.teads.tv/page/154121/ 		485 B
676 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/154121/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&auctid=039a9ad3-b748-4bd0-984e-6b1b12aa5c87&autoplay=true&formatVersion=1265&env=js-web&netBw=10&ttfb=202
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9fcb46b2dc408ab6cf59a367f4090a6f5f892d44a0f725dd82ed404797b5bb6f

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
337
expires
Tue, 10 Oct 2023 00:39:06 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1475223/71249298/ Frame 3027 		249 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1475223/71249298/skeleton.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-2050825284400963&ias_chanId=1&ias_placementId=20111337730&bidurl=https://www.blogto.com/bakery/luna-bakery-toronto/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j754n9LHX-8PMBJBQFi6_t
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.117.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-117-183.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
30328f094f43577b5a948e0433f27f64102f1d3ce45b90e0320c618974ae2dc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 3027 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
Origin
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63342
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 07:03:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 3027 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AmTHjnqQyucG0My0BPeHRpjx_ypfL0nFdJoin9SRLHNfTHytd0hpPqMb1taztA_EqMqZ7gVRpNLF7r-c5Y8RzF6OpawqK1AG4IxQ7FSGuTrBoOyNI20k4FBg3q0IQTnAh4IJZ-Z3TFt7A5wo31TJmHtagM6IcR7npZ8aofeSSmUnB7jA8&dbm_d=AKAmf-CxhDcnZIj5_wjYRW7I4-GPEI8vI2Tm0BGI4DDAKVGzIoedIiIh7hmsSGEShPkGaBh_j-N1OYZkagI8NGYT1S00CsLwfmXBYtK_aBrTWejbw4-ZNmIXgRZ4YZSuJukKa9TBLkb363zbLLBXwMKkece4o5yPWG32FmMvdLINEaVgEuTEguJpgJgchZb7rYAHY_UPzERAC21Gh0pv_I93nddTP1K0HaEtZh4QrCSzDIOsdUDiOn8k5zYv51zlYgswLuXRNGaAqo99xH6CDN-q0Raw4FA6TBqTLXGNYlCu77L1-EeEVj7GNkaYBXxs7kn8DgJfIxH_Zwjo7n5rawrr2fLoEa2WtmzDVSN8wc5hv4AGmrvlLSpaibY1tZaIzz96QhFkg0_bylEOTLaMV5G9DxCGsPWOQcwaevRVzc82Pnh6XifPX_t9kx-SIebRw4wCY2aA1WvaNEw1yxL8ZSX6SBM1zKC_1IACdx9IF45sUriF0hwqcWtotJzTGrzzbyOB_afKboGCe7eQAOdejiLYNfNko2fznvs8AiMx0fZUdUWH2NLFREK2yVTrrEReizMoC4RAzT_n8EcmMJiWhqg-yty5aD4CLciDmS6VUukXtleICTq54z_cqm1I701fmO-pdYi28KtaKPMTss1wRPQovrzyn8HBXefTKw6QkIGiGZ9wcUDWd6JSUZ0uKOExfKqrljiHjnW5u2qSCKvloUTNudS7YLFjYowMcq7jVIczKZcEXJxft8IdnstyvOCDxs19pXkkMeFnDzZxNDOHZDQI47W1bq8Dofc1Gdy0xB-HnaB5aT-PLpRTBPRWTtQ9KIL5t5ks40KZzIYxxSbuQ82YpBwh7Cgnxi5FFxSP6_0oxhiF7MZ9WAmNkSvAyT-FKQBrl4jT6D8_e1tHYluQ-Ke-Eyuz9D4PTwNiZUB_i7C1tFudwBvnYeMYmYZ0EWBIB4fxh2PatjPo9MlQGsydaa9x5K1TsrpFtBrcIIlltM-5XkwsoYHqYQwr-InPD8-ZbyfQ1KK3vSkkKAbjwG88vbEC_BIlZl8YM2_X1u7RTOz1t_RVoBR4IbE7S7yC39DXUNaa4rkhOcXB_a1HGjt-pdimCxE6WVd4oOGI0JkZNG3D90pxOfmK1jSzpCpS91mK3PB47WBAstC6PJ-cJ4Pnf1ffqsKGsy9ybLM9-hJadJSZ7F_K8dCdcNVy4jli6Cmi-PlQEE6tw6KCx2wN923k3nd_MrlFuoa3K-g9M7qMug8SI0jDaNzRJMct6s2Ul8wcVdu8NZ_lxjXc7fVFqtP-dsdL60uWiSG1X3Lg-NV1DctLGIdegcYSRkxBCFKT7Uq8Hnz0qqcFDSTiMavLdmcsQxC5IdS2YfGKRRYrEnMju8eiXuRzbuX7W_zRkZTCtR8KHZISHijF6gOXzA4VbKgLptViskNxm8sVo88cWqVG_B2YGILJ8gTsblytubmSyvrgGnh3NK3SWQm9ZIm27rKIyqUSRtusgNxqSN-QGiT7pmXVS32fr1QUeJ9ePoWLXjGqzl9xBokDuzOgaQlikNZBfiHGkRXjp8rd7quFcQFK5MIQbiddO5SseP4rIbbOuSrEIUeIobdUS3hYLN_RJptp46zIwwqEPBAvqRlI9EdqpCJNogqvl_cIWkij_DVj7pzxVZbSNASHc3AiSq8PvhqCOxDvQBuzBPA-6Eyf_SyzQnkrx7FEBVGONYCIhx4nVrB9YeIr0sdeOBTTb_eckjfQcXfdTNchjPcJ1JC5_PPV8fDN1E6ie9qdZekNQNoMoScob_RVkuS6n2T7GkxeylIOZF2J3JFUkPYtBTwXebC47AgqmDAFSRXnnSnzw8tRmiAKyAQl2i2nRoiseqZgnbxPxFZ4bestCN82DMadGKuMpakzsDEkw6_OJgTqFXMuPNhS01AnYSA41ID6GI0JHcAXl-qh8S6bSXPZQvviqQv290LzJXq-DFzkXRg51qoh-lGc5OG98E0vdWE-eXcFNxZL7SypLl03REQp_Kq58p1W1LJEgVug5X09sohtJnE56QWQl0jPLML5SGrPNphKNwSN3KS-nWHO72plxm2GtjC7NTMklFyDTfSeUB5roXp_7qBV0avjB1ZI26i-CN7FePNtJ0CbECdF4h1Z5dczx6JbvdfcXKxRG0qxrGZ1ojeHCRaeXlRUgO0iafPx2q-rzAOfkWdyEuXabrCrDfUSjT5NuyqSU3r5jfGLtUhD2FLakihzocecpOmA8MNr7cXAOriqNwW4N8G7WE2NZzcbDpKSVOzqpGoP5HInq6CizWRcbM9vKwEzh5Kg12WKXbSVuVPpfaoCownPsEUOkk1meV8KkT2zJjSTF_dcUA1hJ1zMRXKsFgwB4k5cZKneIvF744nx4zHP7s3VEYVmAHZuaWFVtBxO6d3pi5Yq3LG-3qPAtWIgEt6tc3F1H48knZZ0TBh7MenQ_6Psuq1zNkZLF-GbRZFoW9Gh29MeCOyUq2SG6PQDD6UepOqO-6wINb73WfunBq3TAwzJJvWfbnXdyiV66m-c65Jn1SLLAXJ8-nDo9iKR18sNc3fcHRYdtLoShd26xZlFpgPTZlu53rLCNs8n90w9d0wWYBUZDBr7GX8HnMCIF0ALhZUuk3hNge7R8bpw57olHQ_rI5UgT27wHdAWk3_r6B8iXnAXZvN3TMhcKqnw_Cg2QXNwa8YqAbPwZ_RoWfY4fTQ7AVjfmnzBkg467K7GwRzkL1BW8Hap97bTQgi1n97UAaMw0rLJzNHkmGa4JHNwmrAyX5GhLoAFT-SyqwFw3w_iTqtcd36omvAmEu1AJV741ucv3Y0YKEPj6w5j63y4w_avgF3ufEKixwEo44gTdvc0-bjfi4STDgQovAQj0OzhcMjxY_1FiLJZaxUNS3dI1SWxESe6Rtx5pL9ZAijZg4qvLcWf7I8RN3fAbIW1rFijKGQNAyv0GmW4TKOX8WA3u1_DGrYl2bxny2ZcUo5ZZRNPKMr79sLIs7GqcUrendDFNLPp9oOJwx6W94LdX6Scl1DvjA47bsYHusCV0J0kCcjkgHNnmuL75BH1Kl56Xgxpw6w21jYy_2xcp-ZGTUPuJ-SXlPMtr_X4Tr4ehgvzRrD9it4lF2C35gwoCErhHKed_0k53poM56d-aADfSitA8BAPk5F2qwk8ko3zgUbXncheE69sKmzTbzUop01C-L4H6htiAwIqKMDLYxwY6xlO50YGCiMeiYbxh3QXJOupYhLbCUermur3VgkVSVhqtwhHwdzwEdGvn9UpGQiSJrRPMbXH8Fx7mN6Z7t7dmMDeV8oONm3gFwo9Ql9i4k0R_bHvkL0gAr6ff3ERp1a8FLNR6pf49XSQ5Ge3ic-CKwiSyevUXNtCAtNxVZdDtFAU9CTnv77g2KX0OW4_XSlB1icjbqUpkmbwwPuNQTC37EBIARMUPprfoTGXRJyYoTyO6Expq4o4oaPf0dO3EvinxBU-QZSVMkcbUgtC3owDi0W13xPn4gaiDR9XqT_d9Oudj-TZh7M0oJ22rwDZZEt2SvfRQOkPg2kdJVxF5oe1r9xk2JXRIw1xKeUqzkI3QxN07AXYa7mPCt-0X3k47zP7qPlX5qNjIu8LKIg5hDOKfYbyGTgg3tZAZZwj8T9O8ALNv4NFpC38yABP8Q-cVXn1S232eh6yzLRXWDUchb6Zi3xKx59lzZPWXIM44pjO0Rluzelh2Q5lRvho2GWLw7oKD9DAGPcrC6MUSUwbn7fB70y5Zoh0x0aWQfpEpFjZd5iOEI3cGjeIO4lvDTTDhMOr4U-2GzxZyJ06ByveudSaihUWQV23dsGqCq8IzjGmuXeNyrdM7kjJF0vIdV9Y5czVGO-zLWL3P2HGYkDqGtvf3tXB-ZImTsSRZ34&cid=CAQSLgDICaaN2AcZaNXd1h__8MSl3D1DUjase6BaPMeDzam0vQpVEL-g3kV8IfMH3DcYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.blogto.com%2F&ds=l&xdt=1&iif=1&cor=13012814080041857000&adk=1033480531&idt=88&cac=0&dtd=76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
39315
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:43:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 3027 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AmTHjnqQyucG0My0BPeHRpjx_ypfL0nFdJoin9SRLHNfTHytd0hpPqMb1taztA_EqMqZ7gVRpNLF7r-c5Y8RzF6OpawqK1AG4IxQ7FSGuTrBoOyNI20k4FBg3q0IQTnAh4IJZ-Z3TFt7A5wo31TJmHtagM6IcR7npZ8aofeSSmUnB7jA8&dbm_d=AKAmf-CxhDcnZIj5_wjYRW7I4-GPEI8vI2Tm0BGI4DDAKVGzIoedIiIh7hmsSGEShPkGaBh_j-N1OYZkagI8NGYT1S00CsLwfmXBYtK_aBrTWejbw4-ZNmIXgRZ4YZSuJukKa9TBLkb363zbLLBXwMKkece4o5yPWG32FmMvdLINEaVgEuTEguJpgJgchZb7rYAHY_UPzERAC21Gh0pv_I93nddTP1K0HaEtZh4QrCSzDIOsdUDiOn8k5zYv51zlYgswLuXRNGaAqo99xH6CDN-q0Raw4FA6TBqTLXGNYlCu77L1-EeEVj7GNkaYBXxs7kn8DgJfIxH_Zwjo7n5rawrr2fLoEa2WtmzDVSN8wc5hv4AGmrvlLSpaibY1tZaIzz96QhFkg0_bylEOTLaMV5G9DxCGsPWOQcwaevRVzc82Pnh6XifPX_t9kx-SIebRw4wCY2aA1WvaNEw1yxL8ZSX6SBM1zKC_1IACdx9IF45sUriF0hwqcWtotJzTGrzzbyOB_afKboGCe7eQAOdejiLYNfNko2fznvs8AiMx0fZUdUWH2NLFREK2yVTrrEReizMoC4RAzT_n8EcmMJiWhqg-yty5aD4CLciDmS6VUukXtleICTq54z_cqm1I701fmO-pdYi28KtaKPMTss1wRPQovrzyn8HBXefTKw6QkIGiGZ9wcUDWd6JSUZ0uKOExfKqrljiHjnW5u2qSCKvloUTNudS7YLFjYowMcq7jVIczKZcEXJxft8IdnstyvOCDxs19pXkkMeFnDzZxNDOHZDQI47W1bq8Dofc1Gdy0xB-HnaB5aT-PLpRTBPRWTtQ9KIL5t5ks40KZzIYxxSbuQ82YpBwh7Cgnxi5FFxSP6_0oxhiF7MZ9WAmNkSvAyT-FKQBrl4jT6D8_e1tHYluQ-Ke-Eyuz9D4PTwNiZUB_i7C1tFudwBvnYeMYmYZ0EWBIB4fxh2PatjPo9MlQGsydaa9x5K1TsrpFtBrcIIlltM-5XkwsoYHqYQwr-InPD8-ZbyfQ1KK3vSkkKAbjwG88vbEC_BIlZl8YM2_X1u7RTOz1t_RVoBR4IbE7S7yC39DXUNaa4rkhOcXB_a1HGjt-pdimCxE6WVd4oOGI0JkZNG3D90pxOfmK1jSzpCpS91mK3PB47WBAstC6PJ-cJ4Pnf1ffqsKGsy9ybLM9-hJadJSZ7F_K8dCdcNVy4jli6Cmi-PlQEE6tw6KCx2wN923k3nd_MrlFuoa3K-g9M7qMug8SI0jDaNzRJMct6s2Ul8wcVdu8NZ_lxjXc7fVFqtP-dsdL60uWiSG1X3Lg-NV1DctLGIdegcYSRkxBCFKT7Uq8Hnz0qqcFDSTiMavLdmcsQxC5IdS2YfGKRRYrEnMju8eiXuRzbuX7W_zRkZTCtR8KHZISHijF6gOXzA4VbKgLptViskNxm8sVo88cWqVG_B2YGILJ8gTsblytubmSyvrgGnh3NK3SWQm9ZIm27rKIyqUSRtusgNxqSN-QGiT7pmXVS32fr1QUeJ9ePoWLXjGqzl9xBokDuzOgaQlikNZBfiHGkRXjp8rd7quFcQFK5MIQbiddO5SseP4rIbbOuSrEIUeIobdUS3hYLN_RJptp46zIwwqEPBAvqRlI9EdqpCJNogqvl_cIWkij_DVj7pzxVZbSNASHc3AiSq8PvhqCOxDvQBuzBPA-6Eyf_SyzQnkrx7FEBVGONYCIhx4nVrB9YeIr0sdeOBTTb_eckjfQcXfdTNchjPcJ1JC5_PPV8fDN1E6ie9qdZekNQNoMoScob_RVkuS6n2T7GkxeylIOZF2J3JFUkPYtBTwXebC47AgqmDAFSRXnnSnzw8tRmiAKyAQl2i2nRoiseqZgnbxPxFZ4bestCN82DMadGKuMpakzsDEkw6_OJgTqFXMuPNhS01AnYSA41ID6GI0JHcAXl-qh8S6bSXPZQvviqQv290LzJXq-DFzkXRg51qoh-lGc5OG98E0vdWE-eXcFNxZL7SypLl03REQp_Kq58p1W1LJEgVug5X09sohtJnE56QWQl0jPLML5SGrPNphKNwSN3KS-nWHO72plxm2GtjC7NTMklFyDTfSeUB5roXp_7qBV0avjB1ZI26i-CN7FePNtJ0CbECdF4h1Z5dczx6JbvdfcXKxRG0qxrGZ1ojeHCRaeXlRUgO0iafPx2q-rzAOfkWdyEuXabrCrDfUSjT5NuyqSU3r5jfGLtUhD2FLakihzocecpOmA8MNr7cXAOriqNwW4N8G7WE2NZzcbDpKSVOzqpGoP5HInq6CizWRcbM9vKwEzh5Kg12WKXbSVuVPpfaoCownPsEUOkk1meV8KkT2zJjSTF_dcUA1hJ1zMRXKsFgwB4k5cZKneIvF744nx4zHP7s3VEYVmAHZuaWFVtBxO6d3pi5Yq3LG-3qPAtWIgEt6tc3F1H48knZZ0TBh7MenQ_6Psuq1zNkZLF-GbRZFoW9Gh29MeCOyUq2SG6PQDD6UepOqO-6wINb73WfunBq3TAwzJJvWfbnXdyiV66m-c65Jn1SLLAXJ8-nDo9iKR18sNc3fcHRYdtLoShd26xZlFpgPTZlu53rLCNs8n90w9d0wWYBUZDBr7GX8HnMCIF0ALhZUuk3hNge7R8bpw57olHQ_rI5UgT27wHdAWk3_r6B8iXnAXZvN3TMhcKqnw_Cg2QXNwa8YqAbPwZ_RoWfY4fTQ7AVjfmnzBkg467K7GwRzkL1BW8Hap97bTQgi1n97UAaMw0rLJzNHkmGa4JHNwmrAyX5GhLoAFT-SyqwFw3w_iTqtcd36omvAmEu1AJV741ucv3Y0YKEPj6w5j63y4w_avgF3ufEKixwEo44gTdvc0-bjfi4STDgQovAQj0OzhcMjxY_1FiLJZaxUNS3dI1SWxESe6Rtx5pL9ZAijZg4qvLcWf7I8RN3fAbIW1rFijKGQNAyv0GmW4TKOX8WA3u1_DGrYl2bxny2ZcUo5ZZRNPKMr79sLIs7GqcUrendDFNLPp9oOJwx6W94LdX6Scl1DvjA47bsYHusCV0J0kCcjkgHNnmuL75BH1Kl56Xgxpw6w21jYy_2xcp-ZGTUPuJ-SXlPMtr_X4Tr4ehgvzRrD9it4lF2C35gwoCErhHKed_0k53poM56d-aADfSitA8BAPk5F2qwk8ko3zgUbXncheE69sKmzTbzUop01C-L4H6htiAwIqKMDLYxwY6xlO50YGCiMeiYbxh3QXJOupYhLbCUermur3VgkVSVhqtwhHwdzwEdGvn9UpGQiSJrRPMbXH8Fx7mN6Z7t7dmMDeV8oONm3gFwo9Ql9i4k0R_bHvkL0gAr6ff3ERp1a8FLNR6pf49XSQ5Ge3ic-CKwiSyevUXNtCAtNxVZdDtFAU9CTnv77g2KX0OW4_XSlB1icjbqUpkmbwwPuNQTC37EBIARMUPprfoTGXRJyYoTyO6Expq4o4oaPf0dO3EvinxBU-QZSVMkcbUgtC3owDi0W13xPn4gaiDR9XqT_d9Oudj-TZh7M0oJ22rwDZZEt2SvfRQOkPg2kdJVxF5oe1r9xk2JXRIw1xKeUqzkI3QxN07AXYa7mPCt-0X3k47zP7qPlX5qNjIu8LKIg5hDOKfYbyGTgg3tZAZZwj8T9O8ALNv4NFpC38yABP8Q-cVXn1S232eh6yzLRXWDUchb6Zi3xKx59lzZPWXIM44pjO0Rluzelh2Q5lRvho2GWLw7oKD9DAGPcrC6MUSUwbn7fB70y5Zoh0x0aWQfpEpFjZd5iOEI3cGjeIO4lvDTTDhMOr4U-2GzxZyJ06ByveudSaihUWQV23dsGqCq8IzjGmuXeNyrdM7kjJF0vIdV9Y5czVGO-zLWL3P2HGYkDqGtvf3tXB-ZImTsSRZ34&cid=CAQSLgDICaaN2AcZaNXd1h__8MSl3D1DUjase6BaPMeDzam0vQpVEL-g3kV8IfMH3DcYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.blogto.com%2F&ds=l&xdt=1&iif=1&cor=13012814080041857000&adk=1033480531&idt=88&cac=0&dtd=76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
38506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:57:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3027 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 12:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
389558
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 12:26:28 GMT
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame BD7F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.5.0/ads-independent/ads-independent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:26:50 GMT
x-amz-version-id
4wJUii6vgZHbWIuFpSJC_DClvsTnqx1T
content-encoding
br
last-modified
Sat, 30 Sep 2023 14:56:12 GMT
server
AmazonS3
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"4c4f4bf824d2aa120a5e0b665b4c9828"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
737
x-amz-cf-id
lNcwKLylK190isMCfepU-ZP180E1jEyP_71IYaCHjzgESHF5nLjtOw==
hb_270443_17910.js
player.spotim.market/prebidlink/1638000984032/ Frame BD7F 		918 B
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/1638000984032/hb_270443_17910.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
acb594812772a032a8a6d937d0caa3896156d825b7f03169c5b0b6cfc15fcd73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Wed, 11 Oct 2023 00:39:06 GMT
date
Tue, 10 Oct 2023 00:39:06 GMT
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 13:21:09 GMT
server
nginx
etag
W/"6523fe45-396"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
MISS
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame BD7F 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb1fdc119c490db48b190a61af5096aa5f02832c39ecaea7001d95859d9e1898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29598
x-xss-protection
0
server
cafe
etag
724 / 19640 / m202310050101 / config-hash: 3619239551914878840
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 10 Oct 2023 00:39:06 GMT
wrapper_hb_270443_17910.js
player.spotim.market/prebidlink/1638000984032/ Frame BD7F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/1638000984032/wrapper_hb_270443_17910.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
8974257423ee2e13d61df1c0be5bec1319a51019fddb79fc29462cd947c0a9b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Wed, 11 Oct 2023 00:39:06 GMT
date
Tue, 10 Oct 2023 00:39:06 GMT
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 13:21:09 GMT
server
nginx
etag
W/"6523fe45-869"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
MISS
ad-choises.png
publisher-assets.spot.im/yad/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 05:54:07 GMT
via
1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
67500
etag
"643378ef8a85df26380de21f9beb58ba"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4550
x-amz-cf-id
iX8yrrZcfvLi72EZlmX-cfwLbM_em0X9SSLbWHZcFvstIIEaLi7SyA==
feeds
fireworkapi1.com/embed/v2/playlists/5m8Zbv/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fireworkapi1.com/embed/v2/playlists/5m8Zbv/feeds?page_size=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.blogto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
PUT, PATCH, DELETE
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
content-length
0
content-security-policy
default-src 'none';
date
Tue, 10 Oct 2023 00:39:06 GMT
server
Cowboy
x-request-id
F4yYDj-XYGVUmKsKDmkB
feeds
fireworkapi1.com/embed/v2/playlists/5m8Zbv/ 		46 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fireworkapi1.com/embed/v2/playlists/5m8Zbv/feeds?page_size=10
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
121e87bb5ce2bab626ea6323133e867a71ac9a2d3282a466156149c56cf3e248
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

accept
application/json
Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type
application/json

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-security-policy
default-src 'none';
content-encoding
gzip
server
Cowboy
vary
accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
4527
x-request-id
F4yYDkiei2PtW5EKe5OB
truncated
/ Frame 3027 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
036b8f00929d63f8cc8626fe9d3b711bcc43f67aadd3d739831cc1a211aca6f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
skeleton.js
fw.adsafeprotected.com/rjss/st/1301380/73124933/ Frame 7DB4 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1301380/73124933/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1010839380&ias_pubId=pub-2050825284400963&ias_chanId=1&ias_placementId=19777388098&bidurl=https://www.blogto.com/bakery/luna-bakery-toronto/&ias_dealId=&xsId=ABAjH0iOBRBMoH499TGlEoI7i3hS&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iOBRBMoH499TGlEoI7i3hS
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.117.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-117-183.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
889ab174b29277cb3129e6b238682d4b28f2a479456a6171d7e1ddf88ebd6d92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:06 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 7DB4 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
Origin
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62670
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 07:14:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 7DB4 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Akwq0HWDCfRiXKAJ1Adf1RupfkwE3vulZ6mk7Tqo8b15A3GwwbZs2OkvFPua6ARcaJA-FBQ_BRUBxNbenrMSoTodmIaFsqTOfawQHR9c6b7qfM4OeWqhGnekHlytc9XM-WNZH2fM80HxGZ-fDDDDAQQ2gSQXFQXTE8jJWKgKE8AFCZGfw&dbm_d=AKAmf-A4opVkz_afVHqiC5geOC41FukXIe-L7R8Q5dLfEK4f2Y7ljWigbM9fXHPHETjUilWkAYUbLJDNBUrhRcs9Vie680krd3KMmpoBgkXn-4KqslYv64Fs9EvMb3CDvJFjkPdQc4ombU8_QNcvZ4LVLuyRbDgvsBQcJlM2pNJTteJm1jhKoj0ySr-VwebAJlFw1zQrE2beP-NzmKx1V0wGiYvNdQ3lzwW00tr_a4LaHMvezgpSCg8WNufMxlicB64Y2vUcWkk6kPThj4_S-XsXqc0iAHZIAJistz5qnTqohN7MFnu3VzH1Wvx9WItbNBx-E9RsXV6Vswu5PYoK34djOLMheTHI0px_pb6hVVUwVppgxt31oiu_fHo3QOvXG2O9qdUTxzXmNvCP2AF6Z7AgCcdTBC-9zfYDvZt48i1gTyprd-ehJftVr5rkvgE1k6BAagcJtY5rywErIoFjrG7k5OubTg2s3LAx5W8IOot4wmhLNCr33PmH6Sepy3CPNKf3Brrbjrfp_xFlLilZxsEIpqZI-hWTFJXnmwtIOygl9679hhsTthB4XAX-mYcWOYl93hMuVCb6LFWbl3dFeui66A_B39wVwa6Ja9q0KvMPAaMv7Y__asH37-IfB3fJNfHStdt0K-v4AmrkSEB-N59bTPxgX7DY6b_Wlr5SGZX_JvOX87qU704GjEDIyVF_sXjKTf1sU-2VYCnoCLkqr55RpO61cBoke8lmHIBHXj8kgJCS7uOc0ht0D4WsiUi-0bjUeOtSKLUxM5ysFVLhMBATz1-B1xWopQnrpvWSqojKlXJJmQCG1sLC6XYha-1o5ERHt-izlqMUSVlW5QUmZeDoSULXq09_7PdjT_jBMLAmjABh86gd1QIghcuUFC02tep3Yjp_dJsJwL6yg9m0YPTpNRajWHWmKhZTEajnDuYm2sITwIttxPmXA7ONfCwHUHAO41vl25233ExihQR_0Gc3hBRglGB8tAQWBDTAEEu2dFHVRCmRrGB85xKHiXDukr23N16E22PP1rVJYSDuYXBrdzUd2UpoPMtwRdlFjp97JyvQOG2OWlDpeRYnO279VkqNyPG78n9Z0sb_xNWWTWU9U5HVOqKdJ8aHFUehMOSmRjhuqPVB9EPzvFGUsVPpp4nTQKQGfY4SQyVrNjxkfoNL8eOV39VP1R9_ZQWia-puJcwYPc91Un9BWsuliBiCaz8VlRLh5I2nQ9PBm-dbFxOjfbECFNDunQN0IaOn8pj6r_-EV96siSgEQtuYiQ2sbaTZuc7kMY3BQDYRTMpPRrLU9HsyromR7M7k_xe8VY2sG8KHyhIjhftj6M-SD063cxOrBT--5J0Ak-VVeGtepb2EYN9nbSkzkUftvmSU7XrgnzJ7neQ5YboWyTtI7DVN4p042Dc8rgKbnYobCauUwIfZPqshsnUyVexBR9nnUTlfDCdf-Vmi6qsZpW8vq3UehQ6YnZYsIhJ3yKNziw__EDcB-SWcqau7r10n5kY2t_dI8MYgVGUIBislWja495-6gRyB8fRciEEtHhjZrDXH49RhSgkxJClV0bUhbwo79fzZFffI81uNGVF43uIAgBiPowtMqpgGEh-kl5HbonKcOw_BIcUMztHAzhFRcEKlrVoveKBupzCJADYXRpXpCe5BuRAW0eHoyIuZZ2JTThWrFnyhvy_clGOuy_mhtXfxfLkhOmqc5-Hht0i1ikozYgI-G5KrkvjJYXYrcc0ddr1XHrY1EccfHaDyvsh9Ij-zReUwdYVNLezjP1Cr6roC3MvmmZ8PuPVwCF1EBwT1nYxmfGGqTX6ta1wR8jGaFO1gFcp7I-bBBGFQifmqIYdb7F7pDqEpKMZIAchlMnoT9xFMU29zEUuDl5QqiBdiFVSCKBrJCBXTz_IbnsElAacPdmOawca0wM-m_LBy2BPbo0E6vsJyvCCn1P91J-yQB-5NIVRF-zo6NgIeXs99w3t_u-3Bzgg4EXth_hQXHgkqPtKwjqSyUKbuU6Ig39nGOV-BKS90TmQE43wNDCBsMv8oZyY27_exuQNdVx697tMc15Iy0x3o4FFBAMmdYCep0uNGoQGZkTPndRXvoez-whjf6S073qcDHITsPNiVcDiQfnZ6zgxtyCmImYaqWmFK7rP5KsoXlwUgd8gcVfN1Oa60nUR32QDWhtR6sgq8odFsAfN9NxB59NUhtisL344LjVUOGprkvk2YAB__Yw77OQsrmWrR50NiTCxuEgBniqlh38eSy9lpm6-qTb2S7CiENp4X_zhXeK_LMR-Yei38fGfBxBpoVjFwKnUxM50trC6aIzUYRbaJk7SrtAuA50CTmsSfI_rhCwGnHqEE5tK94IyIxqabeaoNNc7jZV73XQ1QOYAkEV-zpx15lGQWfX3OBiTi8BFUuXLsIFn0l_IghtiK6p2kXKYGVAR1fOXphwuOLoo_mvH01HEcrqVSkrKiy8QK-bzVOGAdRlgZrOQ8ysuzq-ibLVrYrH5NvRWMMdaVYyhO2lWaDerlPaJ6UoBBzy74QscvyhL5mZs0N5oPepl9o5pP_KmKXmW_2F3G_dLHziM31_iKXpn3SVsZ0ULzDkftbPBV0-MAHdNhXg0eL-r8CLQYMlRZnnE5zbauWCNNgxiFEo5BploA38ZmO6GRPryiGm90-8SyS9tvxUeBPe0Z4szT4DnQOE5ZTN95lnfy-cS2bPREcZmmNMDQvJqPMfR60xWH0lDNPa0XV-ZRi-RF7EQ2j5RXs3Nq-6GW85mgAWOQBZ96trRYZ2N7MJPWPfKlTS1qNlt9p39rWi0f4aFBhvolVn4mrFORJBQE8RjrkkmhgQDtYFFchn9H5e3aQs6L1BuECwBP2fTJnIPg73Xl5h9uCKqXPpNSVoBe7URK6F1t7O5JeKLp3gWnXj_11ftZLbI4fmFVSofOCuzSw1z7ZzKsXALkWkij26iHsU98koji0wbJGdrTYNfyvQtjWlIlH6d_d35Kgf4dYWJEXQoVl0qoY5rTBl9PRHIT4R_GpZRlJG5KM0wOAdmY3D1i_sOHhcy-d6qzOsWZRN6VW_mjG9-o71R6wwNHCwESCpz1qYiIG01skz8K0LipXF9VWs9HWvsMbT_6EPbACkMqhdyROxS4xBA_xpBFQph59JqZ4UCODeW0EudWel_gvAtqTxViUjzOJsawxOlgiJr6018wHq16MQU1g8_osNQheOEjS26EXCKGO8_7F3KknnZVUhQ2Aok91OVaLFjHIuI-Ovf-GIC9RCUH12xUTtSx01pYDzA8-SDrgW4fBq2T7bU5r02dvWrgKZti7CPIYoH_agoL8BNvdrBnoTzd73agO4vIKslsFGDLS2C5BWpxeRTE10ulH0Q3PmPuYzxs_iPlcCZyLMZQTgi4FGH1f7D8iilL-8WZQ9m1x5Z8GqqVvv8auYjgBBX9trmPue_xY51Caqnlftr_PS_ze7d3yKvQFfS66RmAfy6hubvO18fcAtiXcEx4Du9sezTMsVuhzGCUuUuvlkHDyLTuzalY4PwuwFwdUPZ0JnCd5zp89Ztv0tx4h3cT-qd_TbHwS8dqWW43DODOXz1c3e0Yjwv94vfQFuJHIu1-Eui4MFuE1qAsdQYls9ejManbj7lCGnwUu6ecsDuhw4l2NJX9iT6Zp-FRpEN40YnheGbN-DCRMsz8PKUi_eC-RI6tHWYXN5YLDaDaa5bpl587__YY0jyEiq2a9Lb5GZ9xvb9L0h_FADYV6x-i0zAK5ATUqh3ajDxrRb1qrzcr4HyvLFVOgRQUAAaxkqbkiuqtFp6r82mSGBsmJV0ziY6t0x7JQX_PvSwQ82O12je77E2w5qI5AKaRjNJp3fF7M17ZF3qmxc5Xlsu3LwEx8CFB33rdQ8t15_0yD7PAsVAlxrrs-ETyKFvqF2XWEXwLh8eLIdG6oxl0wo0iiDD30D79IO3p3ztKJvj8LaY&cid=CAQSSwDICaaN0oxa_K-9YvKtMM6jkTedJdq0Soq7SXAsm-rt4y8ZFa_TgJfo8KLLH3VkeOd49oO_YzYEVU6ZdnWS0PvtW19hB_To65LlhRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.blogto.com%2F&ds=l&xdt=1&iif=1&cor=16637368296633030000&adk=3037181500&idt=95&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
39315
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:43:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 7DB4 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Akwq0HWDCfRiXKAJ1Adf1RupfkwE3vulZ6mk7Tqo8b15A3GwwbZs2OkvFPua6ARcaJA-FBQ_BRUBxNbenrMSoTodmIaFsqTOfawQHR9c6b7qfM4OeWqhGnekHlytc9XM-WNZH2fM80HxGZ-fDDDDAQQ2gSQXFQXTE8jJWKgKE8AFCZGfw&dbm_d=AKAmf-A4opVkz_afVHqiC5geOC41FukXIe-L7R8Q5dLfEK4f2Y7ljWigbM9fXHPHETjUilWkAYUbLJDNBUrhRcs9Vie680krd3KMmpoBgkXn-4KqslYv64Fs9EvMb3CDvJFjkPdQc4ombU8_QNcvZ4LVLuyRbDgvsBQcJlM2pNJTteJm1jhKoj0ySr-VwebAJlFw1zQrE2beP-NzmKx1V0wGiYvNdQ3lzwW00tr_a4LaHMvezgpSCg8WNufMxlicB64Y2vUcWkk6kPThj4_S-XsXqc0iAHZIAJistz5qnTqohN7MFnu3VzH1Wvx9WItbNBx-E9RsXV6Vswu5PYoK34djOLMheTHI0px_pb6hVVUwVppgxt31oiu_fHo3QOvXG2O9qdUTxzXmNvCP2AF6Z7AgCcdTBC-9zfYDvZt48i1gTyprd-ehJftVr5rkvgE1k6BAagcJtY5rywErIoFjrG7k5OubTg2s3LAx5W8IOot4wmhLNCr33PmH6Sepy3CPNKf3Brrbjrfp_xFlLilZxsEIpqZI-hWTFJXnmwtIOygl9679hhsTthB4XAX-mYcWOYl93hMuVCb6LFWbl3dFeui66A_B39wVwa6Ja9q0KvMPAaMv7Y__asH37-IfB3fJNfHStdt0K-v4AmrkSEB-N59bTPxgX7DY6b_Wlr5SGZX_JvOX87qU704GjEDIyVF_sXjKTf1sU-2VYCnoCLkqr55RpO61cBoke8lmHIBHXj8kgJCS7uOc0ht0D4WsiUi-0bjUeOtSKLUxM5ysFVLhMBATz1-B1xWopQnrpvWSqojKlXJJmQCG1sLC6XYha-1o5ERHt-izlqMUSVlW5QUmZeDoSULXq09_7PdjT_jBMLAmjABh86gd1QIghcuUFC02tep3Yjp_dJsJwL6yg9m0YPTpNRajWHWmKhZTEajnDuYm2sITwIttxPmXA7ONfCwHUHAO41vl25233ExihQR_0Gc3hBRglGB8tAQWBDTAEEu2dFHVRCmRrGB85xKHiXDukr23N16E22PP1rVJYSDuYXBrdzUd2UpoPMtwRdlFjp97JyvQOG2OWlDpeRYnO279VkqNyPG78n9Z0sb_xNWWTWU9U5HVOqKdJ8aHFUehMOSmRjhuqPVB9EPzvFGUsVPpp4nTQKQGfY4SQyVrNjxkfoNL8eOV39VP1R9_ZQWia-puJcwYPc91Un9BWsuliBiCaz8VlRLh5I2nQ9PBm-dbFxOjfbECFNDunQN0IaOn8pj6r_-EV96siSgEQtuYiQ2sbaTZuc7kMY3BQDYRTMpPRrLU9HsyromR7M7k_xe8VY2sG8KHyhIjhftj6M-SD063cxOrBT--5J0Ak-VVeGtepb2EYN9nbSkzkUftvmSU7XrgnzJ7neQ5YboWyTtI7DVN4p042Dc8rgKbnYobCauUwIfZPqshsnUyVexBR9nnUTlfDCdf-Vmi6qsZpW8vq3UehQ6YnZYsIhJ3yKNziw__EDcB-SWcqau7r10n5kY2t_dI8MYgVGUIBislWja495-6gRyB8fRciEEtHhjZrDXH49RhSgkxJClV0bUhbwo79fzZFffI81uNGVF43uIAgBiPowtMqpgGEh-kl5HbonKcOw_BIcUMztHAzhFRcEKlrVoveKBupzCJADYXRpXpCe5BuRAW0eHoyIuZZ2JTThWrFnyhvy_clGOuy_mhtXfxfLkhOmqc5-Hht0i1ikozYgI-G5KrkvjJYXYrcc0ddr1XHrY1EccfHaDyvsh9Ij-zReUwdYVNLezjP1Cr6roC3MvmmZ8PuPVwCF1EBwT1nYxmfGGqTX6ta1wR8jGaFO1gFcp7I-bBBGFQifmqIYdb7F7pDqEpKMZIAchlMnoT9xFMU29zEUuDl5QqiBdiFVSCKBrJCBXTz_IbnsElAacPdmOawca0wM-m_LBy2BPbo0E6vsJyvCCn1P91J-yQB-5NIVRF-zo6NgIeXs99w3t_u-3Bzgg4EXth_hQXHgkqPtKwjqSyUKbuU6Ig39nGOV-BKS90TmQE43wNDCBsMv8oZyY27_exuQNdVx697tMc15Iy0x3o4FFBAMmdYCep0uNGoQGZkTPndRXvoez-whjf6S073qcDHITsPNiVcDiQfnZ6zgxtyCmImYaqWmFK7rP5KsoXlwUgd8gcVfN1Oa60nUR32QDWhtR6sgq8odFsAfN9NxB59NUhtisL344LjVUOGprkvk2YAB__Yw77OQsrmWrR50NiTCxuEgBniqlh38eSy9lpm6-qTb2S7CiENp4X_zhXeK_LMR-Yei38fGfBxBpoVjFwKnUxM50trC6aIzUYRbaJk7SrtAuA50CTmsSfI_rhCwGnHqEE5tK94IyIxqabeaoNNc7jZV73XQ1QOYAkEV-zpx15lGQWfX3OBiTi8BFUuXLsIFn0l_IghtiK6p2kXKYGVAR1fOXphwuOLoo_mvH01HEcrqVSkrKiy8QK-bzVOGAdRlgZrOQ8ysuzq-ibLVrYrH5NvRWMMdaVYyhO2lWaDerlPaJ6UoBBzy74QscvyhL5mZs0N5oPepl9o5pP_KmKXmW_2F3G_dLHziM31_iKXpn3SVsZ0ULzDkftbPBV0-MAHdNhXg0eL-r8CLQYMlRZnnE5zbauWCNNgxiFEo5BploA38ZmO6GRPryiGm90-8SyS9tvxUeBPe0Z4szT4DnQOE5ZTN95lnfy-cS2bPREcZmmNMDQvJqPMfR60xWH0lDNPa0XV-ZRi-RF7EQ2j5RXs3Nq-6GW85mgAWOQBZ96trRYZ2N7MJPWPfKlTS1qNlt9p39rWi0f4aFBhvolVn4mrFORJBQE8RjrkkmhgQDtYFFchn9H5e3aQs6L1BuECwBP2fTJnIPg73Xl5h9uCKqXPpNSVoBe7URK6F1t7O5JeKLp3gWnXj_11ftZLbI4fmFVSofOCuzSw1z7ZzKsXALkWkij26iHsU98koji0wbJGdrTYNfyvQtjWlIlH6d_d35Kgf4dYWJEXQoVl0qoY5rTBl9PRHIT4R_GpZRlJG5KM0wOAdmY3D1i_sOHhcy-d6qzOsWZRN6VW_mjG9-o71R6wwNHCwESCpz1qYiIG01skz8K0LipXF9VWs9HWvsMbT_6EPbACkMqhdyROxS4xBA_xpBFQph59JqZ4UCODeW0EudWel_gvAtqTxViUjzOJsawxOlgiJr6018wHq16MQU1g8_osNQheOEjS26EXCKGO8_7F3KknnZVUhQ2Aok91OVaLFjHIuI-Ovf-GIC9RCUH12xUTtSx01pYDzA8-SDrgW4fBq2T7bU5r02dvWrgKZti7CPIYoH_agoL8BNvdrBnoTzd73agO4vIKslsFGDLS2C5BWpxeRTE10ulH0Q3PmPuYzxs_iPlcCZyLMZQTgi4FGH1f7D8iilL-8WZQ9m1x5Z8GqqVvv8auYjgBBX9trmPue_xY51Caqnlftr_PS_ze7d3yKvQFfS66RmAfy6hubvO18fcAtiXcEx4Du9sezTMsVuhzGCUuUuvlkHDyLTuzalY4PwuwFwdUPZ0JnCd5zp89Ztv0tx4h3cT-qd_TbHwS8dqWW43DODOXz1c3e0Yjwv94vfQFuJHIu1-Eui4MFuE1qAsdQYls9ejManbj7lCGnwUu6ecsDuhw4l2NJX9iT6Zp-FRpEN40YnheGbN-DCRMsz8PKUi_eC-RI6tHWYXN5YLDaDaa5bpl587__YY0jyEiq2a9Lb5GZ9xvb9L0h_FADYV6x-i0zAK5ATUqh3ajDxrRb1qrzcr4HyvLFVOgRQUAAaxkqbkiuqtFp6r82mSGBsmJV0ziY6t0x7JQX_PvSwQ82O12je77E2w5qI5AKaRjNJp3fF7M17ZF3qmxc5Xlsu3LwEx8CFB33rdQ8t15_0yD7PAsVAlxrrs-ETyKFvqF2XWEXwLh8eLIdG6oxl0wo0iiDD30D79IO3p3ztKJvj8LaY&cid=CAQSSwDICaaN0oxa_K-9YvKtMM6jkTedJdq0Soq7SXAsm-rt4y8ZFa_TgJfo8KLLH3VkeOd49oO_YzYEVU6ZdnWS0PvtW19hB_To65LlhRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.blogto.com%2F&ds=l&xdt=1&iif=1&cor=16637368296633030000&adk=3037181500&idt=95&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
38506
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:57:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7DB4 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 12:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
389558
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 12:26:28 GMT
feeds
fireworkapi1.com/embed/v2/playlists/5m8Zbv/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fireworkapi1.com/embed/v2/playlists/5m8Zbv/feeds?page_size=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.blogto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
PUT, PATCH, DELETE
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
content-length
0
content-security-policy
default-src 'none';
date
Tue, 10 Oct 2023 00:39:06 GMT
server
Cowboy
x-request-id
F4yYDkMCxe7CpYsJs0dC
feeds
fireworkapi1.com/embed/v2/playlists/5m8Zbv/ 		46 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fireworkapi1.com/embed/v2/playlists/5m8Zbv/feeds?page_size=10
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
47c45acfa9580a3e8ed305945892d95bfef0e4815e12947e9e86bb786fd3c273
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

accept
application/json
Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type
application/json

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-security-policy
default-src 'none';
content-encoding
gzip
server
Cowboy
vary
accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
4495
x-request-id
F4yYDkvbg088RtgK12nB
truncated
/ Frame 7DB4 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
988f8a187e8294e06a72ca9a5164c0716ccdec713e0f4db7e982e6b955bd8178

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
player.js
player.aniview.com/script/6.1/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.5.0/ads-independent/ads-independent.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87ec59758fe234344499e963b0b78919e75507c00f7d629746cd3219974959fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvN2Kp9n8lRh7u1bkd1YkAehZkv40MFYZrwzmu4ry3yqM4q7ZRx2gRTlPbF3mYawyWjm5UhwT7KBFqXVod5Mt2FomJi2dE-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
13529
last-modified
Sun, 08 Oct 2023 08:36:21 GMT
server
UploadServer
etag
"00f9d69ea0d1106ba8c3a38c9b75d37c"
vary
Accept-Encoding
x-goog-generation
1696754181785835
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=0o+QjQ==, md5=APnWnqDREGuow6OMm3XTfA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
13529
accept-ranges
bytes
expires
Tue, 10 Oct 2023 00:49:06 GMT
track
track1.aniview.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=646c97b3629342bcd6062336&e=playerLoaded&cb=1696898346617&r=https://www.blogto.com/bakery/luna-bakery-toronto/
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.176.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-176-4.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
gpt.js
www.googletagservices.com/tag/js/ Frame 8CF5 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/154121/tag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72184684ebb1471e42b550d4188b0fb3d663b13367adcf4352eb788ad5539a22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29598
x-xss-protection
0
server
cafe
etag
768 / 19640 / m202310050101 / config-hash: 3619239551914878840
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 10 Oct 2023 00:39:06 GMT
track
t.teads.tv/ 		23 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=039a9ad3-b748-4bd0-984e-6b1b12aa5c87&pageId=154121&pid=168488&slot=native&vid=00000000-0000-0000-0000-000000000001&fv=1265&ts=1696898346625&f=1&referer=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Tue, 10 Oct 2023 00:39:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame BD7F 		411 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d15e7a88e23896dbbac9302c090e5129959fd10e7fdf728d88b4cdd6900c376

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:26:50 GMT
x-amz-version-id
PGg5piKECjXHXrRUyCLqE87C8ZadCRYO
content-encoding
br
last-modified
Mon, 09 Oct 2023 23:48:54 GMT
server
AmazonS3
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"b5b6b6eb54b1d6699cfb919cb40018c8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
737
x-amz-cf-id
hNOwTEQ9yNllAQZc_Wv9rYcIJ2pJL00kBA-mu3-84fD63Sj7FHQZ1w==
index.html
s0.2mdn.net/sadbundle/10675493309707581418/ Frame 78F5 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10675493309707581418/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64a10429031264d6cf4a5773dc7c0fd8fd65e760e33f4f561b688e86bbe13230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
192781
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2282
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 07 Oct 2023 19:06:05 GMT
expires
Sun, 06 Oct 2024 19:06:05 GMT
last-modified
Tue, 09 May 2023 14:23:21 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3027 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5ePZckhKHRLaanO1po8ZletLe7Moy7ktQ6rbGPnMde3vi9tnloh9wXONdZw4zw28viCAJt2JKHP44sy8POyaV_dCvp2GD46yushwJBpGUaD6NGmMuW_2lyAsPM2LFM7X0TseTT9XKOErbKMgsiCmLh7x4PufCJb9rHzWJ-NwjAw-hXUuEBA1wEPigOtPVQcy98mW6w_auhSZwxbAwmwt-Zy59lNK8A72BDMA348MWqoPfeyxmhLEivZVjB6vNRWCD0GtH7e1HwJehDVRc68hPd8_c7gNXAhCT8qcfUzxmSD3P9YErS_nxGsv2Dwgiu_pVJRVQOmoppiJUbkv8iPEExw-LEw1pt-PFLJZUpQBEcgUDmNAVKL0T2PMRVf4-nddzA4aLVI7p42Mevr2TBZgaHX9mOd5_86frlZ9INCAbq3ODkFMlm4Ui1wWql-2lZpnrpnzXcH2zvS8KPzGxlzuVlSzVYyBy_gDuQHk0pp1ZksiZXlmh9d_-uXaRkKx9k9HuDrvSNusgkqak59IEV6q2GUjpdHRQ1WY9LfCwJkkGVp9nsMeH_AN5iuyhOEW9epWS0McYcZlDbPadPkqOmcLDLgpbbuBJtpW2G8Zj2kX6AmQChEaAx5_IHIXW4PIephZ2j9wdZvOTFlMtmrRCHITwbDWYAhptVqbwflByXgl91w69xkQytfMRlVTNCaqw97rIG-67h6o1MRkPz970M27aZH-xvLtplBWu35YkRMkjR5Qy46lATGNpJhF1DcNltzRLvnLPIO-uG1IGNU1_kM8jwOz-hVn55hMMiNcdeDztih8Dijq0Vwe9VbSybMl6t6Zw-nnpc34StpTjp6XdU6b-9GZOSCkZ_-gAgJIi8RP0CirVc_Dm6WLiMIUvaHS4kCJaPKn9L-mQOJaqxPDsuzGSohySnlYjfywexz57M6o9ysSsQhrAZV3QcUHaLsD4mqLbq5OBC2PlOJIUfl7r9ySgdFuCSXf9yfYX7Djz5WjXkKSTBAeIfvv4m2NVOTed39sKmUZykLpmFbetGmRWg_ag9HM2ePUKCs4HxFWvrNP17Aqt7koQkpGmQRqw4hZvs5ikPrcyUkIGaely34EEoX3_yXyaRPJ25W4ahc4rakbtxutJqSdhK8MEng1TtdXWcOdysgAeHBwZV6ERr9EzVy2oH0DlvdmYIuAvrv-sVZ9XbwU8QjdYJB9q9nULoq6Np8p2ToZ1AI_EocmkhbbrG_blw9SZogXTXotLkmoSlppUpWgybGuErXhtrTacGX9AbsEQKQcxKZpW4kl52tOO1-W_r2MmFJSnQyeF8-_VVOGOqopyZ0Wg73hZxhX-jU29u7ZwZYMjJrPHGrC96C6B4Y_BQ2v6aJ2zsnoG1U9NLYm_E_6MfzKkascN0fNHDDauTxRErJ-KrzahF64&sai=AMfl-YS1kWhJHxOKxgjFrTnwzKL9AbImt2Pz83ZYSgxdR-F3hAQPkWQEpy3RYVcoFEYMQa7pC7NiDEu6oAadYulyPOXFiwKR35HeSj5vQDvKsslmyeqTjnsZNjf_usNcnx7cc9GFP1qeredYikWU-U8SNUEqZxYJibVGkAmq63kwykX1ISYCGo6qch-7atVnZFeJaYxWtfCwdS3ewqpTdCwex_o01ZBST-Iln0MSwzT03F64pUA&sig=Cg0ArKJSzOJaMgaY05J8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=216&cbvp=1&cstd=212&cisv=r20231004.20231&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 10 Oct 2023 00:39:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ad_setting
fireworkadservices1.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fireworkadservices1.com/api/ad_setting?playlist_id=5m8Zbv&ad_target_platform=desktop_web&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.blogto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
PUT, PATCH, DELETE
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
content-length
0
content-security-policy
default-src 'none';
date
Tue, 10 Oct 2023 00:39:06 GMT
server
Cowboy
x-request-id
F4yYDkzSFXSerakJqM2C
ad_setting
fireworkadservices1.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fireworkadservices1.com/api/ad_setting?playlist_id=5m8Zbv&ad_target_platform=desktop_web&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.blogto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
PUT, PATCH, DELETE
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
content-length
0
content-security-policy
default-src 'none';
date
Tue, 10 Oct 2023 00:39:06 GMT
server
Cowboy
x-request-id
F4yYDk5kImsrInYHXzDE
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/gif
video_player:init
p2.fwpixel.com/trk/ 		2 B
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://p2.fwpixel.com/trk/video_player:init
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.107.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-107-242.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryZPgJYBNSJepQYeNO

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
server
openresty
content-type
text/plain
ad_setting
fireworkadservices1.com/api/ 		1 KB
902 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fireworkadservices1.com/api/ad_setting?playlist_id=5m8Zbv&ad_target_platform=desktop_web&
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
9ae93204e6f56e5165c67884e09048f19fca83cfb6c8302098328a6f3ad00a7c
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-security-policy
default-src 'none';
content-encoding
gzip
server
Cowboy
vary
accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
607
x-request-id
F4yYDlXaPst8hfoHdfdE
video_player:init
p2.fwpixel.com/trk/ 		2 B
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://p2.fwpixel.com/trk/video_player:init
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.107.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-107-242.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryRTlWp8dOA0J5qsJI

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
server
openresty
content-type
text/plain
ad_setting
fireworkadservices1.com/api/ 		1 KB
903 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fireworkadservices1.com/api/ad_setting?playlist_id=5m8Zbv&ad_target_platform=desktop_web&
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
9ae93204e6f56e5165c67884e09048f19fca83cfb6c8302098328a6f3ad00a7c
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-security-policy
default-src 'none';
content-encoding
gzip
server
Cowboy
vary
accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
607
x-request-id
F4yYDldmd7nh95MKPK7B
pixels
fireworkanalytics.com/api/videos/oQZAKY/ 		90 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fireworkanalytics.com/api/videos/oQZAKY/pixels?api_host=https%3A%2F%2Fp2.fwpixel.com&autoplay=false&format=vast&play_trigger=clickplay&product=embed.web.naboo&video_play_id=a2bdc34b-8fa1-4aae-8e14-c5338f42ad09&session_id=71b18cde-dcf1-42aa-9463-9d7daf6a277d&platform=web&initial_player_layout=default&duration=73.073&variant=feed_query_from_playlist
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/chunks/6673-25c27a3ce63cbe2749ea.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
01d37d4686c077abc9c6fce6156855d5c9b534ec7e0e22d7d253b7f0314f198b
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-security-policy
default-src 'none';
content-encoding
gzip
server
Cowboy
vary
accept-encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
6187
x-request-id
F4yYDlBzLO6Oi2oGds8E
pixels
fireworkanalytics.com/api/videos/oQZAKY/ 		90 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fireworkanalytics.com/api/videos/oQZAKY/pixels?api_host=https%3A%2F%2Fp2.fwpixel.com&autoplay=false&format=vast&play_trigger=clickplay&product=embed.web.naboo&video_play_id=d7a3f6e1-f8ac-4f14-b909-89143f7f83b5&session_id=71b18cde-dcf1-42aa-9463-9d7daf6a277d&platform=web&initial_player_layout=default&duration=73.073&variant=feed_query_from_playlist
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/chunks/6673-25c27a3ce63cbe2749ea.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
39adcb8492bfd92965aa2bb57eb2b5f7da7f78295dc565de2791ebfa5296dda3
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:06 GMT
content-security-policy
default-src 'none';
content-encoding
gzip
server
Cowboy
vary
accept-encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
6200
x-request-id
F4yYDlGlTIwgDU0JsZpD
c301a94b7e8d2ce316d9380df1af93ec.svg
asset.fwcdn3.com/js/assets/ 		609 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.fwcdn3.com/js/assets/c301a94b7e8d2ce316d9380df1af93ec.svg
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
e525d4d8511d9acf82bf903f3fe8bd42f0f56bccbdfbef47cd80832a9c5c8f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
date
Mon, 09 Oct 2023 20:10:19 GMT
x-amz-request-id
KDFH31YNJTVQC3C5
age
16127
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
609
x-amz-id-2
PqhVYVUx5aI/GpZUQVjpMpdNKxeMyKMNrAbDn/xzcjm2qjBALUpW4wdlNgXpB4cwjsN3PbjOnwY=
last-modified
Mon, 09 Oct 2023 20:04:56 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
"1c9cbfc4e2f5c051aa00a91edf74d7bb"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
bytes
timing-allow-origin
*
cross-origin-response-policy
cross-origin
6070567289184762d96731219ea40f14.svg
asset.fwcdn3.com/js/assets/ 		1 KB
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.fwcdn3.com/js/assets/6070567289184762d96731219ea40f14.svg
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
fcc98777444a7e0412cee876c71e6f2a3c939c24a220a7f39123f2bf451ab421

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:10:19 GMT
x-amz-request-id
KDFRBGMFAB03D175
age
16127
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-amz-id-2
ylF42mNCDpUm2Qh1vN7kbnrw/1ji3uOt5uDO3fweU6gHXWi2kj+mgw6DZMlsD0/0NTewI+4XIFLGLKu+Qjeh9Q==
last-modified
Mon, 09 Oct 2023 20:04:56 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"fa7c045c0061fd453afc885f42343ccb"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
0659b14c6f97d87c7207d596dba5c21c.svg
asset.fwcdn3.com/js/assets/ 		1 KB
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.fwcdn3.com/js/assets/0659b14c6f97d87c7207d596dba5c21c.svg
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.111.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
8cd6f7b36a628b09c711a2650f33eae7cb688639d08b74c8be1b772b48ed96a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 google
content-encoding
br
date
Mon, 09 Oct 2023 20:10:19 GMT
x-amz-request-id
KDFH5P36276HEDCQ
age
16127
x-amz-server-side-encryption
AES256
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-amz-id-2
i6ZCUVnv3Uiy7kfna/vxku8Jvs9GylhZGjwAh3gdy2mCoq8fI+Ht/KPZNLbX5PIWLBjAKqI7YWN9AKKgQxwktw==
last-modified
Mon, 09 Oct 2023 20:04:56 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
W/"391d6a367fd83578965b07e9d3490525"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=3600
x-cache-hit
hit
x-amz-meta-env
prod
accept-ranges
none
timing-allow-origin
*
cross-origin-response-policy
cross-origin
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3D8C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
320418
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 07:38:48 GMT
expires
Sat, 05 Oct 2024 07:38:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
2023_09_14_Kaminari_IG_V2.mp4
cdn4.fireworktv.com/medias/2023/10/6/1696621468-mtdxhlgn/watermarked/540/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.fireworktv.com/medias/2023/10/6/1696621468-mtdxhlgn/watermarked/540/2023_09_14_Kaminari_IG_V2.mp4
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.19.225 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.19.117.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.blogto.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
YCHNhEqmqd8jCcQzYZAuLeEY87G_OEUm
via
1.1 google
date
Mon, 09 Oct 2023 20:45:19 GMT
x-amz-request-id
TPDJZNB16VDBH3F7
age
14028
cross-origin-embedder-policy
require-corp
x-amz-storage-class
INTELLIGENT_TIERING
Content-Range
bytes 0-8062204/8062205
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
8062205
x-amz-id-2
buUZjmEt3qkL8UeBE17fkM5sMp34Bqdvfy+IlyiGCFGeaDcm+ULGZAg9v3SMt9S933Aw0NoKGnw=
last-modified
Fri, 06 Oct 2023 19:48:10 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
"043882e6bf4519841a2f30cd495316c2"
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=3600,public
x-cache-hit
hit
timing-allow-origin
*
cross-origin-response-policy
cross-origin
2023_09_14_Kaminari_IG_V2.mp4
cdn4.fireworktv.com/medias/2023/10/6/1696621468-mtdxhlgn/watermarked/540/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.fireworktv.com/medias/2023/10/6/1696621468-mtdxhlgn/watermarked/540/2023_09_14_Kaminari_IG_V2.mp4
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.19.225 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.19.117.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.blogto.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
YCHNhEqmqd8jCcQzYZAuLeEY87G_OEUm
via
1.1 google
date
Mon, 09 Oct 2023 20:45:19 GMT
x-amz-request-id
TPDJZNB16VDBH3F7
age
14028
cross-origin-embedder-policy
require-corp
x-amz-storage-class
INTELLIGENT_TIERING
Content-Range
bytes 0-8062204/8062205
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
8062205
x-amz-id-2
buUZjmEt3qkL8UeBE17fkM5sMp34Bqdvfy+IlyiGCFGeaDcm+ULGZAg9v3SMt9S933Aw0NoKGnw=
last-modified
Fri, 06 Oct 2023 19:48:10 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
"043882e6bf4519841a2f30cd495316c2"
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=3600,public
x-cache-hit
hit
timing-allow-origin
*
cross-origin-response-policy
cross-origin
createjs.min.js
code.createjs.com/1.0.0/ Frame 78F5 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10675493309707581418/index.html?ev=01_250
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
index.js
s0.2mdn.net/sadbundle/10675493309707581418/ Frame 78F5 		203 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10675493309707581418/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10675493309707581418/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14ca40848d67bf800293dc093ca4bb1095f2093cc5b49eb04787ae8a2808ac2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10675493309707581418/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 02:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
510710
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37043
x-xss-protection
0
last-modified
Tue, 09 May 2023 14:23:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Oct 2024 02:47:16 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/ Frame BD7F 		419 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e3ef90c6df625cd4e0cb72b725bfd6f5dc98101da5eaa109fdbf9b5081cc3a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 10:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
49423
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134450
x-xss-protection
0
server
cafe
etag
18225737291834661133
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 08 Oct 2024 10:55:24 GMT
4a.js
static.adsafeprotected.com/ Frame 3027
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1475223/71249298/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-2050825284400963&ias_chanId=1&ias_placementId=20111337730&bidurl=https://www.blogto.com/b...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
akOqjFMSMxNB2K6FJA8jdyBVXEiL5nl0
content-encoding
gzip
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
date
Sat, 07 Oct 2023 01:26:11 GMT
x-amz-cf-pop
FRA56-P5
age
256377
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
HXadYcGpULuLwkJ_14PpaGINBxwUTbMkgk_PPdsI3YZ4RXgFCZbo5A==

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:07 GMT
server
nginx
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame D04C 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1643397
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
nnA5UoOWjL_GQs7lXAOvD6ucjn0XF4yNbsDCDXAwr_ibTOOvhDanOg==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 88CD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
320419
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 07:38:48 GMT
expires
Sat, 05 Oct 2024 07:38:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/14261951911485111691/ Frame 09BD 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e3154de017550f72d913eb2b8e5576348d9452a0bc4f5ced470bd22744b7f2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2742
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:07 GMT
expires
Wed, 09 Oct 2024 00:39:07 GMT
last-modified
Fri, 10 Mar 2023 10:27:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7DB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmC_7c_iXJ_8uY1uAI_S3nYFThE5SgCHTHG5oLo95ocSFBbHCNmb4Fl0ZZlY0DxYXE-XC2Ro2v-ECmWdRmBTJtGNhCnkdEZCQKKIfuYMsHZO27a8QRZrf7ZVlB-M3p0WlswhaLVo6lFBirtpKKQ-u0n4rYBt3-ejSPPF_gj2yXnhnRNa8jQyWi6qmx0RAFY-LO83ky8QU7emKg-qeqoSbvkktiocV0cEtHVTzNzXnIcz1ypSdp6QkX1AtUTmHjUT8vT43CVW4YqZ4c3QSr9YoDLgc0xbnGbMPIYC6aUyCzQb8j-fjnbBg2mY5hLS3E2oVL7mEQNr4SVZYX0NPFttFE9QG_avwQVX6AxPbI6r7arDJtNpSC0jiR-WUbEdUBde3DHAdKKCrbCUw4xtteNzbkKgwyad_o5PCocuqnc7r8JkS7Mg460HoT1QH8IDpDsXwenI_UwKeZccSXkB7KwDKjtnXLRMueH43JipAyTKWIZeoED1gXcQAn6c_nw9JteqC50PxnwVnfbsWgRBiHg7Sa5rFqTyrLBpv2giC-udO5NBgDsCEXUFaiSKhPcMbYuyrqGAMXgoqBl_1HjsTqLCl3E0ZduAcwJc7AvplY4xPv_0n-TZa5V707L2UWNd216dKFzPfJNlaq6VwYlz6EwYV5m3HM5ro6XY-zoVpQX-p_5GTBbZFzvk6Nc68FiRtBeBvT-a4DcupeE5Vkg5HEHkX181hwotj6BQLFRpDjeeRryfLvfd3ER0l9MSGGcOgKu0vw589Jjp-0puTmg6w2Buf1NF2k-3Z5ydSKRQqpzuzbldScJkeFKWgvJrG0qoghQqkoCpaKQHKxgjrZ5LFa5sHycrWN-jBVRNtFps3Uh3bALrvRNq01X9tewofCs1cQJRddbiv-nbR2ZFl7CjpeWxjO9NJJuixj4Yp4Dq0FLWdmLDmhJn-39yKDMIFVw6z_iy1JBXNfzHSWTf0q7gd5XEIMyhkkUikj2M0y_35Khz77qcgdlOsh_L40LD6EXu5_RroOjovfClvLBFraxKHcgWm2q9eODqzlc1zTbk1aqbzlSu0FlCORRVmo1jjXhC5hv3Med4CvaD4u_oERmCPT7cOuUmzJvAlxFGOGWEurWr7kx_ZArjEl7VqQO97uw08e2rzyd7ehoWhIjDI-iU2rdsk13zNGpmgz9juV0auDcOboFhJt3hIRks-p-DSZQJtprG8wBigPaWLWIysQzhp8x09ZDs5i9t3mnhSFZrASSWNCu9EzB1YMvjDXTBZhrvsc9tEGRfgiQGpc39cvFzZVqluSe12Tr5EHLoqx6kBEDJGr-Z-HipqSuy4A_UC9JA6UWvRFCPOvZBkw2VyDpZ69_VTM9nqry7AUCKckMl5Qa5Pu-wXdmY8g48IxyI9aCkej-p-gmyGPng0lokbLuVPlV-7kg8pEkqVv7wDW7A&sai=AMfl-YRPmRXWisKVYDSdJfKjj6gvhaVqfL76wYwiF-BOfCfxY8d0_t4eQ7c3k-JHN2LQ8RRGTQzAYT5ni0EcCFrRwrdoKoS9EGmc0yt2pXNcYIWlCgkjPGHEQD4oL4iindQuRjtFjQLB9wVs2z9u3xDoc16aqIAccvZgVs-m6jgnl1pN7bJ8TF46_5Qo5g9k7LXUqOxpVbAv6iqXgehojBgy-ita4_qSVIYe_tOzKKk2nntfjrA-Ep8-DFYiOKUDVz-w48nNF1_tTQIdPRYu1s0UmFRDVBWY2ALt4GRaaoXXXNOvzqx-qMI2m3xFoQA&sig=Cg0ArKJSzFQw_ZRJvrEMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=565&cbvp=1&cstd=553&cisv=r20231004.02809&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 10 Oct 2023 00:39:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4a.js
static.adsafeprotected.com/ Frame 7DB4
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1301380/73124933/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1010839380&ias_pubId=pub-2050825284400963&ias_chanId=1&ias_placementId=19777388098&bidurl=ht...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
akOqjFMSMxNB2K6FJA8jdyBVXEiL5nl0
content-encoding
gzip
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
date
Sat, 07 Oct 2023 01:26:11 GMT
x-amz-cf-pop
FRA56-P5
age
256377
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
pfBgKAJyoliTDCCriyQgDjg-tg7tAFH-f-r4U34RTEaFvT23dQ5FXw==

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:07 GMT
server
nginx
x-server-name
app11.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 403A 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1643397
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
JSR19Xc86Lnob25op1I1HqiVdBPvnpEiRoIfcT30tZM4-n-BvxfgyQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/ Frame 8CF5 		419 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e3ef90c6df625cd4e0cb72b725bfd6f5dc98101da5eaa109fdbf9b5081cc3a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 10:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
49423
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134450
x-xss-protection
0
server
cafe
etag
18225737291834661133
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 08 Oct 2024 10:55:24 GMT
dt
dt.adsafeprotected.com/ Frame 3027 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=c4682b05-5d66-236f-4abe-e03021c9594e&tv=%7Bc:qBjaEN,pingTime:-3,time:255,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:38%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:255,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B248~0%5D,as:%5B248~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSeUx3A+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d*.1475223-71249298%7C1d1%7C1d2%7C1d3%7C1e%7C1f1%7C1g%7C1h%7C1i,idMap:1d*,rmeas:1,rend:0,renddet:na,siq:40%7D&br=c
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:763d:a432:e71e:5bc1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:07 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 3027 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=c4682b05-5d66-236f-4abe-e03021c9594e&tv=%7Bc:qBjaER,pingTime:-6,time:259,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:259,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B252~0%5D,as:%5B252~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSeUx3A+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d*.1475223-71249298%7C1d1%7C1d2%7C1d3%7C1e%7C1f1%7C1g%7C1h%7C1i,idMap:1d*,rmeas:1,rend:0,renddet:na,siq:40%7D&tpiLookup=ao:www.blogto.com*&br=c
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:763d:a432:e71e:5bc1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:07 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 09BD 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 04:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71923
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 04:40:24 GMT
logoTransparent.svg
s0.2mdn.net/sadbundle/14261951911485111691/ Frame 09BD 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14261951911485111691/logoTransparent.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c786cb14f080d178e56ef576a1d88757f933ec271aab2c3227af3596317a7ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56929
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4808
x-xss-protection
0
last-modified
Fri, 10 Mar 2023 10:27:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 08:50:18 GMT
logo.svg
s0.2mdn.net/sadbundle/14261951911485111691/ Frame 09BD 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14261951911485111691/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df4a485ef7990a68074ce4b99c3ba7fa1666cb33bc312a3f7d9ce2653c5a0849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56929
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4985
x-xss-protection
0
last-modified
Fri, 10 Mar 2023 10:27:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 08:50:18 GMT
empty.svg
s0.2mdn.net/sadbundle/14261951911485111691/ Frame 09BD 		67 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14261951911485111691/empty.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac31ee81bea22e7ae83392d77f400ebf7f91e468b2b154c9e5f9596d56d0bea0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56929
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80
x-xss-protection
0
last-modified
Fri, 10 Mar 2023 10:27:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 08:50:18 GMT
close.svg
s0.2mdn.net/sadbundle/14261951911485111691/ Frame 09BD 		296 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14261951911485111691/close.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1098d61f63968b5ef596c2a18a75d777b39696610b24bea2f52cac1eeb68675d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56929
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
x-xss-protection
0
last-modified
Fri, 10 Mar 2023 10:27:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 08:50:18 GMT
backup.jpg
s0.2mdn.net/sadbundle/14261951911485111691/ Frame 09BD 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14261951911485111691/backup.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a00cfc6b02ce49da3c5be9f93f1a0d92091fe3f201165b1f6723b89e87db56ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:50:18 GMT
x-content-type-options
nosniff
age
56929
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8990
x-xss-protection
0
last-modified
Fri, 10 Mar 2023 10:27:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 08:50:18 GMT
style.css
s0.2mdn.net/sadbundle/14261951911485111691/ Frame 09BD 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14261951911485111691/style.css?@@decache
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f243268b2a214ade1944799f72194d4bf84a19658d0bd2cd6a0576323c0714b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56929
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2291
x-xss-protection
0
last-modified
Fri, 10 Mar 2023 10:27:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 08:50:18 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 09BD 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14261951911485111691/index.html?e=69&leftOffset=0&topOffset=0&c=ClpKmP4SBg&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 00:39:07 GMT
app.js
s0.2mdn.net/sadbundle/14261951911485111691/ Frame 09BD 		0
0
dt
dt.adsafeprotected.com/ Frame 7DB4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1301380&asId=159ebba7-d73e-2163-492a-a7a68722d9f8&tv=%7Bc:qBjaFn,pingTime:-3,time:183,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:32%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:184,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B176~0%5D,as:%5B176~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSeUx3A+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d.1475223-71249298%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f*.1301380-73124933%7C1f1%7C1f2%7C1f3%7C1g%7C1h%7C1i,idMap:1f*,rmeas:1,rend:0,renddet:DIV,siq:33%7D&br=c
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:763d:a432:e71e:5bc1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:07 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 7DB4 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1301380&asId=159ebba7-d73e-2163-492a-a7a68722d9f8&tv=%7Bc:qBjaFr,pingTime:-6,time:187,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:187,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B179~0%5D,as:%5B179~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSeUx3A+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d.1475223-71249298%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f*.1301380-73124933%7C1f1%7C1f2%7C1f3%7C1g%7C1h%7C1i,idMap:1f*,rmeas:1,rend:0,renddet:DIV,siq:33%7D&tpiLookup=ao:www.blogto.com*&br=c
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:763d:a432:e71e:5bc1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:07 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
hbp_master_270443_17910.js
player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame BD7F 		458 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_17910.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
9beaca4fc10363e8d4b27637f7ed2418e008b8d265c91e45fa4351f35eb3b317

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Wed, 11 Oct 2023 00:39:07 GMT
date
Tue, 10 Oct 2023 00:39:07 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 14:17:56 GMT
server
nginx
etag
W/"65158b14-72885"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
hbw_master_270443_17910.js
player.spotim.market/prebidlink/l_0Yn/ Frame BD7F 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/l_0Yn/hbw_master_270443_17910.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
c0cb6e13f34b140c9abd105219cdb12ad765c19d03b6a6477ddf2caa179e53d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Wed, 11 Oct 2023 00:39:07 GMT
date
Tue, 10 Oct 2023 00:39:07 GMT
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 13:21:09 GMT
server
nginx
etag
W/"6523fe45-231a4"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
AVmanager.js
player.aniview.com/script/6.1/ Frame 2E1E 		448 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9d2279c20b628cf8050e193b6099cbd98ae75a282acc0d7d98d411741936f88d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:07 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsRI-oMUo4cfQqo-O0IU8zovxJZf9YvQNC0tb4rKNY0ZROOx0MlmNv1BxQrwJS3g581HgtuRfbwAH6aJ5Dit7vz8RV7A6Mo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130747
last-modified
Sun, 08 Oct 2023 08:36:21 GMT
server
UploadServer
etag
"140d5d49d08ab672de929ef34abeaced"
vary
Accept-Encoding
x-goog-generation
1696754181709576
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=jT0LYg==, md5=FA1dSdCKtnLekp7zSr6s7Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130747
accept-ranges
bytes
expires
Tue, 10 Oct 2023 00:49:07 GMT
feed:create_embed_instance
p2.fwpixel.com/trk/ 		2 B
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://p2.fwpixel.com/trk/feed:create_embed_instance
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.107.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-107-242.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryj5lwH1dbdKneAA4A

Response headers

date
Tue, 10 Oct 2023 00:39:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
server
openresty
content-type
text/plain
dt
dt.adsafeprotected.com/ Frame 3027 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=c4682b05-5d66-236f-4abe-e03021c9594e&tv=%7Bc:qBjaGh,pingTime:-2,time:347,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1323,beZ:1324,mfA:1327,cmA:1328,inA:1328,inZ:1333,prA:1333,prZ:1353,si:1362,poA:1364,poZ:1394,cmZ:1394,mfZ:1394,loA:1581,loZ:1584,ltA:1670,ltZ:1670%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:38%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:347,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B340~0%5D,as:%5B340~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSeUx3A+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d*.1475223-71249298%7C1d1%7C1d2%7C1d3%7C1e%7C1f.1301380-73124933%7C1f1%7C1g%7C1h%7C1i,idMap:1d*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:40,sinceFw:306,readyFired:true%7D&br=c
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:763d:a432:e71e:5bc1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:07 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
feed:create_embed_instance
p2.fwpixel.com/trk/ 		2 B
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://p2.fwpixel.com/trk/feed:create_embed_instance
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/storyblock.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.107.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-107-242.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryeAiI6mrxpfALMlfn

Response headers

date
Tue, 10 Oct 2023 00:39:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
server
openresty
content-type
text/plain
pixels
fireworkanalytics.com/api/videos/oQZAKY/ 		158 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fireworkanalytics.com/api/videos/oQZAKY/pixels?api_host=https%3A%2F%2Fp2.fwpixel.com&autoplay=true&embed_instance_id=d1c8586d-0014-40fd-96ba-dcf4cfed0f7f&format=vast&play_trigger=clickplay&product=embed.web.naboo&video_play_id=d7a3f6e1-f8ac-4f14-b909-89143f7f83b5&session_id=71b18cde-dcf1-42aa-9463-9d7daf6a277d&platform=web&initial_player_layout=default&duration=73.073&variant=feed_query_from_playlist&app_context_type=embed_storyblock&context=playlist&channel=blogto&channel_id=RVMrqPZ&playlist_id=5m8Zbv&presentation=storyblock&guest_id=dbb607d8-3da3-44da-9df2-a2a807d4fef7&page_url=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/chunks/6673-25c27a3ce63cbe2749ea.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
bbb960a2c7a44e25d8a89f017a9786d66eff2d2b9c8c02d086dd4f66c8c40155
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:07 GMT
content-security-policy
default-src 'none';
content-encoding
gzip
server
Cowboy
vary
accept-encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
7092
x-request-id
F4yYDnR2N9tl8_cJpXTD
pixels
fireworkanalytics.com/api/videos/oQZAKY/ 		158 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fireworkanalytics.com/api/videos/oQZAKY/pixels?api_host=https%3A%2F%2Fp2.fwpixel.com&autoplay=true&embed_instance_id=f6d031ee-32bd-43d6-af5b-bc79150ed94c&format=vast&play_trigger=clickplay&product=embed.web.naboo&video_play_id=a2bdc34b-8fa1-4aae-8e14-c5338f42ad09&session_id=71b18cde-dcf1-42aa-9463-9d7daf6a277d&platform=web&initial_player_layout=default&duration=73.073&variant=feed_query_from_playlist&app_context_type=embed_storyblock&context=playlist&channel=blogto&channel_id=RVMrqPZ&playlist_id=5m8Zbv&presentation=storyblock&guest_id=dbb607d8-3da3-44da-9df2-a2a807d4fef7&page_url=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F
Requested by
Host: asset.fwcdn3.com
URL: https://asset.fwcdn3.com/js/chunks/6673-25c27a3ce63cbe2749ea.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.246.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
af2c2cffbd40f9b4e.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
6075a0a2aa3990f73370c30d7e5410d1f46d76913e1c2fe285b61a18450e14bb
Security Headers
Name Value
Content-Security-Policy default-src 'none';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:07 GMT
content-security-policy
default-src 'none';
content-encoding
gzip
server
Cowboy
vary
accept-encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
7109
x-request-id
F4yYDnS52rnK3e0Kvk1B
dt
dt.adsafeprotected.com/ Frame 7DB4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1301380&asId=159ebba7-d73e-2163-492a-a7a68722d9f8&tv=%7Bc:qBjaIp,pingTime:-2,time:371,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1301,beZ:1303,mfA:1305,cmA:1307,inA:1307,inZ:1312,prA:1313,prZ:1327,si:1334,poA:1335,poZ:1360,cmZ:1360,mfZ:1360,loA:1488,loZ:1491,ltA:1672,ltZ:1672%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:32%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:371,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B363~0%5D,as:%5B363~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSeUx3A+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d.1475223-71249298%7C1d1%7C1d2%7C1d3%7C1d4%7C1e%7C1f*.1301380-73124933%7C1f1%7C1f2%7C1f3%7C1g%7C1h%7C1i,idMap:1f*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:33,sinceFw:337,readyFired:true%7D&br=c
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:763d:a432:e71e:5bc1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:07 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js
pagead2.googlesyndication.com/bg/ Frame 3D8C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 12:44:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
388502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14584
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 12:44:05 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 8CF5 		24 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3065970196434945&correlator=1168275151847613&eid=31078638%2C31077189%2C44769661&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fif&iu_parts=70671651%2Cblogto%2CBlogTO_Teads_Desktop_Passback&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3Dbf2c6e6447f72856%3AT%3D1696898344%3ART%3D1696898344%3AS%3DALNI_Ma_vBIjwfjqA3SMMDDG7pzO1Fg4FA&gpic=UID%3D00000c934c2fe158%3AT%3D1696898344%3ART%3D1696898344%3AS%3DALNI_MYMWnT5m5VAavgLU-sv17ghl1L8FA&abxe=1&dt=1696898347619&lmt=1696891147&adxs=832&adys=1682&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=4823wfmz2x8u&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&ref=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&top=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1981056629.1696898344&ga_sid=1696898345&ga_hid=1437528894&ga_fc=true&dlt=1696898346633&idt=906&prev_scp=passback%3Dyes&adks=115645016&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ede17bc5125e51adae2276f83fdf13f17522ab5e0531993f6e918b13117e069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11398
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.blogto.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C832 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:07 GMT
expires
Wed, 09 Oct 2024 00:39:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
2023_09_14_Kaminari_IG_V2.mp4
cdn4.fireworktv.com/medias/2023/10/6/1696621468-mtdxhlgn/watermarked/540/ 		65 KB
65 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.fireworktv.com/medias/2023/10/6/1696621468-mtdxhlgn/watermarked/540/2023_09_14_Kaminari_IG_V2.mp4
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.19.225 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.19.117.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
daf324d513de2e9d717b5c75f73c4828075a15ee02887ffca9e433ceeb2e3bb0

Request headers

Referer
https://www.blogto.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range
bytes=7995392-

Response headers

x-amz-version-id
YCHNhEqmqd8jCcQzYZAuLeEY87G_OEUm
via
1.1 google
date
Mon, 09 Oct 2023 20:45:19 GMT
x-amz-request-id
TPDJZNB16VDBH3F7
age
14028
cross-origin-embedder-policy
require-corp
x-amz-storage-class
INTELLIGENT_TIERING
Content-Range
bytes 7995392-8062204/8062205
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
66813
x-amz-id-2
buUZjmEt3qkL8UeBE17fkM5sMp34Bqdvfy+IlyiGCFGeaDcm+ULGZAg9v3SMt9S933Aw0NoKGnw=
last-modified
Fri, 06 Oct 2023 19:48:10 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
"043882e6bf4519841a2f30cd495316c2"
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=3600,public
x-cache-hit
hit
timing-allow-origin
*
cross-origin-response-policy
cross-origin
GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js
pagead2.googlesyndication.com/bg/ Frame 88CD 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 12:44:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
388502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14584
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 12:44:05 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3027 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGB0c6-jSVxQ7eNylD58yfhtOmtIN36HYsi9AZbfntplEz6l5zKlMgnJHB9Aap7GogAWw6qyHbwqO87wXmqcYNx-lh5OhG8ey6pCFcjUjPMP6ZcEaXN8f7YmSfPTJan9XQ6bdO4atkoynD&sai=AMfl-YR96izXRGebaAxxXlZYXfrsyXJgjcguyXFBbBtymviNMu_sBAvrsPAdBCyHFMSb5tgt74lxeFdOsM47VIat0_u7IWilSQsNU0YL_sww9A&sig=Cg0ArKJSzGkEQME8DQjAEAE&cid=CAQSLgDICaaN2AcZaNXd1h__8MSl3D1DUjase6BaPMeDzam0vQpVEL-g3kV8IfMH3DcYAQ&id=lidar2&mcvt=1147&p=477,265,727,565&mtos=1147,1147,1147,1147,1147&tos=1147,0,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3461282252&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1696898345687&rpt=847&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7DB4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuN3Ikdv9jNj3l6Zc7p2TEktedfXMUGFlpXLlSaF0Wkqjd_6bzHHEOZ8bRi69m3yKvDCSfUHhG8H04tW2Z7pyqcp4iXCkE3DCD-FpAUBXdlW5896UGf3h6oEJfeJZgFEbgdK9TZqrulxPD5&sai=AMfl-YTFgc24YVKLEH8oyBm1jKnjKtW1PoS8OxGxIgE2a9nXNC668fOOA2ChEs9u97anNMRfZpHV7Sfjyf32sFnBP5a98p_t_0EA6a2b11kbkDfqquw0cQfEnIhIZhRT1LOQIoh4wpd1nPFVoSCa&sig=Cg0ArKJSzIUBLm9iym_FEAE&cid=CAQSSwDICaaN0oxa_K-9YvKtMM6jkTedJdq0Soq7SXAsm-rt4y8ZFa_TgJfo8KLLH3VkeOd49oO_YzYEVU6ZdnWS0PvtW19hB_To65LlhRgB&id=lidar2&mcvt=1099&p=89,315,339,1285&mtos=1099,1099,1099,1099,1099&tos=1099,0,0,0,0&v=20231009&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1715623156&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1696898345817&rpt=784&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3027 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5ePZckhKHRLaanO1po8ZletLe7Moy7ktQ6rbGPnMde3vi9tnloh9wXONdZw4zw28viCAJt2JKHP44sy8POyaV_dCvp2GD46yushwJBpGUaD6NGmMuW_2lyAsPM2LFM7X0TseTT9XKOErbKMgsiCmLh7x4PufCJb9rHzWJ-NwjAw-hXUuEBA1wEPigOtPVQcy98mW6w_auhSZwxbAwmwt-Zy59lNK8A72BDMA348MWqoPfeyxmhLEivZVjB6vNRWCD0GtH7e1HwJehDVRc68hPd8_c7gNXAhCT8qcfUzxmSD3P9YErS_nxGsv2Dwgiu_pVJRVQOmoppiJUbkv8iPEExw-LEw1pt-PFLJZUpQBEcgUDmNAVKL0T2PMRVf4-nddzA4aLVI7p42Mevr2TBZgaHX9mOd5_86frlZ9INCAbq3ODkFMlm4Ui1wWql-2lZpnrpnzXcH2zvS8KPzGxlzuVlSzVYyBy_gDuQHk0pp1ZksiZXlmh9d_-uXaRkKx9k9HuDrvSNusgkqak59IEV6q2GUjpdHRQ1WY9LfCwJkkGVp9nsMeH_AN5iuyhOEW9epWS0McYcZlDbPadPkqOmcLDLgpbbuBJtpW2G8Zj2kX6AmQChEaAx5_IHIXW4PIephZ2j9wdZvOTFlMtmrRCHITwbDWYAhptVqbwflByXgl91w69xkQytfMRlVTNCaqw97rIG-67h6o1MRkPz970M27aZH-xvLtplBWu35YkRMkjR5Qy46lATGNpJhF1DcNltzRLvnLPIO-uG1IGNU1_kM8jwOz-hVn55hMMiNcdeDztih8Dijq0Vwe9VbSybMl6t6Zw-nnpc34StpTjp6XdU6b-9GZOSCkZ_-gAgJIi8RP0CirVc_Dm6WLiMIUvaHS4kCJaPKn9L-mQOJaqxPDsuzGSohySnlYjfywexz57M6o9ysSsQhrAZV3QcUHaLsD4mqLbq5OBC2PlOJIUfl7r9ySgdFuCSXf9yfYX7Djz5WjXkKSTBAeIfvv4m2NVOTed39sKmUZykLpmFbetGmRWg_ag9HM2ePUKCs4HxFWvrNP17Aqt7koQkpGmQRqw4hZvs5ikPrcyUkIGaely34EEoX3_yXyaRPJ25W4ahc4rakbtxutJqSdhK8MEng1TtdXWcOdysgAeHBwZV6ERr9EzVy2oH0DlvdmYIuAvrv-sVZ9XbwU8QjdYJB9q9nULoq6Np8p2ToZ1AI_EocmkhbbrG_blw9SZogXTXotLkmoSlppUpWgybGuErXhtrTacGX9AbsEQKQcxKZpW4kl52tOO1-W_r2MmFJSnQyeF8-_VVOGOqopyZ0Wg73hZxhX-jU29u7ZwZYMjJrPHGrC96C6B4Y_BQ2v6aJ2zsnoG1U9NLYm_E_6MfzKkascN0fNHDDauTxRErJ-KrzahF64&sai=AMfl-YS1kWhJHxOKxgjFrTnwzKL9AbImt2Pz83ZYSgxdR-F3hAQPkWQEpy3RYVcoFEYMQa7pC7NiDEu6oAadYulyPOXFiwKR35HeSj5vQDvKsslmyeqTjnsZNjf_usNcnx7cc9GFP1qeredYikWU-U8SNUEqZxYJibVGkAmq63kwykX1ISYCGo6qch-7atVnZFeJaYxWtfCwdS3ewqpTdCwex_o01ZBST-Iln0MSwzT03F64pUA&sig=Cg0ArKJSzOJaMgaY05J8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1382&vt=11&dtpt=1166&dett=3&cstd=212&cisv=r20231004.20231&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
go1.aniview.com/api/adserver/tag/ 		55 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_mnhjJdcW&AV_CDIM2=Desktop&AV_CDIM3=independent_ad&AV_CDIM4=1e6e2174-2a67-4dd9-840b-9ec0c571ce56&AV_CDIM5=JTIofqowqd_KFYpE5MMA7-isUtFsRXzi3KrujaG4ScnY3NBYemco5YX0jmWOgR1p&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=70671651&AV_CDIM10=v22.5.0&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads-independent&AV_SCHAIN=1.0%2C1!spotim.market%2Cpub_lFflnF0ELP04%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=646c97b3629342bcd6062336&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.blogto.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/646c97b3629342bcd6062336/www.blogto.com&d36=6.2.133&responsive=1&sver=4&avtoken=347899&omv=1.0.1&clsid=4a5a4019-aa50-4b2a-8e83-3a4ec787d401&rando=64&AV_WIDTH=707&AV_HEIGHT=398&AV_DNT=0&cb=1696898347902&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.243.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-243-137.compute-1.amazonaws.com
Software
/
Resource Hash
94206037fcdcc394648b3bf986bdc42a23056f499a26859dff22ec3c59edaf9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.blogto.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Thu, 28 Sep 2023 10:52:28 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.blogto.com&sn=&cd1=sp_mnhjJdcW&cd2=Desktop&cd3=independent_ad&cd4=1e6e2174-2a67-4dd9-840b-9ec0c571ce56&cd5=JTIofqowqd_KFYpE5MMA7-isUtFsRXzi3KrujaG4ScnY3NBYemco5YX0jmWOgR1p&cd6=stable&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=70671651&cd10=v22.5.0&cd13=false&cd14=%5B%5D&cd15=ads-independent&ic=0&tgt=0&app=&wi=707&he=398&test=&d36=6.2.133&apppkg=&fv=1&proto=https&clsid=4a5a4019-aa50-4b2a-8e83-3a4ec787d401&rando=64&pid=5e0e296628a061270b21ccab&cid=646c97b3629342bcd6062336&stagid=&stplid=&e=inventory&vi=0&cb=1696898347901
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.176.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-176-4.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:07 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3027 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiofK9CeSXAcT8qH7aT8MNQ3g1cfaT8t2KoZIdCJMB8TWRNmmnWUD3NwyIHQd9xHdCs0xV7UqlShGWZ4odH-7VYbEIdwP-rpIZBGiPfcxB-qfOGA2VnVGGYrIu6SL-uesogQkJxr8dOXDshvtuRTynusMSbYd_NGhuhpo8&sai=AMfl-YT4y02EM6wUa_7A4VwMedx3M7_D4O16fzqekw3VVTYNWD9M4KinsVd7IjX1Er2VMlgjpW-Cox410XGlD_6LRH31K-tWfWJimbIKIJ0RtWnzvn7DiDNaz-c7xcpN7Ok&sig=Cg0ArKJSzFqEDaJ4FHfpEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7DB4 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssYeOYehmp3tJXA3tTJx3sW9AQCvX67qHgi1wMsRpMFBJmQMmOcvzDftp-j_NdlGc7Y7Q6L0LertvQPOuamtqJPj4IZukRE1cUMpUnb3Cm6DqCYW55kSAiCoBHQyscrk_0gA3Pr5r4WCPFCOu_TEJPnJRBHVgnGajpw9w5Zt0TxLm-q5fE4Ol3YIvDYxkj1nvWFZ4Ymo7VncPMkFoIiYtHmvMVHulYuewB0oYI&sai=AMfl-YQU9-awfT9Hnhi3GQIXoMqdUqnoJ_YZw48t00Q4XCz-S0QWUJbNTzyoDs4uFBG9-4b7mPBhavocHck6wJ-_8-7IGcU3vxeCJZvYPN_ho2vRQNVJ2-rMVxZEAmBxD6G7gKT5B-Nq_Y6f5O8dCLVCZB1nimg&sig=Cg0ArKJSzJUQyH43J8T_EAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8CF5 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a36910e7773d4d98113eb1d4975a70bbefd257cf246669df97e0c4ab038cd76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12013
x-xss-protection
0
config.json
player.adtelligent.com/exchange_rates/279896/ Frame BD7F 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwww.blogto.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_17910.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
8e95e30325817581bad0e680f1e0f6a1e32bc25d2438a60b26bb7e160ff94d2d

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

expires
Wed, 11 Oct 2023 00:39:07 GMT
date
Tue, 10 Oct 2023 00:39:07 GMT
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 12:01:12 GMT
server
nginx
etag
W/"6523eb88-84d"
content-type
application/json
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=86400
x-proxy-cache
HIT
apstag.js
c.amazon-adsystem.com/aax2/ Frame BD7F 		255 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/l_0Yn/hbw_master_270443_17910.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 23:55:35 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront), 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 19:43:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
2614
x-amz-server-side-encryption
AES256
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Cot3UUTVWQrRX81FruY-bZUwRQRLsSkhdbJRyGr7Z5ULtpQ6nbdR6A==
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame BD7F 		411 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/l_0Yn/hbw_master_270443_17910.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f73697f7baf4be75029ab4db40d564c3c92263211da7960a992249536168e047

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:26:50 GMT
x-amz-version-id
APkvbHqvK6Rv1Kafqvjh1PMqhOXEet7L
content-encoding
br
last-modified
Mon, 09 Oct 2023 23:48:34 GMT
server
AmazonS3
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"8fe843a9552a76e3e98f91e5d1ea982c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
738
x-amz-cf-id
yxLI3sQWCw1DF9ypEsfsmlvqCPOWDJGQgZDG0ybuSGo2sfZNZMwjIw==
passback_970x250.js
static.adsafeprotected.com/ Frame D660 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_970x250.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
.AUJIbFgg5lm.Sl5dxN6YT6RZNYioRMX
content-encoding
gzip
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
date
Sun, 08 Oct 2023 04:55:29 GMT
x-amz-cf-pop
FRA56-P5
age
157420
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:56 GMT
server
AmazonS3
etag
W/"094948b2d1170876fb8e76e432d87da6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
tT9031yrHkimY4MKE9XpE47oV1mcly2qeydDakWsqSxaFB9l7nIKyw==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8CF5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 10 Oct 2023 00:39:08 GMT
/
ghb.spotim.market/geo/ Frame BD7F 		158 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/l_0Yn/hbw_master_270443_17910.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
cef27b207924de7d3e5109014718dec9661bca2062d948c349be4cf6a0ffc1e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Tue, 10 Oct 2023 00:39:07 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.blogto.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
158
tracking
ghb.spotim.market/adunit/ Frame BD7F 		43 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=17910&pbjsv=v7.37.4&full_page_url=https%3A%2F%2Fwww.blogto.com&adid=jlgp0e.9n&features=81952&vpbv=N177&tte=1568&lifecycle_tte=1600
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/l_0Yn/hbw_master_270443_17910.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Tue, 10 Oct 2023 00:39:07 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.blogto.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
dt
dt.adsafeprotected.com/ Frame 3027 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=c4682b05-5d66-236f-4abe-e03021c9594e&tv=%7Bc:qBjaRF,pingTime:-10,time:1053,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xNDkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696898348063%7C%7C12d786368102097e4b62d564daec4bf1%7C%7C8e5269e98501ac65ff2ab303e742fcb1%7C%7Ce396e44b5bd3e1dac55ad662112e4969%7C%7C6b1aef90bbbe86ab952099aca505c1fc%7C%7C98632d7c647377ba08ee67f340b5b723%7C%7C96f404f5e1b78fd3e191df901e77edf1%7C%7Ca411ded5ae32094b19b05ef323e07f00%7C%7C1663701684,im:%7Bpci:%7Btdr:811%7D%7D%7D
Requested by
Host: 3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
URL: https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:763d:a432:e71e:5bc1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:08 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
IAS_PassbackAds_970x250.png
static.adsafeprotected.com/ Frame D660 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_970x250.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
pdWOnfKbVAXycyDHbhFI_OqkWBFerFwW
date
Sat, 07 Oct 2023 23:40:16 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
240036
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
28949
last-modified
Fri, 18 Feb 2022 23:29:18 GMT
server
AmazonS3
etag
"9d3f43da9d0d0679ec0dfea58b2f1d45"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
vVOSeuMKnd9wTYzSCxdWVPe0rHCYu6ykDfpPpDqO5fiZGcYHTxxCtA==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9305 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
54518
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 09:30:30 GMT
expires
Tue, 08 Oct 2024 09:30:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F262 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
536bcdf7d6a133f69b6f2f082c53b8d84a92c61c3e067bcf4ea3b11727a7ae43
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rtrA-Gl23Yfzzw9XmEKyTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-rtrA-Gl23Yfzzw9XmEKyTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:08 GMT
expires
Tue, 10 Oct 2023 00:39:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
config.aps.amazon-adsystem.com/configs/ Frame BD7F 		537 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-39.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
cc99a7c3d00df09293cb18360d00c7e19c72bfd8f97a2293b4081c9da3cc88dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 23:50:27 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2921
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
ET-35P6MQ1k8UxhBVPjfwkMEM061hsLC4Z2XuoSajKyoD5PJO6jiRA==
config
c.amazon-adsystem.com/cdn/prod/ Frame BD7F 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.blogto.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7475ed67c86cbb577d1e88c08770cecc181cda9c652256f1ab74e85a51ee1ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 22:45:29 GMT
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
6819
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
4461
x-amz-cf-id
DRJqBVaP2I5jH0WayTzdqmmw-tPnBqjjEF15iD1vp2aEGdyhRhPh9Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame BD7F 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
date
Mon, 09 Oct 2023 07:09:25 GMT
x-amz-cf-pop
FRA56-P6
age
62984
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
xSy63sGF6atYwgRGV0ulyB_Oo8KFgjCj_6cN4xVgRJkuM9TNfFqImA==
view
googleads4.g.doubleclick.net/pcs/ Frame 7DB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmC_7c_iXJ_8uY1uAI_S3nYFThE5SgCHTHG5oLo95ocSFBbHCNmb4Fl0ZZlY0DxYXE-XC2Ro2v-ECmWdRmBTJtGNhCnkdEZCQKKIfuYMsHZO27a8QRZrf7ZVlB-M3p0WlswhaLVo6lFBirtpKKQ-u0n4rYBt3-ejSPPF_gj2yXnhnRNa8jQyWi6qmx0RAFY-LO83ky8QU7emKg-qeqoSbvkktiocV0cEtHVTzNzXnIcz1ypSdp6QkX1AtUTmHjUT8vT43CVW4YqZ4c3QSr9YoDLgc0xbnGbMPIYC6aUyCzQb8j-fjnbBg2mY5hLS3E2oVL7mEQNr4SVZYX0NPFttFE9QG_avwQVX6AxPbI6r7arDJtNpSC0jiR-WUbEdUBde3DHAdKKCrbCUw4xtteNzbkKgwyad_o5PCocuqnc7r8JkS7Mg460HoT1QH8IDpDsXwenI_UwKeZccSXkB7KwDKjtnXLRMueH43JipAyTKWIZeoED1gXcQAn6c_nw9JteqC50PxnwVnfbsWgRBiHg7Sa5rFqTyrLBpv2giC-udO5NBgDsCEXUFaiSKhPcMbYuyrqGAMXgoqBl_1HjsTqLCl3E0ZduAcwJc7AvplY4xPv_0n-TZa5V707L2UWNd216dKFzPfJNlaq6VwYlz6EwYV5m3HM5ro6XY-zoVpQX-p_5GTBbZFzvk6Nc68FiRtBeBvT-a4DcupeE5Vkg5HEHkX181hwotj6BQLFRpDjeeRryfLvfd3ER0l9MSGGcOgKu0vw589Jjp-0puTmg6w2Buf1NF2k-3Z5ydSKRQqpzuzbldScJkeFKWgvJrG0qoghQqkoCpaKQHKxgjrZ5LFa5sHycrWN-jBVRNtFps3Uh3bALrvRNq01X9tewofCs1cQJRddbiv-nbR2ZFl7CjpeWxjO9NJJuixj4Yp4Dq0FLWdmLDmhJn-39yKDMIFVw6z_iy1JBXNfzHSWTf0q7gd5XEIMyhkkUikj2M0y_35Khz77qcgdlOsh_L40LD6EXu5_RroOjovfClvLBFraxKHcgWm2q9eODqzlc1zTbk1aqbzlSu0FlCORRVmo1jjXhC5hv3Med4CvaD4u_oERmCPT7cOuUmzJvAlxFGOGWEurWr7kx_ZArjEl7VqQO97uw08e2rzyd7ehoWhIjDI-iU2rdsk13zNGpmgz9juV0auDcOboFhJt3hIRks-p-DSZQJtprG8wBigPaWLWIysQzhp8x09ZDs5i9t3mnhSFZrASSWNCu9EzB1YMvjDXTBZhrvsc9tEGRfgiQGpc39cvFzZVqluSe12Tr5EHLoqx6kBEDJGr-Z-HipqSuy4A_UC9JA6UWvRFCPOvZBkw2VyDpZ69_VTM9nqry7AUCKckMl5Qa5Pu-wXdmY8g48IxyI9aCkej-p-gmyGPng0lokbLuVPlV-7kg8pEkqVv7wDW7A&sai=AMfl-YRPmRXWisKVYDSdJfKjj6gvhaVqfL76wYwiF-BOfCfxY8d0_t4eQ7c3k-JHN2LQ8RRGTQzAYT5ni0EcCFrRwrdoKoS9EGmc0yt2pXNcYIWlCgkjPGHEQD4oL4iindQuRjtFjQLB9wVs2z9u3xDoc16aqIAccvZgVs-m6jgnl1pN7bJ8TF46_5Qo5g9k7LXUqOxpVbAv6iqXgehojBgy-ita4_qSVIYe_tOzKKk2nntfjrA-Ep8-DFYiOKUDVz-w48nNF1_tTQIdPRYu1s0UmFRDVBWY2ALt4GRaaoXXXNOvzqx-qMI2m3xFoQA&sig=Cg0ArKJSzFQw_ZRJvrEMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1624&vt=11&dtpt=1059&dett=4&cstd=553&cisv=r20231004.02809&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
2023_09_27_TOP3noodle_ttk_v2.1.mp4
cdn4.fireworktv.com/medias/2023/10/4/1696454564-ohamlxfr/watermarked/540/ 		687 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.fireworktv.com/medias/2023/10/4/1696454564-ohamlxfr/watermarked/540/2023_09_27_TOP3noodle_ttk_v2.1.mp4
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.19.225 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.19.117.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.blogto.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
3c4r06GmSUsCYFwxHn5qQF.DHKrwJu0k
via
1.1 google
date
Mon, 09 Oct 2023 08:03:13 GMT
x-amz-request-id
G3Y9FBREJAFYTNAC
age
59755
cross-origin-embedder-policy
require-corp
x-amz-storage-class
INTELLIGENT_TIERING
Content-Range
bytes 0-6178632/6178633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
6178633
x-amz-id-2
IiYKlW8wV+o0/XidjW89nwMWPntZLgVIIm0A+w2HuyrNP353xvWue/uDYy7lYSa3dcgMJU50vNc=
last-modified
Wed, 04 Oct 2023 21:25:24 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
"08361507288bdf4383909d3d54b44800"
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=3600,public
x-cache-hit
hit
timing-allow-origin
*
cross-origin-response-policy
cross-origin
tag
btloader.com/ Frame BD7F
Redirect Chain
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.blogto.com&ver=1.2
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.blogto.com&ver=1.2&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=www.blogto.com&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=blogto.com&upapi=true
18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5080945107927040&domain=blogto.com&upapi=true
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3896897e8db9c2fe1a35e5bda5eb7085be5846936ccc6d1cf5d425ec324d3a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
via
1.1 google
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 10 Oct 2023 00:35:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2c61163df8e29baa44e84204a67ae919"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUHhhWs6llBZsssUMn6vLAzQ6b%2FaA8Mf3sBDJKGub%2FPweyJGF5%2BIsFKQM32g5pcRYEjMvi5vY3%2BRWRICjlKhf5F%2BMNP%2Bg%2BgXAeUTnOTVtWsqcMI2ELYtQSF4L9l4fkUbwTjR%2BznoQ1KQOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
813acdf878192bae-FRA

Redirect headers

date
Tue, 10 Oct 2023 00:39:08 GMT
via
1.1 google
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2By0Yv4PFkCUkH%2B%2BLfMHKLiKquOPILrmujFMrTQ2xydRQGrXLkOBc2xNW7Kb5NhQPpvcFr5FnVYu2SfooCFEw964iHmJYDibdQb0gPrM9w9ufKRKMT3C91vZ%2BZ4YqCpij2r0Uoy71ay8pRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
/tag?o=5080945107927040&domain=blogto.com&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
813acdf73f4e2bae-FRA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame BD7F 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 10 Oct 2023 00:54:08 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame BD7F 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 02:55:32 GMT
content-encoding
gzip
via
1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
78217
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
BWIX3J_y6Yzr-4SBPB5DMQjhSW_Vip2nQKmJyE7mJy2XCBUw6PMyBQ==
hadron.js
cdn.hadronid.net/ Frame BD7F 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&ref=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&_it=amazon&partner_id=471
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907JHMEEKQ08DSV2
age
3144
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
813acdf4ba0a19a9-FRA
x-amz-id-2
oJpPJCbEID7z1zM9kIxlsqSbq8xeH5HC5gS4xpeHur3SW4yHO8BbtAlQwktjkw9El2h2R0B/Pt0=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame BD7F 		136 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c96b67edd277b9d12add863bf157c68853eb1429929972195f629cddc8b6b48f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 10:57:30 GMT
server
cloudflare
x-amz-request-id
GS2X1V5D6CMQEF15
age
162
etag
W/"7810b7b6142b3bdb32696e7b2987bc71"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
813acdf4bc69bb3b-FRA
x-amz-id-2
BS0IKX9tPcHOxtslYwenOe+gEfPPsSL29Dc//LFzjRV8D+A68hVx1vfaTixwwAVsMQeBGVr9XSwicq5oED53eA==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame BD7F 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Tue, 10 Oct 2023 00:54:08 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F262 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310050101&jk=3065970196434945&rc=
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 9305 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 19:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
18932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Oct 2024 19:23:36 GMT
2023_09_27_TOP3noodle_ttk_v2.1.mp4
cdn4.fireworktv.com/medias/2023/10/4/1696454564-ohamlxfr/watermarked/540/ 		50 KB
50 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.fireworktv.com/medias/2023/10/4/1696454564-ohamlxfr/watermarked/540/2023_09_27_TOP3noodle_ttk_v2.1.mp4
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.19.225 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.19.117.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
e9aac8f368f0627c43d5c9bc1602eaa1c7a786e19be2831e7aed049154b57704

Request headers

Referer
https://www.blogto.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range
bytes=6127616-

Response headers

x-amz-version-id
3c4r06GmSUsCYFwxHn5qQF.DHKrwJu0k
via
1.1 google
date
Mon, 09 Oct 2023 08:03:13 GMT
x-amz-request-id
G3Y9FBREJAFYTNAC
age
59755
cross-origin-embedder-policy
require-corp
x-amz-storage-class
INTELLIGENT_TIERING
Content-Range
bytes 6127616-6178632/6178633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
51017
x-amz-id-2
IiYKlW8wV+o0/XidjW89nwMWPntZLgVIIm0A+w2HuyrNP353xvWue/uDYy7lYSa3dcgMJU50vNc=
last-modified
Wed, 04 Oct 2023 21:25:24 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
"08361507288bdf4383909d3d54b44800"
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=3600,public
x-cache-hit
hit
timing-allow-origin
*
cross-origin-response-policy
cross-origin
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame BD7F 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Tue, 10 Oct 2023 00:54:08 GMT
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=471&sync=0&domain=www.blogto.com&url=https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.blogto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
813acdf5694765d8-FRA
content-length
0
content-type
application/json
date
Tue, 10 Oct 2023 00:39:08 GMT
debug
OPTIONS block
expires
Wed, 09 Oct 2024 00:39:08 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ Frame BD7F 		95 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=471&sync=0&domain=www.blogto.com&url=https://www.blogto.com/bakery/luna-bakery-toronto/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&ref=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&_it=amazon&partner_id=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74db8bb2b27c5f3d1f9f9de3b2f72a8c0e9366f81f8f443378a1bd087357c1a2

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
813acdf619bb65d8-FRA
map
bcp.crwdcntrl.net/6/ Frame BD7F 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.118.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-118-122.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ba7744908c14a049d68ec99a017ab4e54b0c2a8afd716a357b3f5996c9f46dbd

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:08 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.blogto.com
cache-control
no-cache
x-server
10.45.31.147
access-control-allow-credentials
true
content-length
60
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D8C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuHQHKp0kZeC1FMGigQeeiLzIDQAAAAA4AeAEAg&bg=!JSalJmnNAAYMG8UMLBs7ADQBe5WfOOBdFR65-JSW_HcqjkbF8kRU2K0yCE2i3b04hnotJf0Vf-c2DsUuEQ2-5rVXLz_eAgAAAStSAAAADGgBBwoAhkf7GBzmkVNpkBIY_Lvw56tlz523w110D38Z0RxQxGkijVe9E2T1ioVCMbqByTMixs9dJ-umZQHg59hHg5zOMa-t4G51HCL8LZAkalAnk0AFzzGWJNZdmaDCIUimreLOCM2hanB1DjcJ9sVNcGkWJrJvf6r1-RmF-3DYpV2HF082dB2p4mWXmQMFn82Q9J0ZHa70kM7DVQk3yZq7cGUR0g5ga5L9UP_slJ_AIS-OImpcBwjUPJImXzeAzmcDd_YglgxpKJDoRoFHh7LOyvRLQg2FNhIScQNntYX_bUoOwLwJQXKvrT5XQHaZiV4rX3YBXdP4_ewbZVqzQ6Hv3VKQFe7dG7OJUJAKmaYR0aHvYX1vgDcfNe78ZDc6JBd1FfIymZ-3C-h7GbHFAhpmnaRYVGNu7HrVdcFbQfIVFIeluSp-fPEKoZix1AMONIm7snAMNh6EQ55hGVJjXvWv7kIxXR0QyWwImeTUGV_m_6jtTBGpYgJg0cxESt6dgB9nmrmdgH7ngStvUCMOcTXr3jQo36IlFsNMPVppf7dno_XmN_Zc2Go2bd6edpHKZPQUqvMS81QdKriy-X66uP85-CFbzMckbQ-oGngQ20cFArJU53b2wuHbfmNwF0iS_7v2wfx4lVdfsIStGLMf-2ak-cTeO83E5lm6sHffa8nrQk7CBA3XZjEVKFo0SBopPcxW1acEj7aaee176Ia6Jl67MWWPu6i6mX97qsz0wF6TO4s36s2kE_bQa9cDPBZJSy8kjCMDoVKVvy92u9sUKlhWFV8FDSB3td3rzj8Pef08WrIm_akDtpaqfcu8wxHg321KYbDU6XpiHTu0mekGjmse6DM1vmL2s-sWtCLuI9R-JC-0F4_nprL0QkenuVeJzzgI2Xx944WShLeOdM_e0K_SuiIBqvfWtFE3457hjLYmQiw2M7t-zN12YwgBAMWOGA3YKbR-Fp1sh1AnrxlbfRAqRkg_RoJbRTrWxt8VwQs9IOCxVefFIHH1SV_gNvG4Gmm9lGL1S_7eJfqwRDx84JtnNZskD4gzg-4AKH95DcK8HKPOWAyttzNFBtVUQFfkWD8HeND5EDkcvSKXVOIE-crFTt7xNN1Lcalr1vIJPzQZcojZzfZGSfoV5-UHn8cfQzjTy2RFdrOs90Pydta02607a1Yu37uZhg3rLkcHSmid1K7HcdQVq2TVPHAXz6EjL4N7Vl8
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 74EE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:07 GMT
expires
Wed, 09 Oct 2024 00:39:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bid
aax.amazon-adsystem.com/e/dtb/ Frame BD7F 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&pid=dMHh0zNnBOT1q&cb=0&ws=336x280&v=23.919.1525&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1684830832128-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22320x250%22%5D%2C%22sn%22%3A%22%2F39694909%2C70671651%2FIndependent%2FInd-BlogTO%22%7D%5D&schain=1.0%2C1!spotim.market%2Cpub_lFflnF0ELP04%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
BVAM9XNA6Q5FD21S4MWP
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.blogto.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
HnFXxbmp54SYuLMRc5HEPq_PDsApv-AKCIFR1Uz49UkG35XSjZoYLA==
ads
securepubads.g.doubleclick.net/gampad/ Frame BD7F 		25 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=673764329366383&correlator=3448913215735298&eid=31077189&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fifs&iu_parts=39694909%3A70671651%2CIndependent%2CInd-BlogTO&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280%7C320x250&ifi=1&sfv=1-0-40&eri=5&sc=1&cookie=ID%3Dbf2c6e6447f72856%3AT%3D1696898344%3ART%3D1696898344%3AS%3DALNI_Ma_vBIjwfjqA3SMMDDG7pzO1Fg4FA&cdm=www.blogto.com&gpic=UID%3D00000c934c2fe158%3AT%3D1696898344%3ART%3D1696898344%3AS%3DALNI_MYMWnT5m5VAavgLU-sv17ghl1L8FA&abxe=1&dt=1696898348462&adxs=814&adys=3013&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=yrmgfvmflbdk&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=www.blogto.com&loc=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&top=www.blogto.com&vis=1&psz=336x280&msz=336x250&fws=260&ohw=336&ea=0&ga_vid=1981056629.1696898344&ga_sid=1696898345&ga_hid=1827813804&ga_fc=true&dlt=1696898346444&idt=1073&prev_scp=independentSpotId%3Dsp_mnhjJdcW%26assetGroupId%3Dstable%26isStickyAdUnit%3Dfalse%26pageViewId%3D1e6e2174-2a67-4dd9-840b-9ec0c571ce56%26slot%3Drow1-column1%26source_version%3Dv22.5.0%26topSpotId%3Dsp_mnhjJdcW%26source%3Dindependent_ad%26hb_rfBid%3D0%26amznbid%3D1%26amznp%3D1%26excl_cat%3DPREPOST&adks=705577134&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f1bf0ccf9c3cec4c13bd71ac9e5bd2bd3a77fd63029f626c90b3ded7ad20f3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11668
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.blogto.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BD7F 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13d6cf242c7b57a34242190b526c15a2ae3b87de40fd55609718d41e10e45784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12211
x-xss-protection
0
container.html
58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A38C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:08 GMT
expires
Wed, 09 Oct 2024 00:39:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88CD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMdSYKp0kZcfbFvePjuwPzaahiAYAAAAAOAHgBAI&bg=!FxSlFFvNAAYMG8UMLBs7ADQBe5WfOKQN2UZ-7Gk0m-hThP8ZR7MQ0-xdRjl43oy-UQB0stthVlTJDFhp3ThU17Hr1wBFAgAAAR9SAAAACWgBB5kDFmUx2ZbbqvU4Bvvy5AsAXr4z4swp5dF_6jHUU6Q2L4FCsNFUuaW30tMnOdn7_NIcpSfJfHdG6HoVmwNC-wYQ7isVQU0WDB967643rIwaEXtW76kmXUbRsrS1UN7n_0R1roiJzHvIJIr3_uSmnG36H2Q-f9EGTiVOs0xkY18tI6v9SPSa0-rB-4F1eo0RYSOIGjf0VUfCGVQHFY7nRndB2Sou3qOYHkjN5DmyhjmedHFJz-oIMPSLMGh1ZyEJOM4YtOdOtopUwfPCQELJr0PzUqrFpb5voeCQeMaKqTqbTPLHp-2RlJJ3qdpoWv-cZfmXGBX4kabx0p6dfCfdxyNCu1kjaJt1oNP6_9y2gwNz3YSNnba2Fna8KKLs-KsJjczwpSp7m6ofyomMs_WzgjQ1-_PMDvBuxhXraOz81JQCUWIGY2mthp6kqfoyVBlLQdVBBLvrMIdnz865K94hzCb2qFIjW0nOXyoLNzrg57d-2k3z4kEXIani3eyGVOBUtBv2n4C4f5X9aiLnTdBJZ0K4k8h747sHm-JxI9ruHoE7AzNzZl1Dj2LLDKJmjOK42Q_f0kgythPLJS3vH0BD4AJkzDWl4lFdSzPo5ORvLRGuXBKav1_-OD1XXroZxyrhg4-01uN9IETm7Yf-nAyS8BCjG2ZLpmG3JfAvWTKfOICCOB39keI5HYxnx1pYMNJMdzguZaM9emkSGCraMIed3SapEkeu2tP5Jpcm-v_FUHx5IMFeHundD6VHQyxgsgZf3s1jUAFlhW4kx_J8Huq5kknb1jtl1r0iYwt5B-tBHu6AkCzJCy4jGjUAi9VLBNIm-QEwBhNYXnq7LDCOwzXrwB2L2HVCqnfJpgwIjDirn1IuLa8oCS2wsatZT3P8MbyI4_5ouBDH1ATQ-qXSdXxJO7-_XpcwO1-tKRBbhgojpeGRz5ziHJOJQ7Myck7zvlCdDSx8JsFSfLvID2qp8OWOmBb306E9excrLjpVyfdeUb8-4ikFWbuybJDMZPNxxoF3emZZjD6U01YWW8JjPvGJdnqJ3wNCbxxl56c
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum.casalemedia.com/ Frame 0379 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D42%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bafb8f939a31c8051567e11c9cfe86e6f54aa5c989f63ab8aa815bc780de5aaa

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
813acdf60f05bb67-FRA
content-encoding
br
content-type
text/html
date
Tue, 10 Oct 2023 00:39:08 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2slMgAQtPZE1OciJvRkxsR1c7Ud8CX2QJddrnYm7szVIUeQiem91DW%2BfhaqsX2RqH51Ew8mggt4JdXYpBP4i30DUrgBIC2cppBB%2FkPcuIEnk%2B8JZnPrTU2hj4dMu%2Fa%2F%2BTx63IWZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame 1E71
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1696898348168-945556496869-001642-010-000522&biddername=55&key=6300135777869648842
0
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1696898348168-945556496869-001642-010-000522&biddername=55&key=6300135777869648842
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.248.204 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-248-204.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Tue, 10 Oct 2023 00:39:08 GMT

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
d07467bd-3f3b-4ef6-a6ac-54b582e4ceb5
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 10 Oct 2023 00:39:08 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1696898348168-945556496869-001642-010-000522&biddername=55&key=6300135777869648842
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
178.162.209.132; 178.162.209.132; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
cookiesyncendpoint
sync.aniview.com/ Frame 23FA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26bid...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1696898348168-945556496869-001642-010-000522&biddername=200&key=OPTOUT
0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1696898348168-945556496869-001642-010-000522&biddername=200&key=OPTOUT
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.248.204 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-248-204.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Tue, 10 Oct 2023 00:39:08 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Tue, 10 Oct 2023 00:39:08 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1696898348168-945556496869-001642-010-000522&biddername=200&key=OPTOUT
pragma
no-cache
sync
ssbsync.smartadserver.com/api/ Frame BA71 		0
0
usync.html
eus.rubiconproject.com/ Frame 877B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 10 Oct 2023 00:39:08 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 10 Oct 2023 00:39:08 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
server
AkamaiGHost
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4860 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Tue, 10 Oct 2023 00:39:08 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
A
cm
u.openx.net/w/1.0/ Frame 3271 		43 B
295 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=5c25ba01-8014-471d-b115-9488b0bab07b&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D23%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Tue, 10 Oct 2023 00:39:08 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0D3A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50567
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 10 Oct 2023 00:39:08 GMT
expires
Tue, 10 Oct 2023 14:41:55 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 49E3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=[AV_GDPR]&gdpr_consent=[AV_CONSENT]&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
getuid
eb2.3lift.com/ Frame 1D57 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D41%26pid%3D5e0e296628a061270b21ccab%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 10 Oct 2023 00:39:08 GMT
pixel
ap.lijit.com/ Frame 3EFD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Tue, 10 Oct 2023 00:39:08 GMT
X-Sovrn-Pod
ad_ap2ams1
cookiesyncendpoint
sync.aniview.com/ Frame E945
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3665&_fw_gdpr=1&_fw_gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=ffab7fb82a22ec4a8ac1a75d3272e2ba&_fw_gdpr=1&_fw_gdpr_consent=
0
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=ffab7fb82a22ec4a8ac1a75d3272e2ba&_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.248.204 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-248-204.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Tue, 10 Oct 2023 00:39:08 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 10 Oct 2023 00:39:08 GMT
Expires
Tue, 10 Oct 2023 00:39:08 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=ffab7fb82a22ec4a8ac1a75d3272e2ba&_fw_gdpr=1&_fw_gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1696898348361051-553
auto-user-sync
ads.stickyadstv.com/ Frame 7905 		43 B
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-200.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 10 Oct 2023 00:39:08 GMT
Expires
Tue, 10 Oct 2023 00:39:08 GMT
Pragma
no-cache
Server
nginx
x-sticky-vk
1696898348347099-376
v1
match.sharethrough.com/universal/ Frame DD1E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=E5RP5Qpb&gdpr=1&consent=&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.123.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-123-6.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
us
sync.go.sonobi.com/ Frame 617E 		0
398 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D60%26key%3D%5BUID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, private
content-length
0
content-type
text/plain; charset=utf8
date
Tue, 10 Oct 2023 00:39:08 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-71
x-xss-protection
0
uc.html
sync.go.sonobi.com/ Frame 182D 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=aniview
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, private
content-encoding
gzip
content-type
text/html
date
Tue, 10 Oct 2023 00:39:08 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-35
x-xss-protection
0
sync-iframe
cs-server-s2s.yellowblue.io/ Frame C182 		0
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D80%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BpartnerId%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.214.104.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-104-9.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.blogto.com/
content-length
0
content-type
text/html
date
Tue, 10 Oct 2023 00:39:08 GMT
server
istio-envoy
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to GDPR policy: consent string is empty
cookiesyncredir
bttrack.com/pixel/ Frame 8C40 		35 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D204%26pid%3D62f53b2c7850d0786f227f64%26key%3D%7Bglobalid%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.68 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
68.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache
content-length
35
content-type
image/gif
date
Tue, 10 Oct 2023 00:39:06 GMT
expires
-1
pragma
no-cache
strict-transport-security
max-age=31536000;
x-servername
Track004-iad
sync
x.bidswitch.net/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=&user_id=1696898348168-945556496869-001642-010-000522&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.57.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-57-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D24%26pid%3D62f53b2c7850d0786f227f64%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D24%26pid%3D62f53b2c7850d0786f227f64%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.57.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-57-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
csyncs
ghb.spotim.market/ Frame BD7F 		2 KB
1012 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/csyncs?aid1=767137&aid2=767587&aid3=833229
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/l_0Yn/hbw_master_270443_17910.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
97496b2665be0b9abd2a59bc580114dd8749cd889df063adfd52078ff11403f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Tue, 10 Oct 2023 00:39:08 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.blogto.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
703
2023_09_27_TOP3noodle_ttk_v2.1.mp4
cdn4.fireworktv.com/medias/2023/10/4/1696454564-ohamlxfr/watermarked/540/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.fireworktv.com/medias/2023/10/4/1696454564-ohamlxfr/watermarked/540/2023_09_27_TOP3noodle_ttk_v2.1.mp4
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.19.225 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.19.117.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.blogto.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range
bytes=262144-

Response headers

x-amz-version-id
3c4r06GmSUsCYFwxHn5qQF.DHKrwJu0k
via
1.1 google
date
Mon, 09 Oct 2023 08:03:13 GMT
x-amz-request-id
G3Y9FBREJAFYTNAC
age
59755
cross-origin-embedder-policy
require-corp
x-amz-storage-class
INTELLIGENT_TIERING
Content-Range
bytes 262144-6178632/6178633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length
5916489
x-amz-id-2
IiYKlW8wV+o0/XidjW89nwMWPntZLgVIIm0A+w2HuyrNP353xvWue/uDYy7lYSa3dcgMJU50vNc=
last-modified
Wed, 04 Oct 2023 21:25:24 GMT
server
AmazonS3
cross-origin-opener-policy
same-origin
etag
"08361507288bdf4383909d3d54b44800"
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=3600,public
x-cache-hit
hit
timing-allow-origin
*
cross-origin-response-policy
cross-origin
avpb7.51.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 2E1E 		222 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
da113d5c8af5bc0b2ef4a2ad0f7111caf9374be70bb5ee17ea2149bb66ae6ad2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsZKHdEfk6dKQWDimDxwwjurgosOfGRWS1au0WyYKsHFeRZd7Bz4MxSycp-Fr_RjggdT2FxZbwsMnEXgQZO-Ron1UKlF4Nw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
72053
last-modified
Sun, 08 Oct 2023 08:36:22 GMT
server
UploadServer
etag
"e0144629920c38ed75f2e4f21fae774b"
vary
Accept-Encoding
x-goog-generation
1696754182279058
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=MVfn1Q==, md5=4BRGKZIMOO118uTyH653Sw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
72053
accept-ranges
bytes
expires
Tue, 10 Oct 2023 00:49:08 GMT
avpb7.51.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 2E1E 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
fee3864ade0efb63463216c1d948e3f6ce4b856def993aa107faa2ba7a059969

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsRQRbDspyj4YkunL8jmeo1cxBO3U-f-p5qGMtc4EjjOv3d6VGIxRaT9MWp2Xy38ZUViaTCPpPpuhWpTKkp1mTAkV2dP45X
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23158
last-modified
Sun, 08 Oct 2023 08:36:22 GMT
server
UploadServer
etag
"ebff8e82ee9a065f2e0074e11ac6839c"
vary
Accept-Encoding
x-goog-generation
1696754182289184
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=QIh8Lw==, md5=6/+Ogu6aBl8uAHThGsaDnA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
23158
accept-ranges
bytes
expires
Tue, 10 Oct 2023 00:49:08 GMT
avpb7.51.0a3.js
player.aniview.com/script/6.1/libs/prebid/ Frame 2E1E 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b769093a19d592ca037d008dc4c9093c775f9aabe3dd94d8c5667f4ce678fe56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsak9e7xt314Q4XMxqWZErF2jV9UItEKNJZ7ykrxEfRFLhjgsXRUSohabnhCNcaEghar0u8wDqZNlQmmo_l1a8xCohRz517
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21046
last-modified
Sun, 08 Oct 2023 08:36:22 GMT
server
UploadServer
etag
"b7c6dea1657486999703ca3c2a36cd2b"
vary
Accept-Encoding
x-goog-generation
1696754182363374
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=bCAd7g==, md5=t8beoWV0hpmXA8o8KjbNKw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21046
accept-ranges
bytes
expires
Tue, 10 Oct 2023 00:49:08 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 4758 		255 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 23:55:35 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront), 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 19:43:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
2614
x-amz-server-side-encryption
AES256
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
qg8Z8ilaL0Bs5SNl4sgsGPE_W-PTIMGLXH866hcY-U1mLMY9e2S_ww==
apstag.js
c.amazon-adsystem.com/aax2/ Frame 80C9 		255 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 23:55:35 GMT
content-encoding
gzip
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront), 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 19:43:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
2614
x-amz-server-side-encryption
AES256
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
zx6A3yNd-NrawMswHbsTOOEkd82J528Sy9TunVNL18EhepalyCRmOg==
s2s
s2s.aniview.com/api/adserver/ 		0
476 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=82dd19a17ab567d5e772c0a13b8250aa&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1696898348168-945556496869-001642-010-000522&AV_CDIM1=sp_mnhjJdcW&AV_CDIM2=Desktop&AV_CDIM3=independent_ad&AV_CDIM4=1e6e2174-2a67-4dd9-840b-9ec0c571ce56&AV_CDIM5=JTIofqowqd_KFYpE5MMA7-isUtFsRXzi3KrujaG4ScnY3NBYemco5YX0jmWOgR1p&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=70671651&AV_CDIM10=v22.5.0&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads-independent&AV_SCHAIN=1.0%2C1!spotim.market%2Cpub_lFflnF0ELP04%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=646c97b3629342bcd6062336&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.blogto.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/646c97b3629342bcd6062336/www.blogto.com&d36=6.2.133&responsive=1&sver=4&avtoken=347899&omv=1.0.1&clsid=4a5a4019-aa50-4b2a-8e83-3a4ec787d401&rando=64&AV_WIDTH=707&AV_HEIGHT=398&AV_DNT=0&cb=6898348508&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=1&d5=0&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.202.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-202-9.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.blogto.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Thu, 28 Sep 2023 10:52:29 GMT
dcm
s.amazon-adsystem.com/ Frame 0379
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSSdKv8dTwVL0l6rBSwVHgAADJcAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSSdKv8dTwVL0l6rBSwVHgAADJcAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSSdKv8dTwVL0l6rBSwVHgAADJcAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 10 Oct 2023 00:39:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CC2QMS4349KEPHB79MZ6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 10 Oct 2023 00:39:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
879NM69SDAK9PZ4ZNCT8
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSSdKv8dTwVL0l6rBSwVHgAADJcAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 0379 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 0379
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSSdKv8dTwVL0l6rBSwVHgAADJcAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEI2CYpFdeBYquwtyQCSIjfI&google_cver=1
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEI2CYpFdeBYquwtyQCSIjfI&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D42%26key%3D
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tskBEJJI07xQfxm4cH4O%2Bl4JV3d%2B4sEOyLP3lLmN9BcMSyGfoPmNnPQZYvAClZnEt5pXNy0eNreLguOGGi4VUOAuOcQMnyKJCk%2FII7b0Ez4vuAqA9vO%2B%2B0ep02JXGau2jotdKYR9xx9rA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
813acdf90889bb67-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEI2CYpFdeBYquwtyQCSIjfI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0379
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6300135777869648842
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6300135777869648842
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D42%26key%3D
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUkwRVHuU%2BCRElGiEKXnNGXH5RkkNqfvK7PFZxp8Mkueri9AFn8D2nN68gPxcwbM5hGh%2BV7bSYq3eujjGw3JPysqLHnD9NHn62%2FNUROYQ1Vsgr8CeVV30mk62%2BOiH0D7ntLNLAo8IapJPg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
813acdf8d9ee6927-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:08 GMT
an-x-request-uuid
22db97a9-838f-448b-81bd-6b26cd8bd8d5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6300135777869648842
x-proxy-origin
178.162.209.132; 178.162.209.132; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 0379 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.222.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-222-43.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
Date
Tue, 10 Oct 2023 00:39:08 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 0379 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 0379
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c7bfaed9-e5a1-4c4b-8294-af073896e65c&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c7bfaed9-e5a1-4c4b-8294-af073896e65c&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D42%26key%3D
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DeYg1UDZIR0cuY0rIlaL%2FejDI5rTAYJ7QLrRAQmqVRJyfLdCz6Z5Ntf4EYxsygVpY6rvlmg0T%2FuUA3Vd9OWMhTcZ9tflhNUy2iYX3D%2Bbq8dc05vesZgCXtgTNRkmkxaeZgCRWa7PogOl4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
813acdf9ba5a6927-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=c7bfaed9-e5a1-4c4b-8294-af073896e65c&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Tue, 10 Oct 2023 00:39:08 GMT
server
_
content-length
0
bridge
cm.adgrx.com/ Frame 0379 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:08 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-6
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 0379 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1696898348168-945556496869-001642-010-000522&biddername=42&key=ZSSdKv8dTwVL0l6rBSwVHgAA%263223
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.248.204 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-248-204.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-length
0
471
a.ad.gt/api/v1/u/matches/ Frame BD7F 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/471?_it=amazon
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db4e40b5540d66095d71835c638cc4acc67c8e17a2371228b98231d4419931a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 10 Oct 2023 00:38:16 GMT
server
cloudflare
age
52
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
813acdf82fdf4d28-FRA
usync.js
eus.rubiconproject.com/ Frame 877B 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e2b1353ec42c26a50c5f47ee2bacdc5cb8a964fb8ce6ab58c8da0d9eadf65570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Tue, 10 Oct 2023 00:39:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Oct 2023 12:26:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42362
Connection
keep-alive
Content-Length
10539
Expires
Tue, 10 Oct 2023 12:25:10 GMT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame BD7F 		190 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Tue, 10 Oct 2023 01:09:09 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D4A2 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPmChOMCEJfSweQCGOPZ_twBMAE&v=APEucNUbRyOexI_0JRIxsuAuwObiYo_MNpM2mqwkWCslk9BG8viYmmxNGAd2cy0tU68Y0LjzPj1_NC3K6LZboXNDlslws4G4QcUmx3sbZUmsRPdv8HOMzt_B57GNYgMT5FbkiEf2N1t8yn-miTOAFtk7fFFqo_kqpROiAALCUs97Otb5ww4Qtao
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 74EE 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 10 Oct 2023 00:39:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 74EE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ByM9DE5hbvx64iKtUEV5e3JSYxg2Y8nzJ5n_CVRgJv7XCL3NUWW1a7ZIJ7MkqV0pWNksT8oiPWHH2Il0PSoCioaWj1X2YW_Tu-0bMHv0kCz7F5aT8
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 74EE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9874323547336490869&x=1&ct=76
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 74EE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:33:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
57933
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 08:33:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 74EE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
39779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:36:09 GMT
l
www.google.com/ads/measurement/ Frame 74EE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTo31GEZHfZVvwsNFiZAXtWqEE2MJ6NytLEnXMU1qN5rRe4EVSy8k0YsK_JlQqcK1S7xlKyVltmrFydmqCnCa0zrKjlw
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 74EE 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696851335058330"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 00:39:08 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0D3A 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30958425&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1696898348168-945556496869-001642-010-000522%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BD7F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 10 Oct 2023 00:39:08 GMT
sd
us-u.openx.net/w/1.0/ Frame D4A2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIdGMBgSVeAuLguIKIJlfpM&google_cver=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIdGMBgSVeAuLguIKIJlfpM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPmChOMCEJfSweQCGOPZ_twBMAE&v=APEucNUbRyOexI_0JRIxsuAuwObiYo_MNpM2mqwkWCslk9BG8viYmmxNGAd2cy0tU68Y0LjzPj1_NC3K6LZboXNDlslws4G4QcUmx3sbZUmsRPdv8HOMzt_B57GNYgMT5FbkiEf2N1t8yn-miTOAFtk7fFFqo_kqpROiAALCUs97Otb5ww4Qtao
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIdGMBgSVeAuLguIKIJlfpM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame D4A2 		43 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPmChOMCEJfSweQCGOPZ_twBMAE&v=APEucNUbRyOexI_0JRIxsuAuwObiYo_MNpM2mqwkWCslk9BG8viYmmxNGAd2cy0tU68Y0LjzPj1_NC3K6LZboXNDlslws4G4QcUmx3sbZUmsRPdv8HOMzt_B57GNYgMT5FbkiEf2N1t8yn-miTOAFtk7fFFqo_kqpROiAALCUs97Otb5ww4Qtao
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:08 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame D4A2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEJCHH6iygNlkm7Kdx5RNpNY&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEJCHH6iygNlkm7Kdx5RNpNY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPmChOMCEJfSweQCGOPZ_twBMAE&v=APEucNUbRyOexI_0JRIxsuAuwObiYo_MNpM2mqwkWCslk9BG8viYmmxNGAd2cy0tU68Y0LjzPj1_NC3K6LZboXNDlslws4G4QcUmx3sbZUmsRPdv8HOMzt_B57GNYgMT5FbkiEf2N1t8yn-miTOAFtk7fFFqo_kqpROiAALCUs97Otb5ww4Qtao
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Tue, 10 Oct 2023 00:39:09 GMT
pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEJCHH6iygNlkm7Kdx5RNpNY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame D4A2 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPmChOMCEJfSweQCGOPZ_twBMAE&v=APEucNUbRyOexI_0JRIxsuAuwObiYo_MNpM2mqwkWCslk9BG8viYmmxNGAd2cy0tU68Y0LjzPj1_NC3K6LZboXNDlslws4G4QcUmx3sbZUmsRPdv8HOMzt_B57GNYgMT5FbkiEf2N1t8yn-miTOAFtk7fFFqo_kqpROiAALCUs97Otb5ww4Qtao
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Tue, 10 Oct 2023 00:39:09 GMT
pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
/
onetag-sys.com/usync/ Frame F7CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
isyn
prebid.a-mo.net/ Frame A26A 		125 B
266 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
b151aa3d07143e0caf0150faf6eeb78f9869493f8eedb7ae5ad677194b5c39b4

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 10 Oct 2023 00:39:08 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
csync
sync.spotim.market/ Frame 1508
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=6300135777869648842&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=6300135777869648842&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 10 Oct 2023 00:39:08 GMT
Etag
bf6ab2235e9097ad
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
19779d97-1ae2-4dd9-848a-c8f0d17ba0a5
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 10 Oct 2023 00:39:08 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=6300135777869648842&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
178.162.209.132; 178.162.209.132; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
pixel
ap.lijit.com/ Frame 3BE6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Tue, 10 Oct 2023 00:39:08 GMT
X-Sovrn-Pod
ad_ap2ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 71B9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50567
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 10 Oct 2023 00:39:08 GMT
expires
Tue, 10 Oct 2023 14:41:55 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame BD7F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr={gdpr}&gdpr_consent={gdpr_consent}
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1696898348961
  • https://ad.turn.com/r/cs?pid=45&rndcb=8541523928
  • https://sync.1rx.io/usersync/turn/7957737046453556862?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-50230977-47a6-4cbc-b8ba-1295573f91fe-003?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-50230977-47a6-4cbc-b8ba-1...
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-50230977-47a6-4cbc-b8ba-1295573f91fe-003
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-50230977-47a6-4cbc-b8ba-1295573f91fe-003
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Tue, 10 Oct 2023 00:39:09 GMT
Server
Adtelligent
Etag
bf6ab2235e9097ad
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-50230977-47a6-4cbc-b8ba-1295573f91fe-003
date
Tue, 10 Oct 2023 00:39:09 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX5023097747a64cbcb8ba1295573f91fe003
content-type
text/html
usermatchredir
ssum-sec.casalemedia.com/ Frame BD7F 		43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POGyb5xztwriCUF%2FbB184ZkCH1%2FcLLdJEsd91VErwp6UT%2BGdjGzihkghQLJgzT%2B%2FFfAX29Jp5UeCGz%2FM2o364OKdKLav6fWVaN0H4%2FufO1Eb1JLOTPi6DMZ6qcYK72vogNk%2BHPv1FvPpBw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
813acdf90888bb67-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
pixel
ap.lijit.com/ Frame BD7F 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D733068%26extuid%3D%24UID
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 10 Oct 2023 00:39:08 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame BD7F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZSSdKv8dTwVL0l6rBSwVHgAA%263223
43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZSSdKv8dTwVL0l6rBSwVHgAA%263223
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Tue, 10 Oct 2023 00:39:08 GMT
Server
Adtelligent
Etag
bf6ab2235e9097ad
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hW4J85qxhSZEObw8HogPbAfoYQPeONnLQzr%2Fy9yXYhT8VLkxx5sxfqHZnw%2BDuEPy5%2Fy9nzoTPU93Pe1Wv6CJ1MpMMeIfoBTp9exlCNERrRx9pQFuOdA8e5BfMSfHb0vi8U2GRw8JLUZcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZSSdKv8dTwVL0l6rBSwVHgAA%263223
cache-control
no-cache
cf-ray
813acdf90887bb67-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
prebid
rtb.openx.net/sync/ Frame BD7F 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26ep%3D482928%26extuid%3D%24%7BUID%7D
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
khaos.json
token.rubiconproject.com/ Frame 877B 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4758 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
date
Mon, 09 Oct 2023 07:09:25 GMT
x-amz-cf-pop
FRA56-P6
age
62985
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ugOqsDkXSfRZX2vsgZIRWcxpsOQBQSeu5S6rAKX9mT4Yv6KMLus1Ag==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 74EE 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6060312267179&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 74EE 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6060312267179&version=m202309260101&ct=76&x=1&cor=9874323547336490000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 74EE 		105 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2VSrC5BzJ9kgOnc1x2JOnlj6ao1IDCS7UsbtjrXKfQox33uAmbifWyFBI9NtKDGiKj3GfUwFb3AG83LPaK8rV_APpvw&cry=1&dbm_d=AKAmf-CZb6Fr7nqF3NOOVUo3Dt0beYBAAXyowiALudbPf_R_Tmy3hQmz4blnoUW_bqmWf1eyLnGI79pZqCbo6fkuQoS4ZPEsdC6B5QGFVELS9bv_i1U8IT0l3egBz5RlT_u78zQy1Xo6kova8Jw2hHA7fyWq9wnZj_gzj3DSSzGbttxYc__rcthGoJj1B2bHH7AQYEUZm0UQUnheCwik0RG2nCK_LolMvQUq5b1aIdU6NgEP8hwWUfVSry-cnMX2_LKBtqufSDaGFgPiqp9DMiw-JKbF76unnl5EQpc3igADm4nvoW99Ru_yIvVQpzHXwNoRSnmMtssuiOw6weQDAo24XDguvcvCK6lG_zfN1F63RglDUNdKKWGOmUTunjScW2S7eCOFgCTYM0nmtGhgpUUp3aqP2q6AYGXTKsAM6XEGzyrDNZd2gGmSps4lNy012EovS828eGZO3vI7_2FSa3P3TeWtly2oEs8Kuw5Fs_vAUy_Szf4wKH2CtGi3Ffa-hgLmVCkXDmPqghmSF3QajL73NxGmz9SJgQ5rZ-EWdC2whTLCzHqtaaDQlsfR_tS2ndGH1lfyemUhJrIf6l3xcmt6kNbkaYi-C8VYyLFgub4gEc4sag-4DnQHrAw3G7vL05W7oYp93b23UcpXINyH067xoS-M1G7czuKkdF8wN-sY_ar5Qujr99-hwx-wAYpfcKNdDNI4XM7hnRIr6LpRfO-PD9pVwOWXOhr8hxHYAHZ2RwQrFS9JqpqKuAuxraDzTIvmZtSuHsBErrEardnDf462fG2slDKC6sKl8vWiy_K4Xcv5PMdw9yxP_TwFg-b5Y-uYBQikpvTMflWgTDYC13lV3iPMX35AYJ9NoHp8aA_scaj_iHefpYdgus5XtbMiPHIz6UuMYRAYqX_7-U8BHrZ4aXNlUXYyq6FbZ2QpWsXtU9FbxOYskrdcRyB8Tzs8VpaTGWQuMCsVUMxHuWxhSG3O5jKIVd14MGPNB7MK86stmcmCDtywQH1SZklDGGeyO5AiDBRAIFy22AGyrKATVTqRPGIJA1aJ141u9Hv5IM3oTtIIdtr9BplFt9DO-wxRulCdTa5iDIEtwGXa6a6hihd7r3fvPGQ52hAac6yzmgVMTHvIOQvjYuGSDvgknbVy0yv2Wp5HZ9yigyKFbmnrJRpYNqype3JBR6kJ362xNfHyn-ZCHJRzUrm6Y8wMoeLujA-qBSkHcojHWSvP9pddxmgv6up-lF4uZmYYZ_09sY2gqmvke9qFS7nGNhn2GNSpkdYlDT2FoDSrwpUSjQvIXTJeIJCq-tcfNWpm6dZ3SztcGXeKR22ZzUK2b5R67G8fBwCwsqKp-H_xuHOQwd5d7jYIbGSXLC5ih0o5lqBGn7lMmcAwfFWnJ36dVksQePQFJTVGra9EJnm_uTWkvXhswGVUbhJ0wqVbnTKqTqk6MXpvSP2ttzvtI9mYvYP5ssR0fgSaGaL352Vh3u9iZLSJCpu4McCcRlkXhtD3Uim7rK9Caw-FAs5Tj00Gi0T9UpmSaswdEjp_DJ-iScIUKj5doWXhi-PHYC4tpCD9m-GZneinrcbRCxPB9YnauZaU9HEpWcQoPZTZL3QTqKTVVinP-iP4HD7XAzvvtTcLhWrMjXSPhc09t1y9H09p819qK0f3v7Xu4T4r8rOSdFh1S1X_jlsWcTYSixthz5lKCjXmt6Nwlds3NK97bmqLlNeb8rHO9DTG-2HWsG2cpAnLaCtl9fnPkigf9lyNDhxafKipro7P9Zb3ZEKVwO0oB7pCYXtaZ8gEWnk7VKsng3GPVR5n4Yzr-Hv0K_EZYwQqlrLmQ2nB-8ntT5DY5qna0lmT_odRkkAo0oUz73p5JXBAvGzaxg4jr0xnHorULjlDz89L8uD6y11-H-8uPIsVTYzB5Cml4q9oq6vnZ4O76xcXHXxh7iiBaDVLfAjBKLOjkd9dz95JP7kWNkr9e7sJmu85FdXHA32BLNzRgbwhXf1ITVqgvds92pX-SeEaO2JI1X7-wv5QI9H6h9JQqyVWArHD4z56jXelBf9yIqqoQrK5oIa-BkmomHqT2jtnZp1KvnQhBXr2-qdNvd8i6H0IAh5HFgl_PsdQHfqeqbgxLERhOirV3JCipmNWGdCBYho8xFJa4xIyKk-hAcV62Ye7h9LJdxfQ2FJpV2-M4oul5qRw7Z6eIxmjwgjqpl_xM5IA3hxmkPN1LM68PcMnBCeyFe4nN822IlTtKvm7ylNSpFS8PYSijfKq0ft1_jdxrgvoVLW9mb6AcrlbgE_tTGdEN5YaEjOmoJGPKlkdE5lfzes4P5zaHTgYcr-qGuL9pIyV2pTw6NvvFoMcDQMSQf_D5dA4ewyUN5JFgEL1wRQ1XBllqu802bX9xt1cwoR-2qI4XlhPMPnDfOAcIh3vvw-vVVcb06sYjjnhN7ITgcItvOFctIuogzi_wo8M0_x-R0uSgSVlLdmej6nn4xA2yApqNgcxpHuua52fuIJdLmqhhCin8_Ki7mblgZy8NOpoWWP3pAWqSU0hQNHtgVOuyud2zI2A0BMJXBLeEKEbF4Srxfnsc_H-LilE5F57NOzn8NL7RjmTJI3DgAzj-Mf40bk-2VMkA8MwXLnisG6WZYiNMpEh4ZP9Soem_dDjX5luf2nxNj1oOZNRnIMs8L22mBl1E2cq6umwtz2Ei53-W4RNLlpclpINkmvWCAp8Fy9m0bUuVRMzkLueCOFsLahfB3nFRvhWPi7xdgxbsnWSnbIVtjd4YkaQE_XWzsgMkJSwKmnRag7NlM3_TNYnzkr8CAuNtK6tifr_K1hrw9cMCdKXZA48CHXN-4mvTua3d91vmOtSq6L5AQ5d-zqY97LADjG2J8fxQoOy5cJ8xsYRYIvVhkqxDeLXBg2s03cox05nCq0v5_CvIxcVMj2FDWy3pqaKsn_AEaBRDp1tTbIZBJ4YMAe0An4Pa6nIqUew515UkBhfhOEq72UWtKRAzNEVCh70ihnJJWoY75v_ZHKmn71zVoNG0vf-GfrirhMlVpDyN7ZkQv9O2q7IH_t6vf2m8YA1dr-NFBvx3RGjdRjif4sm3i34-3TvKa2UAyWKrzf32wUV5_We1gW7Qx2m3NcJIuvTo4UjW8-5evCYU3ftbSKDBgg7F_VCkVHfqy3Vcfyq0xmdXyfC1q6xDHidFlkUSHBQE1fcJxaI0w86m-e-YqF_DXgdMYZ50nctXQuFnNQC_x65tar6NLuAA8SU2IPKDUvyH8vB4WeDGUlEVfvZnaZ8ZXfIq7ONrJa_BexdNJPsXNeu7L-AL4WuzuElRmux09QDDHfuO1lpqXr-R_9m_4ujbp2ZXI16bFSZjyMijcyFyycPVCTZD5RfWmd7UqXNsme2HAu-5o2dSR5vK50nkQDX61TLbDUdQywGNywxQCcoA1tJXEJJ8GNUu-5KKzym4cHWLhq-YyH5elDCcmjo31-O4u8e7Xyxwl9jqF--pRryI8-nN9CMr1Jtc2IFTC7WorZ600lSRYvKfTWrsDOYCoPLpcBDdAfoRo2WHLYRUs3SZbHJOpwz_Mczggh1aHQ7oAgzjgQ6EYeJxtrTsZd0f1_oLze7ktoAq9GVNM9eSwmGysUSfMaim1tVhBWRL-zhQE06j5uyYeFdXGVcvyK0aM-K7z_9uusYz0mfB9jcqixRduo3HMycTRoqyHWhRbhsOVnzm1ZOKtGqybP_PoKX0v_BemcSZg-Ol5sXTSrlKcE7_w4bDQfPivTyxucrwF3_kxKCrwCcRzIPBliXgDFBBsOAPELopVI6Pdxq8Zrka6Fr3kJTdEBeMzau4EGUD9FsLDDkG5arhg71lWzx6kU9MTfhFGruuIZPUQdpm6e1R3wCJmx1KaLFsIjLeldPpdDngqLysLgFgOz3gejt2Ctw1dJwyUb-YYBL1KksvIJ2jo2Isg&cid=CAQSPADICaaN_TZ7Xo0jHaV3cU4Iptwc9XBzctP1LyGqhrjLWvnrQWWETSKHOgAbZGMP6Ket_ZJRE-0rg5GztxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.blogto.com&ds=l&xdt=1&iif=1&cor=9874323547336490000&adk=1541450355&idt=52&cac=0&dtd=58
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71329c9b4391abd32ee3fbdb7c27811f394f42a5f96d2a4616274e5ec8b08be2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41426
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 80C9 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
date
Mon, 09 Oct 2023 07:09:25 GMT
x-amz-cf-pop
FRA56-P6
age
62985
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
olO6Hb-S64dbQ2gKb6ILOqIKc43xD4AYZb06gDLrXAgIg7UlsYsr9w==
d4004b5f-4fb6-4be2-82ae-0e36b8f52c12
config.aps.amazon-adsystem.com/configs/ Frame 4758 		537 B
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/d4004b5f-4fb6-4be2-82ae-0e36b8f52c12
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-39.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
74483da7f1d55d008c9adf882fc22a26a5acb505e5bc7f8dec2fb23a37b06c95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:38:16 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
53
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
pzF_as4cRPdKT_ukaHLceaWXek8U49-ef8QKdgK-Eh-JB6strbZ3bA==
config
c.amazon-adsystem.com/cdn/prod/ Frame 4758 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.blogto.com&pubid=d4004b5f-4fb6-4be2-82ae-0e36b8f52c12
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 21:22:28 GMT
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
11801
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
gFYngAc5uArKPd6DMK8AbA1G5WocZMMtvF-isracNeOsoDj1DvdDKg==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 4758 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&pid=Yza58J3ZvVNuh&cb=0&ws=1600x1200&v=23.919.1525&t=8000&slots=%5B%7B%22id%22%3A%22C6RONVideo2WW%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!spotim.market%2Cpub_lFflnF0ELP04%2C1%2C%2C%2C&pubid=d4004b5f-4fb6-4be2-82ae-0e36b8f52c12&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
SR89A7ENPF016CEKXDSX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.blogto.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
p4qFDNb1NKauOcEa7W57lksECbwvSEyVQ-3bDK_HgLitWDELh5WeEw==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 4758 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&pid=Yza58J3ZvVNuh&cb=1&ws=1600x1200&v=23.919.1525&t=8000&slots=%5B%7B%22id%22%3A%22C6RONVideo2WW%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!spotim.market%2Cpub_lFflnF0ELP04%2C1%2C%2C%2C&pubid=d4004b5f-4fb6-4be2-82ae-0e36b8f52c12&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
W6MCQPRVHY8J1RKEZ0XE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.blogto.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
G3TnqxBHlxM6Yjs-FkbR-xQuh0rRALERH4rVRcASuM2yBSLc2BpXLg==
csync
sync.spotim.market/ Frame A26A 		43 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Tue, 10 Oct 2023 00:39:08 GMT
Server
Adtelligent
Etag
f246e076ae810fd9
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame A26A 		32 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f149423f67ceab2e28ca0b092dc80f612b3ed93a067b80641bf8c37f5eee06d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
via
1.1 df9ce120cad525bdb160f75cd7b807c2.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ZRH55-P1
age
193
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32
last-modified
Thu, 17 Aug 2023 15:48:19 GMT
server
cloudflare
etag
"a8b2f555a0227aec5e980e5ec98f6d15"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
813acdfa6e7c2c20-FRA
x-amz-cf-id
pUbV1wpTGBjzB1GQJR7Qi-s32SYVSZBr3pJr9kCbT33Mq1CJLMIQPg==
expires
Tue, 10 Oct 2023 01:39:09 GMT
container.html
58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7DD1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:08 GMT
expires
Wed, 09 Oct 2024 00:39:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
prebid
ib.adnxs.com/ut/v3/ 		138 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
9f162ce21592b6691efb06759c754d5a7c5c281eac6b59b9358eb2e8304619b2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
an-x-request-uuid
ad3ffafd-382b-4d39-ae81-67847fa1b519
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.132; 178.162.209.132; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.blogto.com
date
Tue, 10 Oct 2023 00:39:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		143 B
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
357cedd9dc32e67e4c8668a93270ccda0faeb3394233c9cb61458555c912ef16
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
an-x-request-uuid
b8ae2b6c-9031-42fa-9846-9030c1e49593
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.132; 178.162.209.132; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
143
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.51.0&referrer=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&tmax=7000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.194.124.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-124-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
accept-ch
sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.blogto.com
date
Tue, 10 Oct 2023 00:39:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.blogto.com
date
Tue, 10 Oct 2023 00:39:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		143 B
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
fd24aab83534d0aed9a029d566be23ccda791fd0e57c17627216c9eb1fd4b4cd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
an-x-request-uuid
6648c63e-513b-4a8c-bcaf-0e24efbbca8f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.132; 178.162.209.132; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
143
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.51.0&referrer=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&tmax=7000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.194.124.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-124-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
dt
dt.adsafeprotected.com/ Frame 7DB4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1301380&asId=159ebba7-d73e-2163-492a-a7a68722d9f8&tv=%7Bc:qBjbas,pingTime:-10,time:2110,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xNDkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696898348063%7C%7C12d786368102097e4b62d564daec4bf1%7C%7C8e5269e98501ac65ff2ab303e742fcb1%7C%7Ce396e44b5bd3e1dac55ad662112e4969%7C%7C6b1aef90bbbe86ab952099aca505c1fc%7C%7C98632d7c647377ba08ee67f340b5b723%7C%7C96f404f5e1b78fd3e191df901e77edf1%7C%7Ca411ded5ae32094b19b05ef323e07f00%7C%7C1663701684,sca:%7Bspg:c4682b05-5d66-236f-4abe-e03021c9594e%7D%7D
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:763d:a432:e71e:5bc1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame BD7F 		223 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 17:51:49 GMT
server
Apache
etag
"37c41-60386a6319d17-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
66128
expires
Tue, 10 Oct 2023 00:54:09 GMT
9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
config.aps.amazon-adsystem.com/configs/ Frame 80C9 		537 B
802 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-39.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
cc99a7c3d00df09293cb18360d00c7e19c72bfd8f97a2293b4081c9da3cc88dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 23:50:27 GMT
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2922
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
v7YjkWl-Id62fUFaFLv_apGvIHhSYla40MqgO8PEPw54pLFhbi-zpw==
config
c.amazon-adsystem.com/cdn/prod/ Frame 80C9 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.blogto.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7475ed67c86cbb577d1e88c08770cecc181cda9c652256f1ab74e85a51ee1ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 22:45:29 GMT
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
6820
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
4461
x-amz-cf-id
gQLKh4DMUGEhnWtqRGL1TsDUiaVSRMn37DL2KmVSPaMMExoXVGXwiA==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 80C9 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&pid=XvRUbIB9fpEVI&cb=0&ws=1600x1200&v=23.919.1525&t=8000&slots=%5B%7B%22id%22%3A%22videoE%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!spotim.market%2Cpub_lFflnF0ELP04%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
6TXPM9JEA2ZY9PQRTTZG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.blogto.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
rlPQNPuTRElm635-RrjXhlZ1j8ekbnTNxPh_XSheACIZjVk7DJKI5Q==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DB4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3120417710449&version=m202309260101&ct=76&x=1&cor=16637368296633030000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
websiteconfig
api.btloader.com/ Frame BD7F
Redirect Chain
  • https://api.btloader.com/websiteconfig?o=5080945107927040&w=blogto.com
  • https://api.btloader.com/websiteconfig?bt_env=prod&o=5080945107927040&w=blogto.com
1 B
96 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/websiteconfig?bt_env=prod&o=5080945107927040&w=blogto.com
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
via
1.1 google
x-content-type-options
nosniff
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1

Redirect headers

date
Tue, 10 Oct 2023 00:39:09 GMT
via
1.1 google
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
/websiteconfig?bt_env=prod&o=5080945107927040&w=blogto.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89
state
api.btloader.com/mw/ Frame BD7F 		0
39 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.blogto.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 10 Oct 2023 00:39:09 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ Frame BD7F 		43 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2666807
x-guploader-uploadid
ADPycdvss9BetkmNQALNaBNCf5vLrk1BJTKiYCnKRP7yR206OrOm6wCUuumZB2_HXL8eMer15Axwd5EmLiQynqBlnV8RghqDGZqY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hcg29cr9VqmUqvixASjZFiOfhdWmTIeI97Glb9vXl7bVG0Pb3cMipGju7nDlq4aveJ592gOUb5uGf2Cv4%2B7tU9lwE2ed73ITRwEFUaz6EIoGuYDg3MOHev%2B5sTmBZGA78z5s8dvZhw7xzrYjSg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
813acdfb7a433835-FRA
expires
Sat, 09 Sep 2023 04:47:44 GMT
favicon.ico
ad.doubleclick.net/ Frame BD7F 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 09:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 09:53:23 GMT
px.gif
ad-delivery.net/ Frame BD7F 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7875698931385087
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2666807
x-guploader-uploadid
ADPycdvss9BetkmNQALNaBNCf5vLrk1BJTKiYCnKRP7yR206OrOm6wCUuumZB2_HXL8eMer15Axwd5EmLiQynqBlnV8RghqDGZqY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27YdxnB0CaIQY4wNoRWJHxRFwnBRKUBQ%2FlC%2FcO%2F2%2BkLRaB7YGl8%2BBSf2s%2Fy3TFz0K50%2BnDHHq3KPz8aHx33e%2FX3aSBkfz1tXD58C0K7f2KUVrCD2he8p3nvNNIoD0J0z805hQuyzPy9v%2F5rTFw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
813acdfb7a453835-FRA
expires
Sat, 09 Sep 2023 04:47:44 GMT
generate_204
tpc.googlesyndication.com/ Frame 9305 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Tg5UaQ
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1301373/68102612/ Frame 74EE 		249 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1301373/68102612/skeleton.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.117.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-117-183.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e568495376a86fc75544b670bedaad2825f9d913a65e3826a8e80aff934b145e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 74EE 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
Origin
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63345
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 07:03:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 74EE 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2VSrC5BzJ9kgOnc1x2JOnlj6ao1IDCS7UsbtjrXKfQox33uAmbifWyFBI9NtKDGiKj3GfUwFb3AG83LPaK8rV_APpvw&cry=1&dbm_d=AKAmf-CZb6Fr7nqF3NOOVUo3Dt0beYBAAXyowiALudbPf_R_Tmy3hQmz4blnoUW_bqmWf1eyLnGI79pZqCbo6fkuQoS4ZPEsdC6B5QGFVELS9bv_i1U8IT0l3egBz5RlT_u78zQy1Xo6kova8Jw2hHA7fyWq9wnZj_gzj3DSSzGbttxYc__rcthGoJj1B2bHH7AQYEUZm0UQUnheCwik0RG2nCK_LolMvQUq5b1aIdU6NgEP8hwWUfVSry-cnMX2_LKBtqufSDaGFgPiqp9DMiw-JKbF76unnl5EQpc3igADm4nvoW99Ru_yIvVQpzHXwNoRSnmMtssuiOw6weQDAo24XDguvcvCK6lG_zfN1F63RglDUNdKKWGOmUTunjScW2S7eCOFgCTYM0nmtGhgpUUp3aqP2q6AYGXTKsAM6XEGzyrDNZd2gGmSps4lNy012EovS828eGZO3vI7_2FSa3P3TeWtly2oEs8Kuw5Fs_vAUy_Szf4wKH2CtGi3Ffa-hgLmVCkXDmPqghmSF3QajL73NxGmz9SJgQ5rZ-EWdC2whTLCzHqtaaDQlsfR_tS2ndGH1lfyemUhJrIf6l3xcmt6kNbkaYi-C8VYyLFgub4gEc4sag-4DnQHrAw3G7vL05W7oYp93b23UcpXINyH067xoS-M1G7czuKkdF8wN-sY_ar5Qujr99-hwx-wAYpfcKNdDNI4XM7hnRIr6LpRfO-PD9pVwOWXOhr8hxHYAHZ2RwQrFS9JqpqKuAuxraDzTIvmZtSuHsBErrEardnDf462fG2slDKC6sKl8vWiy_K4Xcv5PMdw9yxP_TwFg-b5Y-uYBQikpvTMflWgTDYC13lV3iPMX35AYJ9NoHp8aA_scaj_iHefpYdgus5XtbMiPHIz6UuMYRAYqX_7-U8BHrZ4aXNlUXYyq6FbZ2QpWsXtU9FbxOYskrdcRyB8Tzs8VpaTGWQuMCsVUMxHuWxhSG3O5jKIVd14MGPNB7MK86stmcmCDtywQH1SZklDGGeyO5AiDBRAIFy22AGyrKATVTqRPGIJA1aJ141u9Hv5IM3oTtIIdtr9BplFt9DO-wxRulCdTa5iDIEtwGXa6a6hihd7r3fvPGQ52hAac6yzmgVMTHvIOQvjYuGSDvgknbVy0yv2Wp5HZ9yigyKFbmnrJRpYNqype3JBR6kJ362xNfHyn-ZCHJRzUrm6Y8wMoeLujA-qBSkHcojHWSvP9pddxmgv6up-lF4uZmYYZ_09sY2gqmvke9qFS7nGNhn2GNSpkdYlDT2FoDSrwpUSjQvIXTJeIJCq-tcfNWpm6dZ3SztcGXeKR22ZzUK2b5R67G8fBwCwsqKp-H_xuHOQwd5d7jYIbGSXLC5ih0o5lqBGn7lMmcAwfFWnJ36dVksQePQFJTVGra9EJnm_uTWkvXhswGVUbhJ0wqVbnTKqTqk6MXpvSP2ttzvtI9mYvYP5ssR0fgSaGaL352Vh3u9iZLSJCpu4McCcRlkXhtD3Uim7rK9Caw-FAs5Tj00Gi0T9UpmSaswdEjp_DJ-iScIUKj5doWXhi-PHYC4tpCD9m-GZneinrcbRCxPB9YnauZaU9HEpWcQoPZTZL3QTqKTVVinP-iP4HD7XAzvvtTcLhWrMjXSPhc09t1y9H09p819qK0f3v7Xu4T4r8rOSdFh1S1X_jlsWcTYSixthz5lKCjXmt6Nwlds3NK97bmqLlNeb8rHO9DTG-2HWsG2cpAnLaCtl9fnPkigf9lyNDhxafKipro7P9Zb3ZEKVwO0oB7pCYXtaZ8gEWnk7VKsng3GPVR5n4Yzr-Hv0K_EZYwQqlrLmQ2nB-8ntT5DY5qna0lmT_odRkkAo0oUz73p5JXBAvGzaxg4jr0xnHorULjlDz89L8uD6y11-H-8uPIsVTYzB5Cml4q9oq6vnZ4O76xcXHXxh7iiBaDVLfAjBKLOjkd9dz95JP7kWNkr9e7sJmu85FdXHA32BLNzRgbwhXf1ITVqgvds92pX-SeEaO2JI1X7-wv5QI9H6h9JQqyVWArHD4z56jXelBf9yIqqoQrK5oIa-BkmomHqT2jtnZp1KvnQhBXr2-qdNvd8i6H0IAh5HFgl_PsdQHfqeqbgxLERhOirV3JCipmNWGdCBYho8xFJa4xIyKk-hAcV62Ye7h9LJdxfQ2FJpV2-M4oul5qRw7Z6eIxmjwgjqpl_xM5IA3hxmkPN1LM68PcMnBCeyFe4nN822IlTtKvm7ylNSpFS8PYSijfKq0ft1_jdxrgvoVLW9mb6AcrlbgE_tTGdEN5YaEjOmoJGPKlkdE5lfzes4P5zaHTgYcr-qGuL9pIyV2pTw6NvvFoMcDQMSQf_D5dA4ewyUN5JFgEL1wRQ1XBllqu802bX9xt1cwoR-2qI4XlhPMPnDfOAcIh3vvw-vVVcb06sYjjnhN7ITgcItvOFctIuogzi_wo8M0_x-R0uSgSVlLdmej6nn4xA2yApqNgcxpHuua52fuIJdLmqhhCin8_Ki7mblgZy8NOpoWWP3pAWqSU0hQNHtgVOuyud2zI2A0BMJXBLeEKEbF4Srxfnsc_H-LilE5F57NOzn8NL7RjmTJI3DgAzj-Mf40bk-2VMkA8MwXLnisG6WZYiNMpEh4ZP9Soem_dDjX5luf2nxNj1oOZNRnIMs8L22mBl1E2cq6umwtz2Ei53-W4RNLlpclpINkmvWCAp8Fy9m0bUuVRMzkLueCOFsLahfB3nFRvhWPi7xdgxbsnWSnbIVtjd4YkaQE_XWzsgMkJSwKmnRag7NlM3_TNYnzkr8CAuNtK6tifr_K1hrw9cMCdKXZA48CHXN-4mvTua3d91vmOtSq6L5AQ5d-zqY97LADjG2J8fxQoOy5cJ8xsYRYIvVhkqxDeLXBg2s03cox05nCq0v5_CvIxcVMj2FDWy3pqaKsn_AEaBRDp1tTbIZBJ4YMAe0An4Pa6nIqUew515UkBhfhOEq72UWtKRAzNEVCh70ihnJJWoY75v_ZHKmn71zVoNG0vf-GfrirhMlVpDyN7ZkQv9O2q7IH_t6vf2m8YA1dr-NFBvx3RGjdRjif4sm3i34-3TvKa2UAyWKrzf32wUV5_We1gW7Qx2m3NcJIuvTo4UjW8-5evCYU3ftbSKDBgg7F_VCkVHfqy3Vcfyq0xmdXyfC1q6xDHidFlkUSHBQE1fcJxaI0w86m-e-YqF_DXgdMYZ50nctXQuFnNQC_x65tar6NLuAA8SU2IPKDUvyH8vB4WeDGUlEVfvZnaZ8ZXfIq7ONrJa_BexdNJPsXNeu7L-AL4WuzuElRmux09QDDHfuO1lpqXr-R_9m_4ujbp2ZXI16bFSZjyMijcyFyycPVCTZD5RfWmd7UqXNsme2HAu-5o2dSR5vK50nkQDX61TLbDUdQywGNywxQCcoA1tJXEJJ8GNUu-5KKzym4cHWLhq-YyH5elDCcmjo31-O4u8e7Xyxwl9jqF--pRryI8-nN9CMr1Jtc2IFTC7WorZ600lSRYvKfTWrsDOYCoPLpcBDdAfoRo2WHLYRUs3SZbHJOpwz_Mczggh1aHQ7oAgzjgQ6EYeJxtrTsZd0f1_oLze7ktoAq9GVNM9eSwmGysUSfMaim1tVhBWRL-zhQE06j5uyYeFdXGVcvyK0aM-K7z_9uusYz0mfB9jcqixRduo3HMycTRoqyHWhRbhsOVnzm1ZOKtGqybP_PoKX0v_BemcSZg-Ol5sXTSrlKcE7_w4bDQfPivTyxucrwF3_kxKCrwCcRzIPBliXgDFBBsOAPELopVI6Pdxq8Zrka6Fr3kJTdEBeMzau4EGUD9FsLDDkG5arhg71lWzx6kU9MTfhFGruuIZPUQdpm6e1R3wCJmx1KaLFsIjLeldPpdDngqLysLgFgOz3gejt2Ctw1dJwyUb-YYBL1KksvIJ2jo2Isg&cid=CAQSPADICaaN_TZ7Xo0jHaV3cU4Iptwc9XBzctP1LyGqhrjLWvnrQWWETSKHOgAbZGMP6Ket_ZJRE-0rg5GztxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.blogto.com&ds=l&xdt=1&iif=1&cor=9874323547336490000&adk=1541450355&idt=52&cac=0&dtd=58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
39318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:43:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 74EE 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2VSrC5BzJ9kgOnc1x2JOnlj6ao1IDCS7UsbtjrXKfQox33uAmbifWyFBI9NtKDGiKj3GfUwFb3AG83LPaK8rV_APpvw&cry=1&dbm_d=AKAmf-CZb6Fr7nqF3NOOVUo3Dt0beYBAAXyowiALudbPf_R_Tmy3hQmz4blnoUW_bqmWf1eyLnGI79pZqCbo6fkuQoS4ZPEsdC6B5QGFVELS9bv_i1U8IT0l3egBz5RlT_u78zQy1Xo6kova8Jw2hHA7fyWq9wnZj_gzj3DSSzGbttxYc__rcthGoJj1B2bHH7AQYEUZm0UQUnheCwik0RG2nCK_LolMvQUq5b1aIdU6NgEP8hwWUfVSry-cnMX2_LKBtqufSDaGFgPiqp9DMiw-JKbF76unnl5EQpc3igADm4nvoW99Ru_yIvVQpzHXwNoRSnmMtssuiOw6weQDAo24XDguvcvCK6lG_zfN1F63RglDUNdKKWGOmUTunjScW2S7eCOFgCTYM0nmtGhgpUUp3aqP2q6AYGXTKsAM6XEGzyrDNZd2gGmSps4lNy012EovS828eGZO3vI7_2FSa3P3TeWtly2oEs8Kuw5Fs_vAUy_Szf4wKH2CtGi3Ffa-hgLmVCkXDmPqghmSF3QajL73NxGmz9SJgQ5rZ-EWdC2whTLCzHqtaaDQlsfR_tS2ndGH1lfyemUhJrIf6l3xcmt6kNbkaYi-C8VYyLFgub4gEc4sag-4DnQHrAw3G7vL05W7oYp93b23UcpXINyH067xoS-M1G7czuKkdF8wN-sY_ar5Qujr99-hwx-wAYpfcKNdDNI4XM7hnRIr6LpRfO-PD9pVwOWXOhr8hxHYAHZ2RwQrFS9JqpqKuAuxraDzTIvmZtSuHsBErrEardnDf462fG2slDKC6sKl8vWiy_K4Xcv5PMdw9yxP_TwFg-b5Y-uYBQikpvTMflWgTDYC13lV3iPMX35AYJ9NoHp8aA_scaj_iHefpYdgus5XtbMiPHIz6UuMYRAYqX_7-U8BHrZ4aXNlUXYyq6FbZ2QpWsXtU9FbxOYskrdcRyB8Tzs8VpaTGWQuMCsVUMxHuWxhSG3O5jKIVd14MGPNB7MK86stmcmCDtywQH1SZklDGGeyO5AiDBRAIFy22AGyrKATVTqRPGIJA1aJ141u9Hv5IM3oTtIIdtr9BplFt9DO-wxRulCdTa5iDIEtwGXa6a6hihd7r3fvPGQ52hAac6yzmgVMTHvIOQvjYuGSDvgknbVy0yv2Wp5HZ9yigyKFbmnrJRpYNqype3JBR6kJ362xNfHyn-ZCHJRzUrm6Y8wMoeLujA-qBSkHcojHWSvP9pddxmgv6up-lF4uZmYYZ_09sY2gqmvke9qFS7nGNhn2GNSpkdYlDT2FoDSrwpUSjQvIXTJeIJCq-tcfNWpm6dZ3SztcGXeKR22ZzUK2b5R67G8fBwCwsqKp-H_xuHOQwd5d7jYIbGSXLC5ih0o5lqBGn7lMmcAwfFWnJ36dVksQePQFJTVGra9EJnm_uTWkvXhswGVUbhJ0wqVbnTKqTqk6MXpvSP2ttzvtI9mYvYP5ssR0fgSaGaL352Vh3u9iZLSJCpu4McCcRlkXhtD3Uim7rK9Caw-FAs5Tj00Gi0T9UpmSaswdEjp_DJ-iScIUKj5doWXhi-PHYC4tpCD9m-GZneinrcbRCxPB9YnauZaU9HEpWcQoPZTZL3QTqKTVVinP-iP4HD7XAzvvtTcLhWrMjXSPhc09t1y9H09p819qK0f3v7Xu4T4r8rOSdFh1S1X_jlsWcTYSixthz5lKCjXmt6Nwlds3NK97bmqLlNeb8rHO9DTG-2HWsG2cpAnLaCtl9fnPkigf9lyNDhxafKipro7P9Zb3ZEKVwO0oB7pCYXtaZ8gEWnk7VKsng3GPVR5n4Yzr-Hv0K_EZYwQqlrLmQ2nB-8ntT5DY5qna0lmT_odRkkAo0oUz73p5JXBAvGzaxg4jr0xnHorULjlDz89L8uD6y11-H-8uPIsVTYzB5Cml4q9oq6vnZ4O76xcXHXxh7iiBaDVLfAjBKLOjkd9dz95JP7kWNkr9e7sJmu85FdXHA32BLNzRgbwhXf1ITVqgvds92pX-SeEaO2JI1X7-wv5QI9H6h9JQqyVWArHD4z56jXelBf9yIqqoQrK5oIa-BkmomHqT2jtnZp1KvnQhBXr2-qdNvd8i6H0IAh5HFgl_PsdQHfqeqbgxLERhOirV3JCipmNWGdCBYho8xFJa4xIyKk-hAcV62Ye7h9LJdxfQ2FJpV2-M4oul5qRw7Z6eIxmjwgjqpl_xM5IA3hxmkPN1LM68PcMnBCeyFe4nN822IlTtKvm7ylNSpFS8PYSijfKq0ft1_jdxrgvoVLW9mb6AcrlbgE_tTGdEN5YaEjOmoJGPKlkdE5lfzes4P5zaHTgYcr-qGuL9pIyV2pTw6NvvFoMcDQMSQf_D5dA4ewyUN5JFgEL1wRQ1XBllqu802bX9xt1cwoR-2qI4XlhPMPnDfOAcIh3vvw-vVVcb06sYjjnhN7ITgcItvOFctIuogzi_wo8M0_x-R0uSgSVlLdmej6nn4xA2yApqNgcxpHuua52fuIJdLmqhhCin8_Ki7mblgZy8NOpoWWP3pAWqSU0hQNHtgVOuyud2zI2A0BMJXBLeEKEbF4Srxfnsc_H-LilE5F57NOzn8NL7RjmTJI3DgAzj-Mf40bk-2VMkA8MwXLnisG6WZYiNMpEh4ZP9Soem_dDjX5luf2nxNj1oOZNRnIMs8L22mBl1E2cq6umwtz2Ei53-W4RNLlpclpINkmvWCAp8Fy9m0bUuVRMzkLueCOFsLahfB3nFRvhWPi7xdgxbsnWSnbIVtjd4YkaQE_XWzsgMkJSwKmnRag7NlM3_TNYnzkr8CAuNtK6tifr_K1hrw9cMCdKXZA48CHXN-4mvTua3d91vmOtSq6L5AQ5d-zqY97LADjG2J8fxQoOy5cJ8xsYRYIvVhkqxDeLXBg2s03cox05nCq0v5_CvIxcVMj2FDWy3pqaKsn_AEaBRDp1tTbIZBJ4YMAe0An4Pa6nIqUew515UkBhfhOEq72UWtKRAzNEVCh70ihnJJWoY75v_ZHKmn71zVoNG0vf-GfrirhMlVpDyN7ZkQv9O2q7IH_t6vf2m8YA1dr-NFBvx3RGjdRjif4sm3i34-3TvKa2UAyWKrzf32wUV5_We1gW7Qx2m3NcJIuvTo4UjW8-5evCYU3ftbSKDBgg7F_VCkVHfqy3Vcfyq0xmdXyfC1q6xDHidFlkUSHBQE1fcJxaI0w86m-e-YqF_DXgdMYZ50nctXQuFnNQC_x65tar6NLuAA8SU2IPKDUvyH8vB4WeDGUlEVfvZnaZ8ZXfIq7ONrJa_BexdNJPsXNeu7L-AL4WuzuElRmux09QDDHfuO1lpqXr-R_9m_4ujbp2ZXI16bFSZjyMijcyFyycPVCTZD5RfWmd7UqXNsme2HAu-5o2dSR5vK50nkQDX61TLbDUdQywGNywxQCcoA1tJXEJJ8GNUu-5KKzym4cHWLhq-YyH5elDCcmjo31-O4u8e7Xyxwl9jqF--pRryI8-nN9CMr1Jtc2IFTC7WorZ600lSRYvKfTWrsDOYCoPLpcBDdAfoRo2WHLYRUs3SZbHJOpwz_Mczggh1aHQ7oAgzjgQ6EYeJxtrTsZd0f1_oLze7ktoAq9GVNM9eSwmGysUSfMaim1tVhBWRL-zhQE06j5uyYeFdXGVcvyK0aM-K7z_9uusYz0mfB9jcqixRduo3HMycTRoqyHWhRbhsOVnzm1ZOKtGqybP_PoKX0v_BemcSZg-Ol5sXTSrlKcE7_w4bDQfPivTyxucrwF3_kxKCrwCcRzIPBliXgDFBBsOAPELopVI6Pdxq8Zrka6Fr3kJTdEBeMzau4EGUD9FsLDDkG5arhg71lWzx6kU9MTfhFGruuIZPUQdpm6e1R3wCJmx1KaLFsIjLeldPpdDngqLysLgFgOz3gejt2Ctw1dJwyUb-YYBL1KksvIJ2jo2Isg&cid=CAQSPADICaaN_TZ7Xo0jHaV3cU4Iptwc9XBzctP1LyGqhrjLWvnrQWWETSKHOgAbZGMP6Ket_ZJRE-0rg5GztxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.blogto.com&ds=l&xdt=1&iif=1&cor=9874323547336490000&adk=1541450355&idt=52&cac=0&dtd=58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
38509
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:57:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 74EE 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 12:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
389561
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 12:26:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 77BF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
54519
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 09:30:30 GMT
expires
Tue, 08 Oct 2024 09:30:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6843 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
976e4b3c715c2e1b097b67bf0fe4b76ef91878e2a0c523d8992609537d2175ff
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NsUw9C-F45y-t3Ln5o5LoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-NsUw9C-F45y-t3Ln5o5LoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:09 GMT
expires
Tue, 10 Oct 2023 00:39:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 7DD1 		411 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d15e7a88e23896dbbac9302c090e5129959fd10e7fdf728d88b4cdd6900c376

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:26:50 GMT
x-amz-version-id
PGg5piKECjXHXrRUyCLqE87C8ZadCRYO
content-encoding
br
last-modified
Mon, 09 Oct 2023 23:48:54 GMT
server
AmazonS3
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"b5b6b6eb54b1d6699cfb919cb40018c8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
740
x-amz-cf-id
UEqaO4ZLjmy8x6DRADkIsqi2wKzFxYTp6VbqXE6lZdW6oZiqMMHP0g==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3027 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4971746259447&version=m202309260101&ct=76&x=1&cor=13012814080041857000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A386 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
60224
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Tue, 10 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 74EE 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd4518640ae1f3fc362fb0b666738cca6100c3fc775909bc8ff41dd8810c7b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
tag
btloader.com/ Frame 80C9
Redirect Chain
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.blogto.com&ver=1.2
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.blogto.com&ver=1.2&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=www.blogto.com&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=blogto.com&upapi=true
18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5080945107927040&domain=blogto.com&upapi=true
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3896897e8db9c2fe1a35e5bda5eb7085be5846936ccc6d1cf5d425ec324d3a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Oct 2023 00:35:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
W/"2c61163df8e29baa44e84204a67ae919"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aziAdS37OaULQPFhZE953bB%2BqARo%2B5zNR%2Fc%2FEzCXyi2Z2Ft6EtJXKD0T44ePqENb6dkBboNpmPCXMbtXZJuB2wl75q3P0hCx1i8GyeWxhmu7TbG74Fk6cP3jmStT%2Ba87oufOP6FyWOGvkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
813acdfddb142bae-FRA

Redirect headers

date
Tue, 10 Oct 2023 00:39:09 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GArWMKZ2MmR5xvjayXdeJlNFqzE6GI01aF1WfZkAP%2FE%2BqynnMr%2BWvOku7KuWkL77yZB26MaLnJ2AcuFXom1iOTAKx3jsQ3QcWYzflnufZu0ZnosvKmq4%2FTMHmbHTGfNOHIDwez13SPBZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
/tag?o=5080945107927040&domain=blogto.com&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
813acdfd7add2bae-FRA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 80C9 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Tue, 10 Oct 2023 00:54:09 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 80C9 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 02:55:32 GMT
content-encoding
gzip
via
1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
78218
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
IqtrRqU8N8hA5krAUfJbcOtTvHva8-H7aSKQ3bI3rDj9yEeeDCYA_w==
hadron.js
cdn.hadronid.net/ Frame 80C9 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&ref=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&_it=amazon&partner_id=471
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907JHMEEKQ08DSV2
age
3145
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
813acdfc7df319a9-FRA
x-amz-id-2
oJpPJCbEID7z1zM9kIxlsqSbq8xeH5HC5gS4xpeHur3SW4yHO8BbtAlQwktjkw9El2h2R0B/Pt0=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 80C9 		136 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c96b67edd277b9d12add863bf157c68853eb1429929972195f629cddc8b6b48f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 10:57:30 GMT
server
cloudflare
x-amz-request-id
GS2X1V5D6CMQEF15
age
163
etag
W/"7810b7b6142b3bdb32696e7b2987bc71"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
813acdfc7831bb3b-FRA
x-amz-id-2
BS0IKX9tPcHOxtslYwenOe+gEfPPsSL29Dc//LFzjRV8D+A68hVx1vfaTixwwAVsMQeBGVr9XSwicq5oED53eA==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 80C9 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Tue, 10 Oct 2023 00:54:09 GMT
multitracking
ghb.spotim.market/adunit/ Frame BD7F 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/l_0Yn/hbw_master_270443_17910.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.blogto.com
Date
Tue, 10 Oct 2023 00:39:09 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
v1
lb.eu-1-id5-sync.com/lb/ Frame BD7F 		33 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
7c43dbd339fa29c64002ce5d60b9b52ea3df1a9019fa9d514d1b862ffaa0ef83
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.blogto.com
date
Tue, 10 Oct 2023 00:39:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
4a.js
static.adsafeprotected.com/ Frame 74EE
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1301373/68102612/4.js?adContainerId=brand_safety_LZ0kZcS_BfqTjuwPxOOqIA&cbFunctionName=goog_wrapCb_LZ0kZcS_BfqTjuwPxOOqIA&true_pb=&adsafe_pb=https%3A%2F%2Fstat...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2600:9000:223f:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
akOqjFMSMxNB2K6FJA8jdyBVXEiL5nl0
content-encoding
gzip
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
date
Sat, 07 Oct 2023 01:26:11 GMT
x-amz-cf-pop
FRA56-P5
age
256379
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
ZCHUYLxaT3YKJHwe1xpJgXhZYv6lNQpgxfS1UqKjcAaCSxhPWMI5vg==

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
server
nginx
x-server-name
app13.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 8F4B 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1643399
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
TfjRNOINfUWuYixDsMdNJNygICQ5lBWndH4B5-05V0pGn81bOiAybg==
avpb7.51.0a4.js
player.aniview.com/script/6.1/libs/prebid/ Frame 2E1E 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a4.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
02bc356eb76e07148556c04423a5b9fca14e665572e2b26a67ddd6e91f30f41e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtsKPXeCaGiD5o2v85Hbtyf7Wix4QVbTeZuw8P2aJM2G0tisfV-KgpJYEFWL7Em273BRQbASsrvzppqDNPTdakQJKLEZMx1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21452
last-modified
Sun, 08 Oct 2023 08:36:22 GMT
server
UploadServer
etag
"9d29ef8085e13aa0d1317f2048fb4bca"
vary
Accept-Encoding
x-goog-generation
1696754182363049
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=viHOpQ==, md5=nSnvgIXhOqDRMX8gSPtLyg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21452
accept-ranges
bytes
expires
Tue, 10 Oct 2023 00:49:09 GMT
s2s
s2s.aniview.com/api/adserver/ 		0
475 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=82dd19a17ab567d5e772c0a13b8250aa&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1696898348168-945556496869-001642-010-000522&AV_CDIM1=sp_mnhjJdcW&AV_CDIM2=Desktop&AV_CDIM3=independent_ad&AV_CDIM4=1e6e2174-2a67-4dd9-840b-9ec0c571ce56&AV_CDIM5=JTIofqowqd_KFYpE5MMA7-isUtFsRXzi3KrujaG4ScnY3NBYemco5YX0jmWOgR1p&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=70671651&AV_CDIM10=v22.5.0&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads-independent&AV_SCHAIN=1.0%2C1!spotim.market%2Cpub_lFflnF0ELP04%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=646c97b3629342bcd6062336&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.blogto.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/646c97b3629342bcd6062336/www.blogto.com&d36=6.2.133&responsive=1&sver=4&avtoken=347899&omv=1.0.1&clsid=4a5a4019-aa50-4b2a-8e83-3a4ec787d401&rando=64&AV_WIDTH=707&AV_HEIGHT=398&AV_DNT=0&cb=6898349566&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=2&d5=1&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.202.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-202-9.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.blogto.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Thu, 28 Sep 2023 10:52:29 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A386
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEG1fHTAkyQx8HaPx3BC8nZs&google_cver=1&google_push=AXcoOmR6UtR15TAJ9wcSIvvcMBBYDhlEIj8QUCJrVKEs_R-zUF_D12Y2rqKpXnJ2FKdVHoZTCCQMQl3CVVamAUMTIRm56gLGB8T4rA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Nzk1NzczNzA0NjQ1MzU1Njg2Mg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG1fHTAkyQx8HaPx3BC8nZs&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG1fHTAkyQx8HaPx3BC8nZs&google_cver=1
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEG1fHTAkyQx8HaPx3BC8nZs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame A386 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEF55IyO9Ur5du6Pwsg9Ss04&google_cver=1&google_push=AXcoOmSHqENzCmd9w2c2bKBUo5PICpzg0yFJv9DniWEWuP99esAKP5FoFpvx2KcPqpmI523I9ZDMtxBwYkhHHuMYWAkjqSMjBW20
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A386
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESELj7RBvLx4FfnXFiaZMUgbg&google_cver=1&google_push=AXcoOmRAPwKP6C1u6xtqLJ97aL-EvuXhPOKZOOrDN0RIKUVhLno29zDWD6HVUo1059Yhn0GeNOJFg9CC1iwHEeTixuebe1YkXWjX
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=74C797EF56124624825CCDE688411BE7&google_push=AXcoOmRAPwKP6C1u6xtqLJ97aL-EvuXhPOKZOOrDN0RIKUVhLno29zDWD6HVUo1059Yhn0GeNOJFg9CC1iwHEeT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=74C797EF56124624825CCDE688411BE7&google_push=AXcoOmRAPwKP6C1u6xtqLJ97aL-EvuXhPOKZOOrDN0RIKUVhLno29zDWD6HVUo1059Yhn0GeNOJFg9CC1iwHEeTixuebe1YkXWjX
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 10 Oct 2023 00:39:09 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=74C797EF56124624825CCDE688411BE7&google_push=AXcoOmRAPwKP6C1u6xtqLJ97aL-EvuXhPOKZOOrDN0RIKUVhLno29zDWD6HVUo1059Yhn0GeNOJFg9CC1iwHEeTixuebe1YkXWjX
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 09 Oct 2023 00:39:09 GMT
google
match.adsrvr.org/track/cmf/ Frame A386 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHSpf7nRK8LNUNRKlvSYDuM&google_cver=1&google_push=AXcoOmTmW4cm9TURkyEVkYx1fLnt8FShKWGkUjkG5vco-_pSzH6KnPpL9UlVXzAwgMdIsTMUVtkgZpLwh7FZp94SukC9WGlfjXcV
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame A386
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGSCRljrT2nJTBMnTS2Hiyg&google_cver=1&google_push=AXcoOmTskSYw9jlZcF0hZGWwGBcEHrxenhup-CBuXqt5SVvfsRJHsPa4B_3s7euzoglOt0fwryFgS-ma00Fa...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTskSYw9jlZcF0hZGWwGBcEHrxenhup-CBuXqt5SVvfsRJHsPa4B_3s7euzoglOt0fwryFgS-ma00FaCKGgVnXjPzagWSlMIQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTskSYw9jlZcF0hZGWwGBcEHrxenhup-CBuXqt5SVvfsRJHsPa4B_3s7euzoglOt0fwryFgS-ma00FaCKGgVnXjPzagWSlMIQ
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTskSYw9jlZcF0hZGWwGBcEHrxenhup-CBuXqt5SVvfsRJHsPa4B_3s7euzoglOt0fwryFgS-ma00FaCKGgVnXjPzagWSlMIQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync.smartadserver.com/api/ Frame A386 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKsCiI81S0LMf4VPgNY_mbE&google_cver=1&google_push=AXcoOmTXL8I0YItKVXsp-8hFyqFW4l8NRPKWyLOfYgr9cz_4sHIu7x6f_pF2_pyGGeC5OplvJ6HJG8wLvmsUnRt6wvFKFaEVp9cDjA
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.122 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
content-length
0
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame A386 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESECDQzAv8CX32BEWy0Bqccl8&google_cver=1&google_push=AXcoOmSCBJvi8dHpocD_P9svqAJ0ji5g00XqnLuKCGZT3mS2YHh6Hu2HYpLjSN3DJBMP25Bgzs4hBxhb99Ma8zxYIBa7q_6GIyZJcgI
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.57.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-57-54.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame A386 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JOc1TEPW4DTyMD3UwlZ4PdUaLWCz5yuKwTNhvGpjvA7abGwuy4_IRn48NHJ8aCZPj6zhW75A
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 6843 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310050101&jk=673764329366383&rc=
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1D9B 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPmChOMCEJfSweQCGJv49_IBMAE&v=APEucNU9QzrPkR2GcxCSCw1gbpBnNl9nK7cMp-THB4PPsgEDeyjh11zhvl6UOwdqpaQifm_3RUBf0ErSSxl1Dh4bJqkMzrcZ-UouYhn2gspLbjKePMX5rXI3roK0ZX4brdJv5sTRGnrhWYJ29XkC_jhO-uawMfS1kcQD4842IQgBIM6p3f7kqsE
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7DD1 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 10 Oct 2023 00:39:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7DD1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:33:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
57934
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 08:33:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7DD1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
39780
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:36:09 GMT
l
www.google.com/ads/measurement/ Frame 7DD1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRCzbyvKXPwPmRZkQfc_xDTM-8hS4Cuo0xgqgrUyIKqmjdjd8OgYHD8mGRQJeisEastpXU8wcQ5bw70ql1qnHM9aBA6w
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7DD1 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59959
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696851335058330"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 00:39:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DD1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AB2xAwBvFCcl_GykC4CRqnW3eK1FYDt9b9rkY6oGGuMLpZAdw2OzOKNHj-TT-d_v6KqltA0YSouZJFJFRdwG63JVHbWdgRXNJFN25I7FFXnnL4xHE
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DD1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4179229597523628949&x=1&ct=76
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixels
pix.spot.im/api/v1/ 		0
231 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: launcher-sa.spot.im
URL: https://launcher-sa.spot.im/spot/sp_mnhjJdcW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-40.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
QAImDW1kW5mBkZfN9k3f-OVSBzzcRHm2lpDyoLaTIAXBWG8nrVzaFg==
dt
dt.adsafeprotected.com/ Frame 74EE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1301373&asId=15db9d36-5273-9f41-2906-40d4221cf5fb&tv=%7Bc:qBjbi0,pingTime:-3,time:95,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:32%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:95,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B88~0%5D,as:%5B88~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSeUxJn+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1h6%7C1h7%7C1h8%7C1h9%7C1i1%7C1i2%7C1i3*.1301373-68102612%7C1i31%7C1i32%7C1j1%7C1j2%7C1j3%7C1j4%7C1j5%7C1j6%7C1j7%7C1j8%7C1j9%7C1ja%7C1jb%7C1jc%7C1jd%7C1je%7C1jf%7C1jg%7C1jh%7C1ji%7C1jj%7C1jk,idMap:1i3*,rmeas:1,rend:0,renddet:svg.us,siq:34%7D&br=c
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:763d:a432:e71e:5bc1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 74EE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1301373&asId=15db9d36-5273-9f41-2906-40d4221cf5fb&tv=%7Bc:qBjbi1,pingTime:-6,time:96,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:96,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B89~0%5D,as:%5B89~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSeUxJn+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1h6%7C1h7%7C1h8%7C1h9%7C1i1%7C1i2%7C1i3*.1301373-68102612%7C1i31%7C1i32%7C1j1%7C1j2%7C1j3%7C1j4%7C1j5%7C1j6%7C1j7%7C1j8%7C1j9%7C1ja%7C1jb%7C1jc%7C1jd%7C1je%7C1jf%7C1jg%7C1jh%7C1ji%7C1jj%7C1jk,idMap:1i3*,rmeas:1,rend:0,renddet:svg.us,siq:34%7D&tpiLookup=ao:www.blogto.com*%2Cwww.blogto.com*&br=c
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:763d:a432:e71e:5bc1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
v2
id5-sync.com/gm/ Frame BD7F 		276 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
ea76dee032f8d0a126a3f4d9fe042a3cc9606284b64e5f758c84e8469b7417a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.blogto.com
date
Tue, 10 Oct 2023 00:39:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BF1A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
320421
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 07:38:48 GMT
expires
Sat, 05 Oct 2024 07:38:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/16177400596801910314/ Frame FC21 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16177400596801910314/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b0a75a6dc10383fd60a39c24dfa571d807444ff7d8711cdde77a8980d22b4f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
173410
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3054
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Oct 2023 00:28:59 GMT
expires
Mon, 07 Oct 2024 00:28:59 GMT
last-modified
Wed, 21 Dec 2022 07:36:33 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 74EE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuqh8Mph1r12vCBZxfx4mr7HxGSVQwoYdNgfroepGlImsD3kjsptkVPFyVtutu1olBcar63y0x-L_VljKUJtlaLUL3U-NEmX25Up9n2qIEsC172ILjMziWKFSCT3wYgGMhinHY_iSPh9Bfjs9xs-b3DhG_ViHVHL7zIwdhF0O2C5_kh6lIiYqb4yMyXSbVh_cEXVr58QMUBhfctWtP_v9JhDwpV5JH-V-V8L5nKX3n9cXX4GaojXMg92-s3olYsivnzmPxLxlcA1qMW6AYNhHrQBu8qTtyygF4RrlSDrNbRx2A7VQkxnQrgA_wWxj4_4mL_E_SZNu_uXb3NNmhBv18JcerTNCudP9QW8iyDsTSbGKLRp67e6uxJXLzRCvc1ytC8I1wYIicZ_BzBTi0FGCqxDVRKpxU41-a8kyMtIdWFWzNwuFdVUSS4asfKvBQcOXjWKLuGQqiV0kDC9P6CT8xX_dyTTHEXypp4uzacF8gao9VzQ8F8IorS3n172A6oGut60aCdWENnW12yVt4-jO96nQKAds4F6li00leMoXGjFGIFLMPdY0zVvw7gjJTM5MgN1XVO9YfzGHWN6Ov3iTU9sEBKDbk1SA9o_oKlEKvJMjzfb1om4eqUaWW_oJneBgl0uToBsbAtUkOb-LYb0d4_Tz0yKa3cdqQuSmpxi5pc7raefC4JPdglmI_dLbXzYVt-78siYCkLua1lSf7gCF4ID9swlLQDgvTx_qt2Dhyix_0LmOvMvJc7THeYOqR8QQbAi-hiqHxOgDdqC_M5VxglQNArvgi3pYsx332q6f1tGFwFJKKgMlLrKDHQbILLylvFw1S2DyZ4qDhm8gUEao6JkSRqK0QrXJ-H8yIzkiaLllFfvF0C-g8LvhfMsZ5ma455Sd7BiRxjU7rNyVK-2MgWM9A2TYHBcFXQvgsEuoyhFgP2OmUcSN7CcCBsTMypMcFEi39XtTz1ni_0II6gb_7BtJm_8kIxY8d7rLzP5QQ7BAy91Ti4TkSJpgUrT5tL6G-2eJOJ91oI1x57f7v2Z8V_okowHLOnXFhvafXo5Z2ErP3uouDgwy5l3Gi0ILNH89Ei0y1jb1Hd60iuo4i1GyBRfVa724wgz1qxwTjAfKBtL9noY1w5oomfkRcVsLSoVCksnE0wJtbuINnKfwYQjn5NdRutccb48NLD1xdn-p2qPgKVMs1b7gsyym6QwKr8MlTZb6EfnqajGdLFKRzrYlOrEAyQw1m7MvBFLt_qq0TWw6DLlDqY8wzQWSOrVdRFsuvy4I1BGSZSm3el9ddgwPPDq-D0AP1g3jrV8Z7prmRUr80JS32T4ZZYB7UVTd4JpWX3Bq0ZlD0CJYIc8XcXe-hFtLiDbc1KhUhvCbgreYmaccb9LSRQcbKC7hzRikpC_U8oP_EueRmiBmLk3Yv1uZDBPBCaLaYUkA7YlUJQeTc&sai=AMfl-YT2W6i9CNDT2ERyw20pOtByfh8mVKhLM4vZcs2ClJU26lZP15MPTPWjs6uFgDN8W0F9X40mCjBKN51tmoG345N9wKdp7iPmZN1W4M_JRl0P-ZTTuosTKNzoR0uOTcReUWAagN7FErHMdi-R44xRmmAQ_pqbt4uAX0lqndMEcuJf36ASNN3QDTBW32uRsKKvyj24o7vIe4k5hiW5SF0ARJQZszzCP5508DEDHEEZv0AII-1N0gI1L_F0URMXIYT7XUkXVX0SAZutv-bXr9yxkC1XMzaQqx17vg&sig=Cg0ArKJSzHSWS7hw1VKQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=375&cbvp=1&cstd=373&cisv=r20231004.46554&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 10 Oct 2023 00:39:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 74EE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1301373&asId=15db9d36-5273-9f41-2906-40d4221cf5fb&tv=%7Bc:qBjbiA,pingTime:-2,time:131,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:918,mdZ:963,beA:1185,beZ:1187,mfA:1189,cmA:1191,inA:1191,inZ:1195,prA:1195,prZ:1208,si:1219,poA:1220,poZ:1246,cmZ:1246,mfZ:1246,loA:1281,loZ:1285,ltA:1316,ltZ:1316%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:32%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:131,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B124~0%5D,as:%5B124~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSeUx3A+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d.1475223-71249298%7C1d1%7C1d2%7C1d3%7C1e%7C1f.1301380-73124933%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1h6%7C1h7%7C1h8%7C1h9%7C1i1%7C1i2%7C1i3*.1301373-68102612%7C1i31%7C1i32%7C1j1%7C1j2%7C1j3%7C1j4%7C1j5%7C1j6%7C1j7%7C1j8%7C1j9%7C1ja%7C1jb%7C1jc%7C1jd%7C1je%7C1jf%7C1jg%7C1jh%7C1ji%7C1jj%7C1jk,idMap:1i3*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,siq:34,sinceFw:96,readyFired:true%7D&br=c
Requested by
Host: c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
URL: https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:763d:a432:e71e:5bc1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
partner
sync.search.spotxchange.com/ Frame 1D9B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJICukL4ycfgkS7nldBLGCQ&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame 1D9B 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame 1D9B 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPmChOMCEJfSweQCGJv49_IBMAE&v=APEucNU9QzrPkR2GcxCSCw1gbpBnNl9nK7cMp-THB4PPsgEDeyjh11zhvl6UOwdqpaQifm_3RUBf0ErSSxl1Dh4bJqkMzrcZ-UouYhn2gspLbjKePMX5rXI3roK0ZX4brdJv5sTRGnrhWYJ29XkC_jhO-uawMfS1kcQD4842IQgBIM6p3f7kqsE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 77BF 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 19:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
18933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Oct 2024 19:23:36 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 80C9 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Tue, 10 Oct 2023 00:54:09 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame FC21 		113 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16177400596801910314/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16177400596801910314/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 00:39:09 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame FC21 		0
0
index.js
s0.2mdn.net/sadbundle/16177400596801910314/ Frame FC21 		0
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a2d1fb496c17e4a1d234944ea0c4c3efa22e98b45685736d464fadccdb591346
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
an-x-request-uuid
68b9147e-c0e7-47a7-961f-825b731f693b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.132; 178.162.209.132; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.blogto.com
date
Tue, 10 Oct 2023 00:39:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.blogto.com
date
Tue, 10 Oct 2023 00:39:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.blogto.com
date
Tue, 10 Oct 2023 00:39:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.blogto.com
date
Tue, 10 Oct 2023 00:39:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.51.0&referrer=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&tmax=7000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.194.124.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-124-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.51.0&cb=64830061321&lsavail=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.blogto.com
date
Tue, 10 Oct 2023 00:39:09 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.blogto.com
date
Tue, 10 Oct 2023 00:39:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.blogto.com
date
Tue, 10 Oct 2023 00:39:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.blogto.com
date
Tue, 10 Oct 2023 00:39:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
52515814e1d41cb4a5cb99f886bcd7a7862a0a1f608c2ba757d38de4c035569c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
an-x-request-uuid
687ab0fc-6f6e-4f37-9955-6d47b6a7f403
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.132; 178.162.209.132; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DD1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8845034492728&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DD1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8845034492728&version=m202309260101&ct=76&x=1&cor=4179229597523629000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7DD1 		115 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bl9wGSrZV_h4Y9A9fj1EDL6hggxyOYKUtw9S8zaH5JX1ovgQN-wnHlZ4SgDdV5-CHckn8AM6CNY_eLQvpgYZ99hyMblRL5C_MvK4tVzhzmNgfQ0UX9nd_O9anzPQbZMHTkfRPsTfNdqIxYzryf7tgA7Rwj7qzoYaDP8BoC2dn2bAwc1a4&dbm_d=AKAmf-DJZewCpEZ4wjLvzoZiUb6-VEg6xTrx1sqPbDePtxbMu7d6l4-BQI-YgMxqF78rGoyQeCSUcIL-XZBZIK0fDvSPOm-pHVLOzr-2U_mv8ELBXNadzUyrXQIjck-LAaVq-pIKil8Aebe5P21osx8Sx9pLCCPfSfWKw7ALRZJVdOmFOjtWzzESdL3EgbOdd4WVJQtv6en_CbGFhh0z9ZJ0xDHDjSDQoeAo3azuLewzkrn7QWpQ4GDklSFOn8UkG0ilEvQEwywDteYaCP7COkoRP3PxB1V--sD_8m44PA3H4rBDJTxQgyt0gMZIdeNuXqqqwOxvTb3RdWxx2met3_r2Sc5bipAgyAqhIvMkjiSQ6sygm5EW9pflkY_-Zvy5oedJVrvpTViozq_xWuSNI3_r5uV2ej0GVZnafyutXAaklk9jp6M7WN2_CmMqk3Zi0ieFI1jcYpL_yv3Ljte8GL09LbZz-qVhjAAzCCghrU4pt7wlMdGZqwlHBmWFyG80u3OAFr3jMKRI-PxAFzpaKF5Y5ZNIkc9_CGkuwVsM7mDONnG8XGRGsvxNHy1hRD9hlnhjcflNNxCJ27N6OXdQgTJQ34LsELC1Il46-uxRFOQCVS20PZqWTKEYiUKUO3Gib74JAzlE4vYKjL1AKsZyCRsCq_sDDdFG7mo_sG7PI3DYHpkD8zf32BNpPGOy97oYy9fIToCv57gTO1Xuzs_YWaOvtmt5hMjzcVXBbwCyJ-5-Fwdo2WZrov5gPLMSkxb-B4mRvxWMeTZ25qo5s1jxvaT0Ai-2BdsSkDSwqlW4h8h55eEUT4g_QzYMK2_GtdWzojgozILzJzWWt5zNRtj4BFYWp04h-Oaw9s6TTHpQx-ITU8dlQqgHzn6RAX1KlWg1hkIuynzzD2Mz30Y8KClWiYCIPTxDpN-i49vac6jlow7dPtWEwW_T1cO_NaS59jKe5F4jiRQ5Rb8QYbjXw5IJEu9nSLoAzQtj0z2020Ht4jpQ5MLvbj7xP-WuwY-ZxTgiqQnsp9tFEo2yOqXnkF0ptt1HfjAcBQCUTanmZKgD8kq6XHnxF_SVgJ0gVgCC2WbZUUHNsB7NrNtzcNRmA3vfW78AnqbLkJ6TSU2pur8FDbi-Q8JNxNLweZxfBI7q1X6qoIExldA4C36GhrCTh7IwMjEbbiMwV1lKSD_2CqXk3o9uTIQIIH2b9n-Bhiug5tMZEdrjHekkZLSQYn3kGpfleHAWw0Z0jEMKttqsTw5SnWQc0HXxUlVHCOcq22buKXwFe-z2sIEEEWUTn0VoTiK_QCDKOpXlIoftmgohiWXg3B8jlRJmv2mrVbtLbEu5tMJhHECIJRkR3fkZaczhgr5nwVB3Fmv9hZhTj3lRoNyuITkvC7Pwm1suUSDTu_HxYc12fta6t71PRU-snsGcBH0LkTVReQUOuB_XWCPO5nxN5j-5qNAzCBTf8RhdHStSnOVoqNNKVUKAfbzY6HCO9RWgYZ3N185bIHJiBBGfj52gLwvJBEzY8KLr0o47Cz-n7WilpKyi4OMeGOLW1EWVwCrzAniM1iT9HhVn2AwDHy_9MJIuTAvMd-iKSWutQ2vEwQYQYCd0evvnR9uNJLeBxXRtjwkmfASRdVkHM4hcXwkrDS37zt2GFssWPjPw1J6rY2RK-kLntFTxI-Tl9Eb2cQGmPdoPM_DyyHRSJE0TOsoY1a4P5-DyF6-yWePCavRXWWTOIVPZtw4TEUVXhDKz9BdYzdTlI3wOngRWIwc6QqfwB4Ul3Onu0n5BYbDYF0ESFpWGX-gX2lq1MeE1ZLJzIEvvBw0cnyQJl0XP9cZP8RUQNxKjagz_iEpeLaFPEQSRs2L2fkuGpc4lJ1Lj-Fg4OGT6ufr_Xo5mSveiiSr4gLtjIzqJy90_ZARK78GgMkoKI95mM26T0o4NL8xZhHMgmIbGqOsFA2Rfq7O2-2qKBibUOhkcSBDgFKJlsyWqM3XQJ1juzfn-YS5xxWeYSRH7qRCCPFU0JDGI9v_iCXNiJ09Hs1bwZcS8c_3zdE-tbUCGpuhBXfAPAUgnc1Zsb7PImR-XWB0ejc5LxY7vWS5OWHxLgi84Bhf5PP_eUOyPKQAClzepNjXnzcg4e8rdp81v_NZAEYGjMMt6RKvfkS5d0wKdSAFvh8fljy3jlGgPr4Y1gLYDscwa2NC3Rkl_f7bYV3FIMJQA1_YKspcmN48VyY0hFAvmCtj_wFVwFW4D2RKF6oUnDKcWVy8FSkVdWLOULFhjxU8CEXEBx-ezBgQqJe2ATekwctVJw-GKwQJQbhmnTWqP0XYSce5oQHmvnERbN5M_vrdCWMGcTneHtTmDWRaTO23hcKn72R8dybeiSCTZYTmGqy-2KGHBF3a8VlwLbFMcrK9mgKZMp4ombDCMNzpzRtu4QN2jn0KQIHpCWYiKnLVp22SKRrwp-WQ-ZBYeY6OkND7H0ZIKici7oxz7VuIHPstTG9tzeqlALFlrsEa8nYKMSYbobmiwGHnkHulx_AQ20yQt0R11yfBTkb3YWkEn_qXbZJKDj4uIQ3tDqhx6DOqnHz9yWryClr6uASdEnDx--vOPbhl29CTqtd3ej1qBTiWI_VMMH-n3nr8a-0nFik6ZN-5Ua9GTnUTEjt7IuNQzasAzSntX_E2_HGf1QBHOC44xGvKAUZsn60uiJMGVgtuHVF2d48w2wR3jGER6Q7i9JXMvhOHWnWDkPV1vpDmsCLJsuheE6IB15F2pns3LDo79YGHxnBeLP1IqNG30Z5DJB3PNfRI7DfBkMPDB3p-h4kYnpWSGGP3ezVxTiziDJkZRg2ivXVZIXg0KfPVd1R5fnC3gq3QFDz8q9B1IAsHsELIb1YIfj-tVOwndMeTbZxNbhRQQ0xS0KkQdSTYTRm48ZIbH2Ix1k8Qhlk3k5WpGClWQ4qGzQ4iOI9MsG9qvkOM1mVsAZMLnuiPGRBbrCttj8H4RUSiyNZ_slrYI8U_OWPaKkib7R4E580DDtXerTMBGn62Aok7exf5n6SwURvy8BrrytgGK37P2r68B--sqV4ken2rbbreYcbYpaBvWeXrtadMaL9rh0m3zPE880DJgCyeGRM-LcwYahm-HK9ZWOAQIekFv9WwNJl6iMyO_NBkeN5ruD01CAQQimz40jGtLim9IkdiewInk9aATNpbV779ZT0H2UKoNZh2SY-LaPWSeYaXKiyky8l5Du2f8JErVfcIT61EW-FbhYo7eqCXvGBhGXjZtGw3ur4_wnhFzAknM6Us0iUYrSI654kt4SHGc5ENHKvqR3QrJ5OYrWVk-LHgHLwadd08Wspn5U3BlfXYoqAPXdnPRBIuDY4F2Xi1_iB6K7UjUSfWX-P5aSOU8ft9fD-bGV9R-aqIiCjDcNTUWy4ZZ9LfzVUILYFZOyYRy1my7nyeMfUxzRq7euRukHdxCQe0A306QJNAGRbteJy5p3-n-zG8zWFo7H1Cbf1Ln8gR_K89kx9zIX6USL5BYRqjRS6JnfifRjTvhKwfEGGTHpRXcEdWrktdMHbMFomCUgSbjuKWHet0CVLgEs2QncBBLUD0-OAJXAbynFDlQXZ4iA34ZGvuJb4Mv7M-q9Fpnxjr4FnUrhwoTx9pfYHGWzAUMVh_uG9ADlYceyBEvNBmuVhmwh0hLgishKHtbfUfnZ0qqXwKr7JLM7FJ8ls15bkS4Q4NvldtqZ2mcPAEyszbOIiWYFAzS15GlM_N03vebN44APkDIe8I1DnORI8K8gykEc5SRTfJT-4SwrmUdpRRQR5dgP1TTiRJTzGWLo_9DxiEVw38ijG7WA0iqn_4myPbkUZF9byOWzHMMx8uB4NwMwRdVr0qS2SBN4uZ9tGddgc9fhMLDmeuozA&cid=CAQSPADICaaNdfQHgVJkxUIveOmBoxVHOSFydiPZMURlBUOPiN1WO88HVInGh15HOgVBzuk-sMKyelCeeeZwPRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.blogto.com&ds=l&xdt=1&iif=1&cor=4179229597523629000&adk=3376472667&idt=46&cac=0&dtd=36
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c4596ed3bd6148cd57f319131af517412b230427fcf6a9ecd36cf81e4323b73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43138
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ Frame 80C9 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.118.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-118-122.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5a2e4e0d9c3c9bf8456d9acb66f7e18c67b1786d4be4ee41d1241366f9e95ba3

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.blogto.com
cache-control
no-cache
x-server
10.45.10.203
access-control-allow-credentials
true
content-length
60
expires
0
view
googleads4.g.doubleclick.net/pcs/ Frame 74EE 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuDlNRnAW9O1tThWOlPbrDl0FqO7OE3Hf-dlyMJOZXEjP5vrqsAfawfsufXFO7KG-Ejb5RoTN99L7DBKJcjcn-jCr4dkOHsFXJiXiX3L16nm_-E-JHYH_aAcwEyfAOxMR624y-rF9_XpbwqMqiD-NGExK49w65CvO3XTflwjSn5wWErpfux2rm1x9KiG717E7mDtrs8UWhrWI5PeHGFbc8&sai=AMfl-YTwIHeNNRoTfjX4WBWwIx0xG3i9qyYdEkYkzhXZV-ZzMfP1d8zT-QxF67myJxZR5BLHspbpic_6k5u0WPfyrrv2d6_2NajJuZJQ16Jb4JboDbEwVDUH9tCwW6jOohuVtJjOf0olC-ETiByGeyQOZON3imwL&sig=Cg0ArKJSzKWcSjWyGXEXEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js
pagead2.googlesyndication.com/bg/ Frame BF1A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 12:44:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
388504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14584
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 12:44:05 GMT
websiteconfig
api.btloader.com/ Frame 80C9
Redirect Chain
  • https://api.btloader.com/websiteconfig?o=5080945107927040&w=blogto.com
  • https://api.btloader.com/websiteconfig?bt_env=prod&o=5080945107927040&w=blogto.com
1 B
16 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/websiteconfig?bt_env=prod&o=5080945107927040&w=blogto.com
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:10 GMT
via
1.1 google
x-content-type-options
nosniff
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1

Redirect headers

date
Tue, 10 Oct 2023 00:39:09 GMT
via
1.1 google
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
/websiteconfig?bt_env=prod&o=5080945107927040&w=blogto.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89
px.gif
ad-delivery.net/ Frame 80C9 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.blogto.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2666807
x-guploader-uploadid
ADPycdvss9BetkmNQALNaBNCf5vLrk1BJTKiYCnKRP7yR206OrOm6wCUuumZB2_HXL8eMer15Axwd5EmLiQynqBlnV8RghqDGZqY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szOgl7ubFhqpOytajZFHacNK0%2FGOh6BVRke8Uzeyv8CcEo6SF0RcJ74zM9QxghIVBz9kqkY2FGcJawG0YNuVIJyc2roVtj8wcDEkgH4KQ9nBDd5E3vY98ApdIc%2Fz4oB2c%2B%2Ft%2FPxWZJDALW%2FxaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
813acdfefc0f3835-FRA
expires
Sat, 09 Sep 2023 04:47:44 GMT
favicon.ico
ad.doubleclick.net/ Frame 80C9 		1 KB
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.blogto.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 09:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 09:53:23 GMT
state
api.btloader.com/mw/ Frame 80C9 		0
11 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.blogto.com&ver=1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 10 Oct 2023 00:39:09 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ Frame 80C9 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.06448518237763978
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2666807
x-guploader-uploadid
ADPycdvss9BetkmNQALNaBNCf5vLrk1BJTKiYCnKRP7yR206OrOm6wCUuumZB2_HXL8eMer15Axwd5EmLiQynqBlnV8RghqDGZqY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dK%2FxCc8LhaZIUlS%2B2w6M9hy%2F0vjCdbdf27oHYicw%2BzQb132oFFudaZQg7KMaPcE4dhg5wIP1x7KaNKL0NSraeo%2FUxH9rpMCjEP%2Frt4byttKySoj4pxdrdWJh7Tr2EsKnaG8VKGsRnrW%2BqJJWAA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
813acdfefc103835-FRA
expires
Sat, 09 Sep 2023 04:47:44 GMT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame 80C9 		190 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:09 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.blogto.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Tue, 10 Oct 2023 01:09:09 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0409 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50565
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 10 Oct 2023 00:39:10 GMT
expires
Tue, 10 Oct 2023 14:41:55 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame FA9F 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 10 Oct 2023 00:39:10 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame CA71 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
53017
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 10 Oct 2023 00:39:10 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 01 Oct 2023 09:55:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1458, 335363
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230054-FRA
X-Timer
S1696898350.065169,VS0,VE0
view
googleads4.g.doubleclick.net/pcs/ Frame 74EE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuqh8Mph1r12vCBZxfx4mr7HxGSVQwoYdNgfroepGlImsD3kjsptkVPFyVtutu1olBcar63y0x-L_VljKUJtlaLUL3U-NEmX25Up9n2qIEsC172ILjMziWKFSCT3wYgGMhinHY_iSPh9Bfjs9xs-b3DhG_ViHVHL7zIwdhF0O2C5_kh6lIiYqb4yMyXSbVh_cEXVr58QMUBhfctWtP_v9JhDwpV5JH-V-V8L5nKX3n9cXX4GaojXMg92-s3olYsivnzmPxLxlcA1qMW6AYNhHrQBu8qTtyygF4RrlSDrNbRx2A7VQkxnQrgA_wWxj4_4mL_E_SZNu_uXb3NNmhBv18JcerTNCudP9QW8iyDsTSbGKLRp67e6uxJXLzRCvc1ytC8I1wYIicZ_BzBTi0FGCqxDVRKpxU41-a8kyMtIdWFWzNwuFdVUSS4asfKvBQcOXjWKLuGQqiV0kDC9P6CT8xX_dyTTHEXypp4uzacF8gao9VzQ8F8IorS3n172A6oGut60aCdWENnW12yVt4-jO96nQKAds4F6li00leMoXGjFGIFLMPdY0zVvw7gjJTM5MgN1XVO9YfzGHWN6Ov3iTU9sEBKDbk1SA9o_oKlEKvJMjzfb1om4eqUaWW_oJneBgl0uToBsbAtUkOb-LYb0d4_Tz0yKa3cdqQuSmpxi5pc7raefC4JPdglmI_dLbXzYVt-78siYCkLua1lSf7gCF4ID9swlLQDgvTx_qt2Dhyix_0LmOvMvJc7THeYOqR8QQbAi-hiqHxOgDdqC_M5VxglQNArvgi3pYsx332q6f1tGFwFJKKgMlLrKDHQbILLylvFw1S2DyZ4qDhm8gUEao6JkSRqK0QrXJ-H8yIzkiaLllFfvF0C-g8LvhfMsZ5ma455Sd7BiRxjU7rNyVK-2MgWM9A2TYHBcFXQvgsEuoyhFgP2OmUcSN7CcCBsTMypMcFEi39XtTz1ni_0II6gb_7BtJm_8kIxY8d7rLzP5QQ7BAy91Ti4TkSJpgUrT5tL6G-2eJOJ91oI1x57f7v2Z8V_okowHLOnXFhvafXo5Z2ErP3uouDgwy5l3Gi0ILNH89Ei0y1jb1Hd60iuo4i1GyBRfVa724wgz1qxwTjAfKBtL9noY1w5oomfkRcVsLSoVCksnE0wJtbuINnKfwYQjn5NdRutccb48NLD1xdn-p2qPgKVMs1b7gsyym6QwKr8MlTZb6EfnqajGdLFKRzrYlOrEAyQw1m7MvBFLt_qq0TWw6DLlDqY8wzQWSOrVdRFsuvy4I1BGSZSm3el9ddgwPPDq-D0AP1g3jrV8Z7prmRUr80JS32T4ZZYB7UVTd4JpWX3Bq0ZlD0CJYIc8XcXe-hFtLiDbc1KhUhvCbgreYmaccb9LSRQcbKC7hzRikpC_U8oP_EueRmiBmLk3Yv1uZDBPBCaLaYUkA7YlUJQeTc&sai=AMfl-YT2W6i9CNDT2ERyw20pOtByfh8mVKhLM4vZcs2ClJU26lZP15MPTPWjs6uFgDN8W0F9X40mCjBKN51tmoG345N9wKdp7iPmZN1W4M_JRl0P-ZTTuosTKNzoR0uOTcReUWAagN7FErHMdi-R44xRmmAQ_pqbt4uAX0lqndMEcuJf36ASNN3QDTBW32uRsKKvyj24o7vIe4k5hiW5SF0ARJQZszzCP5508DEDHEEZv0AII-1N0gI1L_F0URMXIYT7XUkXVX0SAZutv-bXr9yxkC1XMzaQqx17vg&sig=Cg0ArKJSzHSWS7hw1VKQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=681&vt=11&dtpt=306&dett=4&cstd=373&cisv=r20231004.46554&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1301380/73124926/ Frame 7DD1 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1301380/73124926/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1010839380&ias_pubId=pub-5616046187545019&ias_chanId=1&ias_placementId=19777387339&bidurl=www.blogto.com/&ias_dealId=&xsId=ABAjH0ipjz4KS9gUKb2OostmPMn8&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0ipjz4KS9gUKb2OostmPMn8
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.117.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-117-183.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7e1435bc5fe0f70c6edbfa69415c77c3c2a350742e74fb7f83ca21be62695b87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:10 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 7DD1 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
Origin
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 07:14:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 7DD1 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
39319
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:43:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 7DD1 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 13:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
38510
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 13:57:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7DD1 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 12:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
389562
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 12:26:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 203A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
URL: https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
60225
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 07:55:25 GMT
etag
48472445140208031
expires
Tue, 10 Oct 2023 07:55:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7DD1 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
beffd17263cd14248eebcc06e351d7efe6299df462d5356bc5445d354bb21e33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame 80C9 		223 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:10 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 17:51:49 GMT
server
Apache
etag
"37c41-60386a6319d17-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
66128
expires
Tue, 10 Oct 2023 00:54:10 GMT
async_usersync
ib.adnxs.com/ Frame CA71 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:10 GMT
an-x-request-uuid
4cb0e9e9-b69b-496f-a6ac-b1cf87617f15
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.132; 178.162.209.132; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
init
gw.geoedge.be/api/ Frame 7DD1 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:3e00:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Tue, 10 Oct 2023 00:39:10 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-length
0
x-amz-cf-id
LQHXhiRsuoYWWiF4r8txxYhKc77xBAQi9AKgTDns9-4BtL2i64sMtQ==
x-cache
Miss from cloudfront
4a.js
static.adsafeprotected.com/ Frame 7DD1
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1301380/73124926/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1010839380&ias_pubId=pub-5616046187545019&ias_chanId=1&ias_placementId=19777387339&bidurl=ww...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: 58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
URL: https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2600:9000:223f:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
akOqjFMSMxNB2K6FJA8jdyBVXEiL5nl0
content-encoding
gzip
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
date
Sat, 07 Oct 2023 01:26:11 GMT
x-amz-cf-pop
FRA56-P5
age
256380
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
2oDgLKKHtDmc57EyCqtJo3SRTyOf1xiey7WXlnLbx-EgCmZFXJ2bVw==

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:10 GMT
server
nginx
x-server-name
app02.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame B091 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
1643400
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
4ZFd8YoJIwibIXhohpU1U3oKERwzNoJos0Y9-oufShwmNsHTPLhVXw==
google
match.adsrvr.org/track/cmf/ Frame 203A 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHSpf7nRK8LNUNRKlvSYDuM&google_cver=1&google_push=AXcoOmTXHVW_2B9yfltc16JF-WHqdTXL6lxEOVXiWpPzsNy6nX3u6n9mh1iUK3CuqsQuglmr88vOxrYno_MS0skh89_ojJariQTJ
Requested by
Host: 58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
URL: https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:10 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 203A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIeKv9hIyIOpww-3Yq1xrcI&google_cver=1&google_push=AXcoOmRXkFCDZ1CchFXFbcZBiz8EIh9rwOz6NrKFPaVZ6p09cI21bcf4KZNdl2zJFgNZu0nAfJLsTrMhvX8wvF...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4ODEyMjkxNzg5MTA3ODMwMQ%3D%3D&google_push=AXcoOmRXkFCDZ1CchFXFbcZBiz8EIh9rwOz6NrKFPaVZ6p09cI21bcf4KZNdl2zJFgNZu0nAfJLsTrMhvX8wvFaUsY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4ODEyMjkxNzg5MTA3ODMwMQ%3D%3D&google_push=AXcoOmRXkFCDZ1CchFXFbcZBiz8EIh9rwOz6NrKFPaVZ6p09cI21bcf4KZNdl2zJFgNZu0nAfJLsTrMhvX8wvFaUsYr4gp1uqGJ1
Requested by
Host: 58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
URL: https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4ODEyMjkxNzg5MTA3ODMwMQ%3D%3D&google_push=AXcoOmRXkFCDZ1CchFXFbcZBiz8EIh9rwOz6NrKFPaVZ6p09cI21bcf4KZNdl2zJFgNZu0nAfJLsTrMhvX8wvFaUsYr4gp1uqGJ1
Date
Tue, 10 Oct 2023 00:39:10 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 203A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMbo2epbJd8lPsf-GT9_E6o&google_cver=1&google_push=AXcoOmSCuOIDCHaCKlon3mkNrV2kMM1It8IFP-K9v47RlkMPbzqs7fhtK-9XKX8i1LT1SMWadRId8FEhVIa9IS738Kn_X6jG_r4e&rdf=1
Requested by
Host: 58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
URL: https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 10 Oct 2023 00:39:10 GMT
content-length
0
content-type
text/html; charset=UTF-8

Redirect headers

location
/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMbo2epbJd8lPsf-GT9_E6o&google_cver=1&google_push=AXcoOmSCuOIDCHaCKlon3mkNrV2kMM1It8IFP-K9v47RlkMPbzqs7fhtK-9XKX8i1LT1SMWadRId8FEhVIa9IS738Kn_X6jG_r4e&rdf=1
date
Tue, 10 Oct 2023 00:39:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 203A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECS9H7NiuV-xQ3uXtL2QqN4&google_cver=1&google_push=AXcoOmSFquhUJm7hxrGQ5lgvjFOi3_86U5qiPJyjlFx2sgn4o5G6Izx9aZwNIc6Xdx9tgl7FonZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5KTEdRVk0tSy1FRkFB&google_push=AXcoOmSFquhUJm7hxrGQ5lgvjFOi3_86U5qiPJyjlFx2sgn4o5G6Izx9aZwNIc6Xdx9tgl7FonZDA3dM38iHRJlasYgks3USMoqwQA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5KTEdRVk0tSy1FRkFB&google_push=AXcoOmSFquhUJm7hxrGQ5lgvjFOi3_86U5qiPJyjlFx2sgn4o5G6Izx9aZwNIc6Xdx9tgl7FonZDA3dM38iHRJlasYgks3USMoqwQA
Requested by
Host: 58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
URL: https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5KTEdRVk0tSy1FRkFB&google_push=AXcoOmSFquhUJm7hxrGQ5lgvjFOi3_86U5qiPJyjlFx2sgn4o5G6Izx9aZwNIc6Xdx9tgl7FonZDA3dM38iHRJlasYgks3USMoqwQA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
pixel
cm.g.doubleclick.net/ Frame 203A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI2CYpFdeBYquwtyQCSIjfI&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEI2CYpFdeBYquwtyQCSIjfI&google_hm=ZSSdKv8dTwVL0l6rBSwVHgAADJcAAAIB&google_nid=index&google_push=AXcoOmSUC_REOswWakCeU1BF_Llf0HDGV27AN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEI2CYpFdeBYquwtyQCSIjfI&google_hm=ZSSdKv8dTwVL0l6rBSwVHgAADJcAAAIB&google_nid=index&google_push=AXcoOmSUC_REOswWakCeU1BF_Llf0HDGV27ANOXxzBLGC8pOVs34FVO6hM0fB9VIeedPTZ9c3xjTeAnV6oXElj_rgb7HZFErgHArzQ
Requested by
Host: 58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
URL: https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QC%2BSg2SCeFU0qOQHoJY08TU%2FIkf1iL9OuZrG354E0Pdg9kxHJ2O3YENiNo3z5nsv67Mf8AsAukoWZDb8x%2FjZAERgVFf92RQtSYQuJEzn2D2Lt3ZOGjoV5nIjKTA7kA5dxP7rc0i9gmyDLw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEI2CYpFdeBYquwtyQCSIjfI&google_hm=ZSSdKv8dTwVL0l6rBSwVHgAADJcAAAIB&google_nid=index&google_push=AXcoOmSUC_REOswWakCeU1BF_Llf0HDGV27ANOXxzBLGC8pOVs34FVO6hM0fB9VIeedPTZ9c3xjTeAnV6oXElj_rgb7HZFErgHArzQ
cache-control
no-cache
cf-ray
813ace018e176927-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
-
s.ad.smaato.net/c/n/// Frame 203A 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOLUdrGuOlM1ejMtSjJkOZw&google_cver=1&google_push=AXcoOmSUrYm7ha-C4UObxQz6yJ6KucT1vi4zzwzpe9AdbNHXnypvQBYSYmk8fdLDv30PheQMPAHgxYbBpsk6lEsESG3q7KSfM06wMw
Requested by
Host: 58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
URL: https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:f800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:10 GMT
cache-control
no-cache, must-revalidate
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
ZEMfD804Uone6-suFAm86JYNVyYb-pDjbmfulJLGlpZw9MM1i77HSg==
x-cache
Miss from cloudfront
/
onetag-sys.com/match/ Frame 203A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGSCRljrT2nJTBMnTS2Hiyg&google_cver=1&google_push=AXcoOmSpyyx9DV2yryQfavIjvRnXfvfoEV7VnhxQU8971W0U6z9pqkzsgcOjXrXuzjdW25RI2JlNa0SeskF...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSpyyx9DV2yryQfavIjvRnXfvfoEV7VnhxQU8971W0U6z9pqkzsgcOjXrXuzjdW25RI2JlNa0SeskFCYsNmSPZ5QDLolcisWw
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
URL: https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:10 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 203A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KQ-7N2BH2bacoEFf-TMW6fUp5nVzo4dA-jUHZMff0VDGIb47xNtEVyaxOl-GOOYGQvp6iGoQ
Requested by
Host: 58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
URL: https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:10 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 8CF5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310050101&jk=3065970196434945&bg=!6uml6abNAAbjlzx0w5c7ADQBe5WfOHPKFzx75gHcWNVP8KCUV2M__4aRBHaCKnYryQ9wOsvMYfQIhmn8scCQPRXBWWsmAgAABJpSAAAACWgBBwoAGDQl_XT2vh9NbwOHeDnHY8DzfNniw8Ra5JkCx3VUBo7pD60c4ANUCj_w9vGhKB7ePX8tMeS6_W2C5RMKTdtbtn9H2EhG0gcdXZC6meCaiEnAxgb-p3xf32mnnR_HK367EgR4BZTsV3YGb9pyAlcP2vf1u6bx70jpw06MfvGQNW5XuX8e4ThDYwtAobVax8B8v_VKtHsjv5Lrve1IFkpgwcFG3ySvLq7u2lCCFY_7_ffmTLqU_BmqYz1LKfmwePovlOLo7iFqz2ECBcqRM1yRBxwlBeJGvu9PlDaW1Q1KADwI6QF2IbPxcTCBmZzg5eGn5oFY6FuON91Atkuml42OwQVI62H-I0akHIZp34_PAI7-FQPZJ4E8CaRuAYh8SymuqQQ6o1cnBSR-NsEncx6LFnGmD9tQSzLCjVIzBLF5jVZjXIKt7xQ6v1hE7emRf-6XcBFLdWiKWkEAs2pDtUihyt34EiZPI-P3Jz78-DgrjgTlLiSRzOhTig5o2cdyO63ndQ4ZO6L9vxd8Lzub7jMuxWbHyJ41ZEkDxtHTBAbzuYNPw3YtKb68n3CfDpWf_ZGxtlHjgZ1FtxeblrC7n4zwi2HyoJ8HO4l8JldEL3GiAQs4Z2o27MWW1EGxPL4I0MRQEAaL6UHCcqIlqvFf3c3lGGxBbUBBIm1TvHWGfhXgqaOA0ie5VCCwaoTsEhTpYV2niTVI7v3GvcKoNP322XxvYVwUEKlW6MJ6L2H2dfE7jri5N2CEnKy0fCGorBJdDY3F5iHEoArOfiMwEsLcNLd-IQ3X_UeDuC5St-H9kRVuxZLrusd0HAHP4tUnpmFQqF_0_PV7br6n_xzBdztu8WTSl89Vt8HKS7iBV7iuoAqWXyYrgC4tjxZIYt8KofMODXAD7JXL0A8mYbXYCV5KL3F9ZLlQ01gEIfdqSzyddHFbqhqNdApToI5Hch0qs_crG-Ijg_5eqcxFt_t6porZU-zIxo8XFA
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame 7DD1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1301380&asId=4b25cfac-dece-c9e8-2e4c-54dee174223e&tv=%7Bc:qBjbsE,pingTime:-3,time:106,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:37%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:106,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B99~0%5D,as:%5B99~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSeUxTQ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1h6%7C1h7*.1301380-73124926%7C1h71%7C1h72%7C1h81%7C1h9%7C1i1%7C1i2%7C1i31%7C1i32%7C1i33%7C1i341%7C1j1%7C1j2%7C1j3%7C1j4%7C1j5%7C1j6%7C1j7%7C1j8%7C1j9%7C1ja%7C1jb%7C1jc%7C1jd%7C1je%7C1jf%7C1jg%7C1jh%7C1ji%7C1jj%7C1jk%7C1jl%7C1jm%7C1jn,idMap:1h7*,rmeas:1,rend:0,renddet:svg.us,siq:39%7D&br=c
Requested by
Host: 58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
URL: https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:763d:a432:e71e:5bc1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:10 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 7DD1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1301380&asId=4b25cfac-dece-c9e8-2e4c-54dee174223e&tv=%7Bc:qBjbsG,pingTime:-6,time:108,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:108,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B101~0%5D,as:%5B101~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSeUxTQ+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1h6%7C1h7*.1301380-73124926%7C1h71%7C1h72%7C1h81%7C1h9%7C1i1%7C1i2%7C1i31%7C1i32%7C1i33%7C1i341%7C1j1%7C1j2%7C1j3%7C1j4%7C1j5%7C1j6%7C1j7%7C1j8%7C1j9%7C1ja%7C1jb%7C1jc%7C1jd%7C1je%7C1jf%7C1jg%7C1jh%7C1ji%7C1jj%7C1jk%7C1jl%7C1jm%7C1jn,idMap:1h7*,rmeas:1,rend:0,renddet:svg.us,siq:39%7D&tpiLookup=ao:www.blogto.com*%2Cwww.blogto.com*&br=c
Requested by
Host: 58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
URL: https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:763d:a432:e71e:5bc1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:10 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C801 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
320422
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 07:38:48 GMT
expires
Sat, 05 Oct 2024 07:38:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/18252920936102416340/ Frame 127A 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18252920936102416340/index.html?e=69&leftOffset=0&topOffset=0&c=f06xrzKnrA&t=1&renderingType=2&ev=01_250
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab1fa00bfd11518bbc974adb4d3502c7fbd44eaa3103f29de71e2dd45789faef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2737
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:10 GMT
expires
Wed, 09 Oct 2024 00:39:10 GMT
last-modified
Fri, 10 Mar 2023 10:28:44 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7DD1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvXmgZyglXpi1Q7r8qLwSy2cRX3bJLO6-w7c6pWeTY28-ViKKOXj9DkM2Dx48IauJl-ABfVbPvOdc9FG_PyDFVTxUL__tE5pfNT8s27uycrg9EwJkaoDF8iuqgKDBViwm27p-zrzEw0QaoOxJFcP18iz7uzzTQHPBvurjrUGNpf6Fxw094c4VmghFBu-k5_eTVBwTghWfeHWWQUVfvgiEvnUXErHj01wmXxYPFp_QOxQ0Qn-Vi6qd3P6wVgqe0tTW8fzva-v8xvL3MHHt1V5KKqPO4Eq6dZkgkqdHVV_PD55Ycl2NxDohrwSD_1maWxQhNQGoPlI3GakUuXMYDwVpqbBg4m--C-7uh78cSF-l09ZN2GTZoAmdcU5SVKtsrGPzm-EFwuY01rTuF9l0TJu3fJnkaE7vC9vAvZSeQBp02O-YWZV1C8fhbEXhq85fDLDcEalkDlKCKlR5fC6DeYNV3TfcwMAKyFZFVuK49Uvo71Q8nJ5PEfbflvQFkgVwxe7Q7boMMJh88W5QODVajzAV_7W3e-TYiJbLMLDO5ha5sdV-phykk86DBeVvj9YL3mTWWZrRql3R69JY2YzT9KKWY-sOxFyvghrxSkGW0thvgwH5AyDHhGLZvlWUifDAvE3bKPigJMJIjz_WNtCC61eB8dkoWXUt1sExvKHwiUmOjpBy6Hi4DYLJvyQkwX7FlvLfRCazsWWcbs43EQLjNOuL2x3K5VRDGPRlEi-PJHVEPUr2SIydTP2DiODQyaNyPBZZ6cz2dVvTMcIwKuayng2VAUlU5JKaeEUGtlMtft6r8Da4h6nx8vDvWZk6llYJYRIzVJqKodWGSpsYSauVu7LinvDv0c0zyVWT11crCEsNLIIsCcxkz2QkO7ym8xuIqlqJ3Pn1s2RGbCZHYcdlnX2QCkvCxGEHyOiXmEfL7J2CnuSQSZeqk6Pt8Tq4GEBQ_aAE0wPNg8FULshGHF_TbG52l0BjyupUc7h_pOz39mqLNQb9j3_VOC2Ls2iEL69aSF-vQD26Uxn4vRGTwyjR2TKlyzxhg0ftX7LNwgrLxovgH_INP7a5waYkCIu-1TzV8MDHM_FrxLkAJ03I_P74aLjcESGrsJS95o4eMEca89VSQr0bewOvQIWHd0oPSW1MSKsy-FUat8KUX1Vlq5QVVXB-41aRX7mH6RlxOCQJRBcpo8gjtTkFgj1wgnLz1q10Bb9x8WpbwtmfDGP9VMvruc7_UgMbBA7Wjva0Dm4iGEPnttGA6hmRWm-2LO-ICyG6XErTN-qOeNOGmVvzatcifVw7wIPsVKX5NlAf00Q6cy_goFS060DOyRCUr5pY3O5ZGVt94P7ebbYcvuEwZBKL8clFexYs4siF4VjJ6Zmu68aWnRfUyIDONyb5ZY_GP2NoYHMNkLfuaJGM6Rn6SZE7SnZ9JxWulPRZLspN87&sai=AMfl-YTsDvGXcE0-pSKOkdlGnTXjJ9s9uURZgyDGT4n7ZUyA_EAItuBZSpiWL-gzHbdEGnymDU1S5g3WO4SNXn1HYDSrH6EOWsgQU_mNrGZC39fJgMffWUV-6VstkTzEWbukd5jHai0p9j3ufJ9cMZmSdasxk6Lks-n7zpNiDX4PJxkwdx14NCyLDx3OElaAqTYGqFkKRhhevTMUR7GW7QhcVss4OZDdgQsgavNSfUzXXJC2KVwX_Cu6gjk4DEZkgNx3wsJwjiPtgnvcE-K9t0zo2wdc9mHl-hqUfg&sig=Cg0ArKJSzPejGTa8oiIXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=346&cbvp=1&cstd=334&cisv=r20231004.70642&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 10 Oct 2023 00:39:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 77BF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_USCJA
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dt
dt.adsafeprotected.com/ Frame 7DD1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1301380&asId=4b25cfac-dece-c9e8-2e4c-54dee174223e&tv=%7Bc:qBjbts,pingTime:-2,time:156,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1093,beZ:1094,mfA:1097,cmA:1098,inA:1098,inZ:1102,prA:1102,prZ:1125,si:1132,poA:1133,poZ:1160,cmZ:1160,mfZ:1160,loA:1201,loZ:1204,ltA:1249,ltZ:1249%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:37%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:156,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:37,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B149~0%5D,as:%5B149~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSeUx3A+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d.1475223-71249298%7C1d1%7C1d2%7C1d3%7C1e%7C1f.1301380-73124933%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1h6%7C1h7*.1301380-73124926%7C1h71%7C1h72%7C1h81%7C1h9%7C1i1%7C1i2%7C1i3.1301373-68102612%7C1i31%7C1i32%7C1i33%7C1i341%7C1j1%7C1j2%7C1j3%7C1j4%7C1j5%7C1j6%7C1j7%7C1j8%7C1j9%7C1ja%7C1jb%7C1jc%7C1jd%7C1je%7C1jf%7C1jg%7C1jh%7C1ji%7C1jj%7C1jk%7C1jl%7C1jm%7C1jn,idMap:1h7*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,siq:39,sinceFw:116,readyFired:true%7D&br=c
Requested by
Host: 58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
URL: https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:763d:a432:e71e:5bc1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:10 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 127A 		0
0
logoTransparent.svg
s0.2mdn.net/sadbundle/18252920936102416340/ Frame 127A 		0
0
logo.svg
s0.2mdn.net/sadbundle/18252920936102416340/ Frame 127A 		0
0
empty.svg
s0.2mdn.net/sadbundle/18252920936102416340/ Frame 127A 		0
0
close.svg
s0.2mdn.net/sadbundle/18252920936102416340/ Frame 127A 		0
0
backup.jpg
s0.2mdn.net/sadbundle/18252920936102416340/ Frame 127A 		0
0
style.css
s0.2mdn.net/sadbundle/18252920936102416340/ Frame 127A 		0
0
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 127A 		0
0
app.js
s0.2mdn.net/sadbundle/18252920936102416340/ Frame 127A 		0
0
dt
dt.adsafeprotected.com/ Frame 74EE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1301373&asId=15db9d36-5273-9f41-2906-40d4221cf5fb&tv=%7Bc:qBjbwd,time:976,type:e,im:%7Bimprf:%7Bttecl:567,ecd:104,tsecr:161%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:976,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B969~0%5D,as:%5B969~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:290,fm:tSeUx3A+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d.1475223-71249298%7C1d1%7C1d2%7C1d3%7C1e%7C1f.1301380-73124933%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1h6%7C1h7.1301380-73124926%7C1h8%7C1h9%7C1i1%7C1i2%7C1i3*.1301373-68102612%7C1i31%7C1i32%7C1j1%7C1j2%7C1j3%7C1j4%7C1j5%7C1j6%7C1j7%7C1j8%7C1j9%7C1ja%7C1jb%7C1jc%7C1jd%7C1je%7C1jf%7C1jg%7C1jh%7C1ji%7C1jj%7C1jk,idMap:1i3*,rmeas:1,rend:0,renddet:DIV,siq:34,sis:299%7D&br=c
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:763d:a432:e71e:5bc1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:10 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
googleads4.g.doubleclick.net/pcs/ Frame 7DD1 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8lIVClaZ-OQYOxgN5enr21PGOU41ddEATjUtl7ufGs0TfyUVsEVFHk1XT0CCPlnLpVjSTxY5cJaB4sLd1cQm3BxTG9aqCaTNBuHlgObvk9sXpbhVMkPKHXxjxL3gc3qIXlMT5GO7m-1mIDfysSwgPqV7oFxS0B1YP98lE-Opaux1Vy8G-pvfQ2A5u6djAKQi67JYOWEIU91xPowgQYUbnFfNQT1s7nuw3AtY&sai=AMfl-YQlGvYV6WkGd9AoYMry14T3aSRj1mVZmC7XfoOo3KgT5BrRC2uINM7LiLSzpS_4nd89p8U2w5f-38xD_OwGEWiIxRHclBKnhCXo8VIMQKrM9T5HnIjHFS2n6GwuqpUFa7f6f_logigx6vnf78xX3XV4yjHl&sig=Cg0ArKJSzDwegd9mrqqDEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js
pagead2.googlesyndication.com/bg/ Frame C801 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GsA0opaeSuQuy-lmi5lGjpCuNVb8V7iM3aRf4cGq52I.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 12:44:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
388505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14584
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 12:44:05 GMT
passback_300x250.js
static.adsafeprotected.com/ Frame F006 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_300x250.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
vr1Fa3eAVtG7AGe6kPa1Y0WAZAHvQkII
content-encoding
gzip
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
date
Sat, 07 Oct 2023 23:39:22 GMT
x-amz-cf-pop
FRA56-P5
age
245632
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:42 GMT
server
AmazonS3
etag
W/"44f0ac540dc9c11f94344414c879b658"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
NwJi6lrHCHG63_s89K3B67dO-68Lgkj3RuWvu_Eub0vIrF9C3KKv_Q==
gen_204
pagead2.googlesyndication.com/pagead/ Frame BF1A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbbpFLZ0kZcS_BfqTjuwPxOOqIAAAAAA4AeAEAg&bg=!VlWlVRrNAAYMG8UMLBs7ADQBe5WfOEHkPC-LaWkUzJEdl-MyiGb-nPa3wVBxWTLLtdPUyrkUYDbOUpmXtyT14OcstYRlAgAAAehSAAAACGgBBwoACbgqTkxApoOsg5kDIYugx2wnKRaiL-6OycYjurg1lqUodvCGWds8y2X6soRM2QwqInGx_zg2uEESoD4n6v3un7SoR3T_UrkN5qfT0Y7V4r0QHVOZYYyHB_xGID038_E93i0ZgqW59BKZTDBfXSvy1H45DSe_5AyFUp76UJtRQ-SzpS4XSkWN8P9Wpxvxm7glvMz-_ifdkEYUGTxzquRZhTIUzr8uRoq37Viefn79ruRp498gauIPzqDjh-7llQejA3mCi5c7BjwBYt3mXWD3qGptSrEZK_xAMyBolBENl8Jjfjz7tQJyxq-avBsUaXJ-5gneUrqLgMzIqnl0RXO_akbXffxIfdbmcUjNbyREH2R7iR8syUUO3CutoaTzwNcmeNNymZFnx_AgkQGVX0dTS69fi_2VhBTzH9OVX6dpgIVBZbOngcqy2NoMzAfdFX7vgyeaYqsN3X5LLJbAOE2-n3AsahNZAu5STsWajjON0BFJBZB9pnQOapSZ8bnObfhcrchiTFek7gN7gaHMvBY8zCHBWgB9sAXGPywuKOwoxbTk2B74l-zBN7Fuebo-Owq5IoYm1j-Aotsu1VmhrkP6hZ7Do4uDlzR_b7p9fNw-hjGDCZRWoQYUU7RC6u4rZl0EwUDzyq5gKhorKT6yck_Qern3ptLrENC79qnvj0Ggc5JhbjxXnkI_QIJuSteio1zplPytFyu87HAN9a0cgIgjuQdkHWbL-imZ11YCgd13q4j7IIdIp4n1DSZnMReKzIkA38qDQgV3VEo_TV9Wl5Kzm9HpY09VDL75CAaD64IE6Wku5KEOpyDMk2pOhOaCHA53Elr4ablAEwmq3E8Fztfw6YpEFvvUlM7M-G1DvQOsnzdfmmDEQQtUUmEw5l-48J6coOdX3_JVZAEU1CW2CdPPMoWJu4durbqYbp7xd6aDYIgQ2rETLJZjgHfNgPdXJoZQ6iwCNeF0cjLEpzeRIv8DUs61S-EDCnEqFScqnC1Ce0YNtMpOKLmlgJPorPusxHkIDvgPtABIWEoNm6reszyVEipQIEoqyG1jkbw0oHNgkUOZSQ3rS3a1tuESc_gfOA
Requested by
Host: www.blogto.com
URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-Z46FS9DEKY&gtm=45je3a40&_p=563587538&cid=1981056629.1696898344&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1696898345&sct=1&seg=0&dl=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&dt=Luna%20Bakery%20-%20blogTO%20-%20Toronto&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z46FS9DEKY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.blogto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
IAS_PassbackAds_300x250.png
static.adsafeprotected.com/ Frame F006 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_300x250.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
5gVOAFoF.BCvnrybv6D.a4lGJXzJNSyO
date
Sun, 08 Oct 2023 19:41:26 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
510071
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14233
last-modified
Fri, 18 Feb 2022 23:28:59 GMT
server
AmazonS3
etag
"65a8b98b798ce416d94c2847aca40c71"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
P3R60BNhWakMGgikbzPiwiRCeN7NxKd9R_QyS_D_ml824mgrttgJ2A==
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310050101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5585f8c49b390de63411ef267d0241bfbf13a4a95f6a95ea73765b76c416635
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12203
x-xss-protection
0
bz
www.facebook.com/ajax/ Frame 27F1 		0
0
share_button.php
www.facebook.com/v2.5/plugins/ Frame AACD 		43 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/share_button.php?app_id=100616073343311&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ba60fe7970208%26domain%3Dwww.blogto.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogto.com%252Ff29da18de8ceb9%26relation%3Dparent.parent&container_width=77&href=http%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&layout=button_count&locale=en_US&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=372ba18dd9d99239f1aec9363b26ca44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7a412d6ec874a81ee7cdddd421b3cc976b7908139b8bfd36b4687b29eb2c295
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:10 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v12.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
a62XWaCDHt67hUHOEG8WK07/3Ihdhuu4mMF3d9vJHbLOz74PjlAogrI4m3RtqpkOChA0G9VVbKR1kqLCSB2dPA==
x-xss-protection
0
/
www.facebook.com/login/ Frame 4C61
Redirect Chain
  • https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=100616073343311&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3db...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D100616073343311%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D100616073343311%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3db094a7d54afc%2526domain%253Dwww.blogto.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.blogto.com%25252Ff29da18de8ceb9%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fblogto%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=372ba18dd9d99239f1aec9363b26ca44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 10 Oct 2023 00:39:11 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
vF+aL/fRmFWSB1tBgRFrEXpQxu9RjI8sOzPN4CTQt4bAXixRhqBu0z+8kLxOkbZ+eKI2zzvKpUrnTmM21SMc+A==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:10 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v12.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D100616073343311%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3db094a7d54afc%2526domain%253Dwww.blogto.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.blogto.com%25252Ff29da18de8ceb9%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fblogto%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D300
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
priority
u=0,i
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
fokWqWz+maqzv6sLqu6GXuKw3LEs/FBuoNQmu7AAlc4HJHVtMR4huGyuORSCnNmMqQnOOve5gLNgZfGKYh+nMg==
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 10 Oct 2023 00:39:10 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1858 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
54520
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 09:30:30 GMT
expires
Tue, 08 Oct 2024 09:30:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DA0A 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7e7c7d921df5c0de23ffce0d794f20c84226e5e508c6f5e075e6944945e0fe82
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JHF8T5dWqZdCh424Qaispw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.blogto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-JHF8T5dWqZdCh424Qaispw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 10 Oct 2023 00:39:10 GMT
expires
Tue, 10 Oct 2023 00:39:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame AACD 		272 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=100616073343311&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ba60fe7970208%26domain%3Dwww.blogto.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogto.com%252Ff29da18de8ceb9%26relation%3Dparent.parent&container_width=77&href=http%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&layout=button_count&locale=en_US&sdk=joey
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:10 GMT
x-content-type-options
nosniff
content-md5
lIjeC3eJAboxVqIOEs/Auw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
272
x-fb-debug
Q+8n/fqGoCstFE+8iX62FRQdrNzd5q506kN4aU5clfRW+Xhln1hMVeZReaudzYp0fwc8nNc49NwTMu0YpKkPXA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 02 Oct 2024 23:13:41 GMT
DPyYT2RpcN9.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yt/l/en_US/ Frame AACD 		522 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yt/l/en_US/DPyYT2RpcN9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/share_button.php?app_id=100616073343311&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ba60fe7970208%26domain%3Dwww.blogto.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.blogto.com%252Ff29da18de8ceb9%26relation%3Dparent.parent&container_width=77&href=http%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&layout=button_count&locale=en_US&sdk=joey
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46c4a807a44b06fea1ec016132365b39deb80ad5d5b24631c61d60a9a7052e9f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:10 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
KkCgFhyXOQybVh6KDDbX0A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
137910
x-fb-debug
tX+xn7xTB5l+fAwO9i6pdsWqYjOqSQDMciJzl2CIVN8UpVe3t7JODENZhXzIxFYETflkM/xgslpYIZv4uNbVjw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 05 Oct 2024 19:13:15 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7DD1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvXmgZyglXpi1Q7r8qLwSy2cRX3bJLO6-w7c6pWeTY28-ViKKOXj9DkM2Dx48IauJl-ABfVbPvOdc9FG_PyDFVTxUL__tE5pfNT8s27uycrg9EwJkaoDF8iuqgKDBViwm27p-zrzEw0QaoOxJFcP18iz7uzzTQHPBvurjrUGNpf6Fxw094c4VmghFBu-k5_eTVBwTghWfeHWWQUVfvgiEvnUXErHj01wmXxYPFp_QOxQ0Qn-Vi6qd3P6wVgqe0tTW8fzva-v8xvL3MHHt1V5KKqPO4Eq6dZkgkqdHVV_PD55Ycl2NxDohrwSD_1maWxQhNQGoPlI3GakUuXMYDwVpqbBg4m--C-7uh78cSF-l09ZN2GTZoAmdcU5SVKtsrGPzm-EFwuY01rTuF9l0TJu3fJnkaE7vC9vAvZSeQBp02O-YWZV1C8fhbEXhq85fDLDcEalkDlKCKlR5fC6DeYNV3TfcwMAKyFZFVuK49Uvo71Q8nJ5PEfbflvQFkgVwxe7Q7boMMJh88W5QODVajzAV_7W3e-TYiJbLMLDO5ha5sdV-phykk86DBeVvj9YL3mTWWZrRql3R69JY2YzT9KKWY-sOxFyvghrxSkGW0thvgwH5AyDHhGLZvlWUifDAvE3bKPigJMJIjz_WNtCC61eB8dkoWXUt1sExvKHwiUmOjpBy6Hi4DYLJvyQkwX7FlvLfRCazsWWcbs43EQLjNOuL2x3K5VRDGPRlEi-PJHVEPUr2SIydTP2DiODQyaNyPBZZ6cz2dVvTMcIwKuayng2VAUlU5JKaeEUGtlMtft6r8Da4h6nx8vDvWZk6llYJYRIzVJqKodWGSpsYSauVu7LinvDv0c0zyVWT11crCEsNLIIsCcxkz2QkO7ym8xuIqlqJ3Pn1s2RGbCZHYcdlnX2QCkvCxGEHyOiXmEfL7J2CnuSQSZeqk6Pt8Tq4GEBQ_aAE0wPNg8FULshGHF_TbG52l0BjyupUc7h_pOz39mqLNQb9j3_VOC2Ls2iEL69aSF-vQD26Uxn4vRGTwyjR2TKlyzxhg0ftX7LNwgrLxovgH_INP7a5waYkCIu-1TzV8MDHM_FrxLkAJ03I_P74aLjcESGrsJS95o4eMEca89VSQr0bewOvQIWHd0oPSW1MSKsy-FUat8KUX1Vlq5QVVXB-41aRX7mH6RlxOCQJRBcpo8gjtTkFgj1wgnLz1q10Bb9x8WpbwtmfDGP9VMvruc7_UgMbBA7Wjva0Dm4iGEPnttGA6hmRWm-2LO-ICyG6XErTN-qOeNOGmVvzatcifVw7wIPsVKX5NlAf00Q6cy_goFS060DOyRCUr5pY3O5ZGVt94P7ebbYcvuEwZBKL8clFexYs4siF4VjJ6Zmu68aWnRfUyIDONyb5ZY_GP2NoYHMNkLfuaJGM6Rn6SZE7SnZ9JxWulPRZLspN87&sai=AMfl-YTsDvGXcE0-pSKOkdlGnTXjJ9s9uURZgyDGT4n7ZUyA_EAItuBZSpiWL-gzHbdEGnymDU1S5g3WO4SNXn1HYDSrH6EOWsgQU_mNrGZC39fJgMffWUV-6VstkTzEWbukd5jHai0p9j3ufJ9cMZmSdasxk6Lks-n7zpNiDX4PJxkwdx14NCyLDx3OElaAqTYGqFkKRhhevTMUR7GW7QhcVss4OZDdgQsgavNSfUzXXJC2KVwX_Cu6gjk4DEZkgNx3wsJwjiPtgnvcE-K9t0zo2wdc9mHl-hqUfg&sig=Cg0ArKJSzPejGTa8oiIXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=856&vt=11&dtpt=510&dett=4&cstd=334&cisv=r20231004.70642&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame DA0A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310050101&jk=2201199093601539&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 1858 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 19:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
18934
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Oct 2024 19:23:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C801 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJ_1vLZ0kZfCxNZ2RjuwPpIawiAkAAAAAOAHgBAI&bg=!trWltfrNAAYMG8UMLBs7ADQBe5WfOB_RghzYZSsifyejrv-J_uMiBd7CurmbbrzB280YkoerB-AvwEFBc81bnr96smgQAgAAALFSAAAACWgBB5kDGYsRs9QS6xDcLGOGWMkDYtxhXuPTRp_YCweJ0AYS_TYhiijrTkzCeH6hCQWrNU8PZOTjA7hG_WWiz2xBi2enYrQCU9qdfPb-NBMawWxqMIpMLDBCqKkfUCo0BkiwtHbo2ZgeGt9fUsTz9_icfkIBfYIPXpzw7Rlg5KVYkxW5ubXPIAcrbucOmUhncyWF-sse9mBxuDJbPvVHbFS7LCV3ep9Ur5RUZoW58-z0w5vTul3alu75MYEQVUHZ_siSNCX2hacu2ZAP88bHP0G0B4VdUt_QObKqveuH4IrpRWtkOHPe0qEuCyLJrsw3sw6arXCQRQBMI5VI5r2-r41oy_-VCnt2uQVXkFGo4OlJMZfssOTmzYc1YqxQ_q-xN42QMQEdMFVAEWtzc-qi07NTUuuDDBY0FQD2pqZAFpY17rvZdkYM4py3xTtGKT9__Xx-oxEqvHhFCpqOhIiQiZakq_Hp-8HzmkfALI79zxRTLK5KWHvdcveEkwv6g49KUCdHWHPxqhunBkginC3mYAdrBVCbrY54PVXI2aK8gqsg6z8VtSaGsc_rfJUurZCQCOOD6YMHILSR78vGYRaoczVUDwFAHD4K0kAZ4ls5XJ0zp7p7gM09psD7KZzNyJomWQcnflCACrKH5xTrhaGSQBpu6SgqhydZ_I2sqqgsaAwbfpDQApNpo4aaDjfUaf_BqtyHiDCyZmmeMkIln5eA9tqZ6zpb2QxpdT_f5QJotH5bp9FfF1gc_ApzzMBH7GJ53a0bEG_Ucwa5oADWDHVVCEk7kqYnAdB45bi2cjUWij-jgIjugE5D-hM_zVQLwZQnNH7DFlnfBRmnqY-bo8RSR1ghBur8Gpr3GpmQsY3OOoiW8LBVj51h4qOCi1tqzIckD8i31xFafsM5Ez8denunoI9Fn1LG80KhFomtJDFDHUA-koFKjtV2QD6IY28dLs-S2rlQ5n8El1COKP7fa0DGpxe1STMmYJx7mQ8yn2UeuMH5bsIueSgqWrzbEDwL3KIikSS84HPJRmrNAnaSN5XIOI0EyxcCVjypdef-Nmna6c0
Requested by
Host: 58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
URL: https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 74EE 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6060312267179&version=m202309260101&ct=76&x=1&cor=9874323547336490000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BD7F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310050101&jk=673764329366383&bg=!n5ylnNPNAAbjlzx0w5c7ADQBe5WfOMYqsXs-4WdQ2003JYmDWwgxV0AK8kk2sFPa1v-jmvJwPp1vgITTwKbBQQoHc2NvAgAAAm1SAAAACGgBB5kCx11qqk5DTovaKx8w4dQ8wpsyQG5_1epgenluLxXtqSqnuwnfAwka08b0d_C7pRkXYiFIgM47S33purOUgwZqA1M4o-uq6WTZDzDm1Gpj2v5Dr1t7UypH0ZFcNUzFJ-S0YLqJppb-O-5HQu4axW-TUTFKpwDOm847Q2efMnEiIqtEVHyEu4HflI0YlWseev0xsys-1qmH0nPNLoX45nvC5iE3BWbrDQ9on1U6eb58XCAglXaolVLvAvf4ACpERQFxCrMZ1LrtLwP4qDRpPK9c7uB6d6Qzx2kTNTsvR7H_dhNC0nWOKXgBwDtlqGS0SrNFt4dg0luLBsg-vJAD1w4_90kpWFrE0PigxESUW1FLuGzIDmG8VFOdrS4RQmnejAnoqPvx26uKqc1zKqFEWggOO-vkbJ8VFpQNJIggdPudMpEC443rD_olvB3eyL2ViG9r5LyhJeD6RwNhd_Rq-WFznHy8dMViX2yDr_nPhuFrTTNcZIg7pFzdIVU5huvDdB_2zRmVApIvbJXww8DhQLACp3ygk-0fesgi1HFuSaawzG2cF-i9EohHZVVK8_NH3Bv5uh_j5Gcdz-ZNZdiTkzwe9dpSX7QKBP0KXCV_2Fp6sf1Q4bsKcvrEoeOHA9LhOzcGvkE_8rt6xBXrMIdCs1Nteu-1dJEFtPn8x2wwHuYXd2zwe7hUKeAozXPCMPeqn3tXh0EAc7lyrYLkygDGRY4-O6hRcWS7aCUlI10EH2VyyrhoslX5E-pCfQb_gEMc_h9CacOyOoGzZj54OZnLpzKm0TjNgKOnIuxFzhZVGGcJRoi7c2eHtOCIkCDFn8Qu5loXvTVOAcoBNi2bZeVJvEDjViV74oLVg6b63bXW2zYjhBVB1Hnmog-IfkQ3rtOn3ajtFHDj-f-W_gxk_Rt3uxLe-ycOw3HZJchu-YroDQsQsrrelaueeXoN7A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 1858 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-sfxbQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
async_usersync
ib.adnxs.com/ Frame CA71 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:11 GMT
an-x-request-uuid
2a528199-8a2f-408f-be9e-6dddc1108bc0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.132; 178.162.209.132; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
p
o.momently.info/ 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://o.momently.info/p?a=gbVWQAAmASk&d=KwBKbQcwjUbsjgDIJBea&t=5000&g=1696896000000&s=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.81.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-81-85.us-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:11 GMT
cache-control
no-cache
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310050101&jk=2201199093601539&bg=!pKelp-jNAAbjlzx0w5c7ADQBe5WfOOkIo_1gLxmhutVLJHT5EU0jgMBRbHoBqqOJt_KffqETK6Aw4ZV8Zwo88CxwyuPUAgAAAJ1SAAAAGGgBBwoAHuIH0F6ywA6bwtsJrzx9NtQZyyvIzPa4aoKdFwccXpkCueRnqQ5oXDPsv5xko_buZXKlYK5b2W6GPayCNh4WU6qOx-QhgrXXrolZd39RkLzdjC94tEcvCWTwWyGSTwx51GKE356oe24n9C8jNJFUBPXZj4dsEntyOEWb7rC31MYHPLyZIKEhwXy9tcEeqw-KqMmfFF7kp6PFNWqVa8Mv8wRzyQiTEXZXAPQhXp6X3AyEpYnTZtWmL5GlRUcujOmg9U8nzj2gttiSrTcsrFD_P7v5UI6clZHKU0NhQjoh2yNpEH5uq2wx_donRgbkk2tkc-gh5NXX_24DBHv4tH6WNkWOw6GbutCSwkKR1T1dyqxptGHijBMVBK5cntp65REi-p6Y4qQ_iL1O1UPkbHq4HrtPIVuM9gV97AMvhsJcIJ1qLhjICffsi5gmdYumBKsS2ajfJdA7oiMSiY9hoAtO_X5ilpxBa8Rz2Z-EFrGDC2ZPyZJgBjUT-ZTCejuepc7oo1F5MTyGFTk4Ww2mRNE8H-1QM2vr29xiZp-EwRaPRrIp77xijIVGlIQtxUEKpjFuHukdACU_T0ugFQTh9bBk8yGaSSmukXHQeBc28SKPCIk6Kl350Vb9EgTY7b0tjBqEyNwttCTdTXhnCqD9u2CaS_iG4YmyKfvTUL4fUpufz19xFGZDmrXnt9IqWH8wkkgDSyGZ3NLeGa8F3uemknA2QKx3UIjAi7Ty8YuvQ6w7x5E-MZ3-hSBxvBPEIpLywvg9c0m-RSJSvEWEMU859q5AJhCAe0yYripGY9232iDQ6eJBuAQNKdby3yzBeh14LRn86HUHCqWBvho98IHy5d9th5RAy9aNwsn2CCAhykl1AkdZYJij1aasEEOgTopSQqdzTRl2_mlWg-UavXAN7WvKVu9ElVCoYljIxEkFehNe10KbGT_n95i7b4TLN6nTgErqutmZMehjdQzybkk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DD1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8845034492728&version=m202309260101&ct=76&x=1&cor=4179229597523629000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 7DD1 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1301380&asId=4b25cfac-dece-c9e8-2e4c-54dee174223e&tv=%7Bc:qBjbSx,pingTime:-10,time:1711,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xNDkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696898348063%7C%7C12d786368102097e4b62d564daec4bf1%7C%7C8e5269e98501ac65ff2ab303e742fcb1%7C%7Ce396e44b5bd3e1dac55ad662112e4969%7C%7C6b1aef90bbbe86ab952099aca505c1fc%7C%7C98632d7c647377ba08ee67f340b5b723%7C%7C96f404f5e1b78fd3e191df901e77edf1%7C%7Ca411ded5ae32094b19b05ef323e07f00%7C%7C1663701684,sca:%7Bspg:c4682b05-5d66-236f-4abe-e03021c9594e%7D%7D
Requested by
Host: 58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
URL: https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:763d:a432:e71e:5bc1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:12 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 74EE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1301373&asId=15db9d36-5273-9f41-2906-40d4221cf5fb&tv=%7Bc:qBjbXN,pingTime:-10,time:2686,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xNDkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696898348063%7C%7C12d786368102097e4b62d564daec4bf1%7C%7C8e5269e98501ac65ff2ab303e742fcb1%7C%7Ce396e44b5bd3e1dac55ad662112e4969%7C%7C6b1aef90bbbe86ab952099aca505c1fc%7C%7C98632d7c647377ba08ee67f340b5b723%7C%7C96f404f5e1b78fd3e191df901e77edf1%7C%7Ca411ded5ae32094b19b05ef323e07f00%7C%7C1663701684,sca:%7Bspg:c4682b05-5d66-236f-4abe-e03021c9594e%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:763d:a432:e71e:5bc1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:12 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
track
track1.aniview.com/ Frame 2E1E 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.blogto.com&rs=www.blogto.com&sid=20727&t=1696898348&cip=178.162.209.132&sn=&tgt=0&osv=10&bv=117.0&brn=Chrome&wi=707&he=398&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&d64=82dd19a17ab567d5e772c0a13b8250aa&d63=82dd19a17ab567d5e772c0a13b8250aa&aafaid=&proto=https&uid=1696898348168-945556496869-001642-010-000522&cha=0.7&stagid=&stplid=&d35=&d36=6.2.133&cb=85749349670&d39=&d65=&d66=&d74=&d56=&apppkg=&cd1=sp_mnhjJdcW&cd2=Desktop&cd3=independent_ad&cd4=1e6e2174-2a67-4dd9-840b-9ec0c571ce56&cd5=JTIofqowqd_KFYpE5MMA7-isUtFsRXzi3KrujaG4ScnY3NBYemco5YX0jmWOgR1p&cd6=stable&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=70671651&cd10=v22.5.0&cd13=false&cd14=%5B%5D&cd15=ads-independent&d9=1000&d37=realtime&AV_WIDTH=707&AV_HEIGHT=398
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.176.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-176-4.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 10 Oct 2023 00:39:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
s2s
s2s.aniview.com/api/adserver/ 		0
475 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=82dd19a17ab567d5e772c0a13b8250aa&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1696898348168-945556496869-001642-010-000522&AV_CDIM1=sp_mnhjJdcW&AV_CDIM2=Desktop&AV_CDIM3=independent_ad&AV_CDIM4=1e6e2174-2a67-4dd9-840b-9ec0c571ce56&AV_CDIM5=JTIofqowqd_KFYpE5MMA7-isUtFsRXzi3KrujaG4ScnY3NBYemco5YX0jmWOgR1p&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=70671651&AV_CDIM10=v22.5.0&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads-independent&AV_SCHAIN=1.0%2C1!spotim.market%2Cpub_lFflnF0ELP04%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=646c97b3629342bcd6062336&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.blogto.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/646c97b3629342bcd6062336/www.blogto.com&d36=6.2.133&responsive=1&sver=4&avtoken=347899&omv=1.0.1&clsid=4a5a4019-aa50-4b2a-8e83-3a4ec787d401&rando=64&AV_WIDTH=707&AV_HEIGHT=398&AV_DNT=0&cb=6898353175&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=3&d5=5&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.202.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-202-9.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 10 Oct 2023 00:39:13 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.blogto.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Thu, 28 Sep 2023 10:52:33 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame 4758 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&pid=Yza58J3ZvVNuh&cb=2&ws=1600x1200&v=23.919.1525&t=8000&slots=%5B%7B%22id%22%3A%22OW_DT_Video_High%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!spotim.market%2Cpub_lFflnF0ELP04%2C1%2C%2C%2C&pubid=d4004b5f-4fb6-4be2-82ae-0e36b8f52c12&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.blogto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 00:39:13 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
PTMWB6CXR4Q9FBS0KHPY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.blogto.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
8RWJ58BRR92RkzNAK2c4YzF7n6DyljXF3K2kcFQRs6sUfShebGm_aA==
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.blogto.com
date
Tue, 10 Oct 2023 00:39:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.blogto.com
date
Tue, 10 Oct 2023 00:39:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.51.0&referrer=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&tmax=7000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.194.124.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-124-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:13 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
671490ef750146408380729e427f51b3b3b508d6eaf1cf6e089bc2120d27dd4d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:13 GMT
an-x-request-uuid
e67567fe-7958-480c-9f9d-0bc40242bc4d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.132; 178.162.209.132; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.blogto.com
date
Tue, 10 Oct 2023 00:39:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.51.0&referrer=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&tmax=7000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.194.124.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-124-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 10 Oct 2023 00:39:13 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.blogto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
s2s
s2s.aniview.com/api/adserver/ 		0
475 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=82dd19a17ab567d5e772c0a13b8250aa&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1696898348168-945556496869-001642-010-000522&AV_CDIM1=sp_mnhjJdcW&AV_CDIM2=Desktop&AV_CDIM3=independent_ad&AV_CDIM4=1e6e2174-2a67-4dd9-840b-9ec0c571ce56&AV_CDIM5=JTIofqowqd_KFYpE5MMA7-isUtFsRXzi3KrujaG4ScnY3NBYemco5YX0jmWOgR1p&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=70671651&AV_CDIM10=v22.5.0&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads-independent&AV_SCHAIN=1.0%2C1!spotim.market%2Cpub_lFflnF0ELP04%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.blogto.com%2Fbakery%2Fluna-bakery-toronto%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=646c97b3629342bcd6062336&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.blogto.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/646c97b3629342bcd6062336/www.blogto.com&d36=6.2.133&responsive=1&sver=4&avtoken=347899&omv=1.0.1&clsid=4a5a4019-aa50-4b2a-8e83-3a4ec787d401&rando=64&AV_WIDTH=707&AV_HEIGHT=398&AV_DNT=0&cb=6898353443&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=4&d5=5&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.202.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-202-9.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.blogto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 10 Oct 2023 00:39:13 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.blogto.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Thu, 28 Sep 2023 10:52:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.blogto.com
URL
https://static.blogto.com/static/fonts/merriweather-regular.woff2
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/14261951911485111691/app.js?@@decache
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=1&gdpr_consent=&rdir=
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJICukL4ycfgkS7nldBLGCQ&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/16177400596801910314/index.js
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/18252920936102416340/logoTransparent.svg
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/18252920936102416340/logo.svg
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/18252920936102416340/empty.svg
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/18252920936102416340/close.svg
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/18252920936102416340/backup.jpg
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/18252920936102416340/style.css?@@decache
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/18252920936102416340/app.js?@@decache
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7wKxa13wt8K2WnFwRwqo98nwgU29zEdEc83WwvE3vx60Vo1upE4W0OE2Wwio7C0yE460qe4o5-0me0sy0ny0RE2Jw8W1uwc-0pa0h-0Lo6-0iq0NE&__hs=19640.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7288122896973284600&__req=1&__rev=1009123641&__s=%3A%3Aoyji8s&__sp=1&__user=0&dpr=1&jazoest=22023&locale=en_US&lsd=vFgxTVx9jb3KXcWRgtEVUx

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| googletag object| ggeac object| google_js_reporting_queue object| gaGlobal function| $ function| jQuery function| fbq function| _fbq object| _gaq number| _sf_startpt function| GS_googleAddAdSenseService function| GS_googleEnableAllServices function| GS_googleResetAllServices function| GS_googleGetIdsForAdSenseService function| GS_googleFindService function| GS_googleGetExpIdsForAdSense object| GS_googleServiceIds_ function| GA_googleSetCookieOptions function| GA_googleSetTagForChildDirectedTreatment function| GA_googleAddSlot function| GA_googleFetchAds function| GA_googleUseIframeRendering function| GA_googleUseFriendlyIframeRendering function| GA_googleUseFriendlyIframeSRARendering function| GA_googleUseSyncSRARendering function| GA_googleDomainResetUrl function| GA_googleFillSlot function| GA_googleFillSlotWithSize function| GA_googleResetAll function| GA_googleNoFetch function| GA_googleDelayFetch function| GA_googleAddAttr function| GA_googleAddAdSensePageAttr function| GA_googleAddAdSenseSlotAttr function| GA_googleCreateDomIframe function| GA_googleSetAdContentsBySlot function| GA_googleSetAdContentsBySlotForSync function| GA_googleSetAdContentsBySlotForAsync function| GA_googleSyncAdSlotLoaded function| GA_googleReallyFetchAds function| GA_GoogleAdSlotContent function| GA_CookieInfo object| GA_jstiming object| GA_googleEnv object| COMSCORE object| _comscore object| ns_p object| freshDaily function| onRelatedVideoPlay function| sleep function| kebabCaseToCamelCase function| OneSignal function| chartbeatFunction object| _sf_async_config object| conf_dict_list object| dom_site_information function| waitForElementToDisplay function| webpackJsonp object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| initNewsletterSubscribeForm object| L function| Cropper function| fbAsyncInit object| twttr string| SIGNUP_URL object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| __OW_CONFIG__ object| __OW_FLAGS__ object| __SPOTIM__ object| process string| __SPOTIM_PAGE_VIEW_ID__ object| webpackChunkzeffo object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions object| _fwn object| _fwnPerformance object| fwnPolyfillPromise function| _fwnRender_io undefined| google_measure_js_timing object| _gat object| pbjsChunk object| pbjs object| aax object| ADAGIO object| bliinkBid object| invibes object| mnet object| mnjs string| nobidAnalyticsVersion object| nobidCarbonizer string| nobidVersion object| nobid object| OneKey boolean| isFirefoxTPDisabled number| google_unique_id object| _qevents string| TiktokAnalyticsObject object| ttq object| FB object| _cbm object| __twttrll object| __twttr object| __OPEN_WEB__ number| __oneSignalSdkLoadCount function| __jp0 object| __buffer function| quantserve function| __qc object| ezt object| _qoptions function| Mousetrap object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| _momently_opt object| MOMENTLY object| teadsscript object| teads function| __SPOTIM_DISABLE_ADS__ function| avPlayer object| storageAni object| hadron boolean| __halo_loaded__ object| au object| __bt_intrnl object| GoogleGcLKhOms object| google_image_requests

63 Cookies

Domain/Path Name / Value
.blogto.com/ Name: _ga_Y8FQYHZ5SK
Value: GS1.1.1696898343.1.0.1696898343.0.0.0
.blogto.com/ Name: _ga
Value: GA1.1.1981056629.1696898344
.onesignal.com/ Name: __cf_bm
Value: o8RUC2XRiUrs7o6xVytP_ddu5bL.9HDPWy0lUYJKKkw-1696898343-0-AdtExzz3xwFSJ9gj8sKdS1jqy3vitOdaG+n+tcPVbsLNUAceaCbSIpAyjLWEQYHw0qXp51yL24aRoaRRJhJdfCk=
.blogto.com/ Name: fw_utm
Value: {%22value%22:%22{}%22%2C%22createTime%22:%222023-10-10T00:39:04.523Z%22}
.blogto.com/ Name: fw_uid
Value: {%22value%22:%22dbb607d8-3da3-44da-9df2-a2a807d4fef7%22%2C%22createTime%22:%222023-10-10T00:39:04.525Z%22}
.blogto.com/ Name: fw_se
Value: {%22value%22:%22fws2.71b18cde-dcf1-42aa-9463-9d7daf6a277d.1.1696898344526%22%2C%22createTime%22:%222023-10-10T00:39:04.526Z%22}
.spot.im/ Name: device_uuid
Value: a7d747d2-2b89-4216-b343-76780cc75d43
.blogto.com/ Name: __utma
Value: 5417440.1981056629.1696898344.1696898345.1696898345.1
.blogto.com/ Name: __utmc
Value: 5417440
.blogto.com/ Name: __utmz
Value: 5417440.1696898345.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.blogto.com/ Name: __utmt
Value: 1
.blogto.com/ Name: __utmb
Value: 5417440.1.10.1696898345
.blogto.com/ Name: _cb
Value: aDfprCs7wN7BZwgve
.blogto.com/ Name: _chartbeat2
Value: .1696898344887.1696898344887.1.CZApaHC0noj5DmVIp4B4gC_nDiY6u1.1
.blogto.com/ Name: _cb_svref
Value: null
.blogto.com/ Name: _fbp
Value: fb.1.1696898345030.2138698304
.tiktok.com/ Name: _ttp
Value: 2WY8qjPZH48G3Z1Jdhv9otXiIoA
.quantserve.com/ Name: mc
Value: 65249d29-68929-fa417-526e1
.blogto.com/ Name: _tt_enable_cookie
Value: 1
.blogto.com/ Name: _ttp
Value: HFUZoXWnav3hVFQxOymH-ZfsBY_
.blogto.com/ Name: __qca
Value: P0-1170434163-1696898345273
.blogto.com/ Name: __gads
Value: ID=bf2c6e6447f72856:T=1696898344:RT=1696898344:S=ALNI_Ma_vBIjwfjqA3SMMDDG7pzO1Fg4FA
.blogto.com/ Name: __gpi
Value: UID=00000c934c2fe158:T=1696898344:RT=1696898344:S=ALNI_MYMWnT5m5VAavgLU-sv17ghl1L8FA
.blogto.com/ Name: _ga_Z46FS9DEKY
Value: GS1.1.1696898345.1.0.1696898345.60.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUkeGkOV9Cho6B4bzJ1Uh6eEiDp6oYnAnNk7-E6DnF3QEDIp9skBFvtjHPmSO7w
www.blogto.com/ Name: mnt_2._vr_3
Value: 2%3B%3B%3B
.adnxs.com/ Name: uuid2
Value: 6300135777869648842
.casalemedia.com/ Name: CMID
Value: ZSSdKv8dTwVL0l6rBSwVHgAA
.casalemedia.com/ Name: CMPS
Value: 3223
.casalemedia.com/ Name: CMPRO
Value: 3223
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?bgIBPa!]tbPl1M>e)ZlrFUfJ+tGXxpSZ2H2iY1'T1>TKUN^e]IxOqRBvYvo!=TC.ya3If)y3KL9D3I?+M?(29t
.blogto.com/ Name: spotim_visitId
Value: {%22visitId%22:%22a7d747d2-2b89-4216-b343-76780cc75d43%22%2C%22creationDate%22:%22Tue%20Oct%2010%202023%2002:39:04%20GMT+0200%20(Central%20European%20Summer%20Time)%22%2C%22duration%22:2}
.doubleclick.net/ Name: APC
Value: AfxxVi6akvh4Ppfcf5wuT18EUmLjztsZi7FbUtpvwNglO8BFBMK0kA
www.blogto.com/ Name: mnt_1._vr_3
Value: 3727462482099712983.1696898346127.1696898346127.1
.blogto.com/ Name: fw_chid
Value: {%22value%22:%22RVMrqPZ%22%2C%22createTime%22:%222023-10-10T00:39:07.361Z%22}
www.blogto.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.blogto.com/ Name: _pubcid
Value: 64ae8623-f7f5-4452-b900-5e4f23721a83
.blogto.com/ Name: lotame_domain_check
Value: blogto.com
.aniview.com/ Name: aniC
Value: 1696898348168-945556496869-001642-010-000522
.ads.stickyadstv.com/ Name: UID
Value: 68ef39808514f4feb88ee558cfdc090
.ads.stickyadstv.com/ Name: pxId
Value: 1953
.aniview.com/ Name: 1_C_55
Value: 6300135777869648842
sync.aniview.com/ Name: 1_C_55
Value: 6300135777869648842
.go.sonobi.com/ Name: HAPLB8G
Value: s8571|ZSSdL
.csync.loopme.me/ Name: viewer_token
Value: c7bfaed9-e5a1-4c4b-8294-af073896e65c
.aniview.com/ Name: 1_C_9
Value: ffab7fb82a22ec4a8ac1a75d3272e2ba
sync.aniview.com/ Name: 1_C_9
Value: ffab7fb82a22ec4a8ac1a75d3272e2ba
.aniview.com/ Name: 1_C_42
Value: ZSSdKv8dTwVL0l6rBSwVHgAA&3223
sync.aniview.com/ Name: 1_C_42
Value: ZSSdKv8dTwVL0l6rBSwVHgAA&3223
.spotim.market/ Name: vmuid
Value: bf6ab2235e9097ad
.spotim.market/ Name: a323548
Value: 6300135777869648842
.adtelligent.com/ Name: vmuid
Value: bf6ab2235e9097ad
.adtelligent.com/ Name: a323546
Value: ZSSdKv8dTwVL0l6rBSwVHgAA&3223
.turn.com/ Name: uid
Value: 7957737046453556862
.amazon-adsystem.com/ Name: ad-id
Value: A8dT2vcCtELoj2OJ-SrrATo
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-50230977-47a6-4cbc-b8ba-1295573f91fe-003%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-50230977-47a6-4cbc-b8ba-1295573f91fe-003%22%7D
.quantserve.com/ Name: d
Value: ECEBCQGTKoEA
.simpli.fi/ Name: suid
Value: 74C797EF56124624825CCDE688411BE7
.spotim.market/ Name: a708476
Value: RX-50230977-47a6-4cbc-b8ba-1295573f91fe-003
.adfarm1.adition.com/ Name: UserID1
Value: 7288122917891078301
.adnxs.com/ Name: icu
Value: ChgImNQ9EAoYASABKAEwsbqSqQY4AUABSAEKGQihq44BEAoYASABKAEwrbqSqQY4AUABSAEQsbqSqQYYAQ..

21 Console Messages

Source Level URL
Text
javascript warning URL: https://www.blogto.com/bakery/luna-bakery-toronto/(Line 252)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://sb.scorecardresearch.com/beacon.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.blogto.com/bakery/luna-bakery-toronto/(Line 252)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://sb.scorecardresearch.com/beacon.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://www.googletagmanager.com/gtag/js?id=GTM-T24HWP4&l=gtm.blogTO
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://www.blogto.com/bakery/luna-bakery-toronto/(Line 2191)
Message:
Access to font at 'https://static.blogto.com/static/fonts/merriweather-regular.woff2' from origin 'https://www.blogto.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://static.blogto.com/static/fonts/merriweather-regular.woff2
Message:
Failed to load resource: net::ERR_FAILED
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.google.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://code.createjs.com/1.0.0/createjs.min.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://api.btloader.com/websiteconfig?bt_env=prod&o=5080945107927040&w=blogto.com
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEJICukL4ycfgkS7nldBLGCQ&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://api.btloader.com/websiteconfig?bt_env=prod&o=5080945107927040&w=blogto.com
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript warning URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Message:
The resource https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.blogto.com/bakery/luna-bakery-toronto/
Message:
The resource https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3a551e8029bcd1ad0e944437d768b62c.safeframe.googlesyndication.com
58795c286fa526ba7cdb7ca026b02308.safeframe.googlesyndication.com
a.ad.gt
a.teads.tv
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.pubmatic.com
ads.stickyadstv.com
analytics.tiktok.com
ap.lijit.com
api-2-0.spot.im
api.btloader.com
asset.fwcdn3.com
assets.a-mo.net
bcp.crwdcntrl.net
bidder.criteo.com
btloader.com
bttrack.com
c.aaxads.com
c.amazon-adsystem.com
c238b45cd8a437c87463f294271982e6.safeframe.googlesyndication.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn4.fireworktv.com
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
config.aps.amazon-adsystem.com
connect.facebook.net
cs-server-s2s.yellowblue.io
csync.loopme.me
direct-events-collector.spot.im
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
fireworkadservices1.com
fireworkanalytics.com
fireworkapi1.com
fonts.googleapis.com
fw.adsafeprotected.com
ghb.spotim.market
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlesyndication.com
gw.geoedge.be
hbopenbid.pubmatic.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
image6.pubmatic.com
launcher-sa.spot.im
lb.eu-1-id5-sync.com
mab.chartbeat.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
media.blogto.com
o.momently.info
onesignal.com
onetag-sys.com
p2.fwpixel.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
pix.spot.im
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
player.adtelligent.com
player.aniview.com
player.spotim.market
polyfill.io
prebid.a-mo.net
proc.ad.cpe.dotomi.com
publisher-assets.spot.im
r.turn.com
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
rules.quantcount.com
rumcdn.geoedge.be
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
s2s.aniview.com
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static-cdn.spot.im
static.adsafeprotected.com
static.blogto.com
static.chartbeat.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.1rx.io
sync.adtelligent.com
sync.aniview.com
sync.go.sonobi.com
sync.search.spotxchange.com
sync.spotim.market
sync.targeting.unrulymedia.com
sync.teads.tv
syndication.twitter.com
t.teads.tv
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.blogto.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
s0.2mdn.net
ssbsync.smartadserver.com
static.blogto.com
sync.search.spotxchange.com
www.facebook.com
104.18.27.193
104.244.42.8
108.138.1.25
108.138.17.40
108.138.17.46
108.138.17.6
108.138.7.46
108.138.7.54
108.138.9.235
13.32.99.105
13.32.99.42
130.211.23.194
141.95.98.65
142.250.184.230
142.250.185.194
142.250.186.66
147.75.84.158
151.101.129.108
18.194.124.175
18.211.77.186
18.214.104.9
18.66.112.59
185.64.189.112
185.64.190.78
185.83.71.234
192.132.33.68
2.21.20.200
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
209.54.182.161
216.52.2.6
23.35.229.251
23.35.229.56
23.35.236.201
23.35.237.56
23.56.202.187
23.67.137.210
2600:1f13:800:7782:763d:a432:e71e:5bc1
2600:9000:2057:9a00:18:1fcd:353:c61
2600:9000:211e:f800:1b:5138:8a40:93a1
2600:9000:223c:3a00:6:44e3:f8c0:93a1
2600:9000:223d:3e00:10:43f:4352:ad61
2600:9000:223f:8600:8:48e:53c0:93a1
2600:9000:2491:8a00:4:b37b:9440:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:3556
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::ac43:4e7
2606:4700:20::681a:346
2606:4700:20::681a:68b
2606:4700:20::681a:ad1
2606:4700::6810:5914
2606:4700::6811:180e
2606:4700::6812:d63b
2606:4700::6813:9f13
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2008
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2006
2a00:1450:4001:828::2008
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a00:1450:400c:c0b::9c
2a02:2638:d::a
2a02:26f0:3500:11::215:14dc
2a02:26f0:3500:595::2c79
2a02:fa8:8806:20::2100
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::714
2a04:4e42:e00::282
2a0c:5c87:5241::2
3.125.57.54
3.215.243.137
3.33.246.75
3.66.123.6
3.71.149.231
34.111.196.223
34.117.19.225
34.249.118.122
34.254.117.183
34.91.62.186
34.98.64.218
35.214.170.103
35.227.252.103
35.71.131.137
37.252.171.52
44.208.202.9
45.133.44.4
46.228.174.117
51.89.9.252
52.203.176.4
52.218.132.232
52.25.81.85
52.49.222.43
54.164.248.204
54.224.169.121
54.68.107.242
65.9.66.122
65.9.66.95
69.166.1.34
69.173.144.165
72.251.241.204
76.223.111.18
81.17.55.122
85.114.159.93
92.123.104.161
98.98.134.242
99.86.4.39
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01d37d4686c077abc9c6fce6156855d5c9b534ec7e0e22d7d253b7f0314f198b
02bc356eb76e07148556c04423a5b9fca14e665572e2b26a67ddd6e91f30f41e
02ce50443002f8b05aca20da10ad8ab431086d00d9f54f1c622c289dc4d1a4a5
036b8f00929d63f8cc8626fe9d3b711bcc43f67aadd3d739831cc1a211aca6f7
03a88d69cc5306d553a494e56ddc317cde9c41a44b8ec5e6572d1bffe18f4995
04d5c1c66afc282390c76698e0d250c73310e86544eff2c7cef8c4e3e30449d5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0595424161ea863805d9b92c0e52d7aa1e3c46ec58cd8f0d6933759006a5fb74
069f0fa2580bf07c83fe8ee0660687b669e38b625d0d7935e8d99f6aa55ded09
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06db1e97d5fbf48380a7b896d5f4648ff5d1e697ee405b2df07cb67606fb5c0e
078b2ee98beb7269ae3ea1e2b78277223b475ce904b15d959d3309a75ffcc8b0
08f7cff1275d692238eeafd58a169bd9e95ca5f49b64948acb2cb4f4fd27e12d
090b801ac43b5eb383164481cc4138c9e77b48515ffbe82b6cea2a3dbaf39f1a
0aaaceb366990eedec33d0da514f76c8b20a7ed698e5b92d921bdc37ee25a1fe
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b96c945b1fa26301d14649d61f104e76b6f548f742ce60c7b3e36ea4e99a059
0c8314a496dcd259d4962b8951f563fb204fc20dee6d31768dabdd16e459cfd5
0d7211e54b0841836bf368c1a45cdf789aa8f30c62be6f43f547b3b6fd8d71c9
0f243268b2a214ade1944799f72194d4bf84a19658d0bd2cd6a0576323c0714b
0fb18066726ae46176c82d96903be70aa13130cfbd86c7bc6ac50303faff45f3
1098d61f63968b5ef596c2a18a75d777b39696610b24bea2f52cac1eeb68675d
10ec41b3891bd83bab6b883981a27d7892782a8af05861f25bd3cb8c44c27945
121e87bb5ce2bab626ea6323133e867a71ac9a2d3282a466156149c56cf3e248
1241163426c4ab8fb08befcd763e68f564af7812711ea98bbf5a8b2a7fc138cb
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12df823ffd0780b75681323619a3289ce81323d0aa5a022766699c6acde1050a
1391a652cd39ee6569c9bc65607e05ac6f579308c2a085d8419da1c2347217f4
13a9a0c27458ad3b7c04f8c65734d82f8b55c012fbda4a7f0f9038d3adb69aeb
13d6cf242c7b57a34242190b526c15a2ae3b87de40fd55609718d41e10e45784
14ca40848d67bf800293dc093ca4bb1095f2093cc5b49eb04787ae8a2808ac2f
1527b716a084a56631f99a3bf619418bc570b527e25301f0fe9fcdfbc45523a6
157a4b06b826c6b0e3600cda297355fb5f72617928312c2a88187478125f7fe1
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16535deee5386a7bd6187aa2cdd631f3fafbc46db78c260fd95700f7512b7a6e
16a54696372b35f9f9c55857bf5415fa5d929fb2d3d879eeb094b512fb942eba
17566ae000c7d2c9c789b4bd6beb073ab414f62dd0431207714c8ce80519edc4
19103b4bf312768c55bd121f684b49e8a85008ada61ed982a4873323b504a9b2
1ac034a2969e4ae42ecbe9668b99468e90ae3556fc57b88cdda45fe1c1aae762
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1d93cf62fe4e9345c6babc3daad1957f801b0c56e39be078803a83900428072b
1fd4758251411d8b132349243c48e9fa888e6d99e8b002ca4e7762ea704cb531
211c5202d9ca4c12ec8ffc1fc2718748f961d92736b78c9383ee482063809344
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
22faf336d6a4ffc65e2b4c703d4c01056cdbdfe1af67e83a954274fc7bdb77a9
23d9eea584ebae7bfd4e41df1187e975547b9819804df73db54d7026a6f2579e
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
2487528f549e07da1ef9f87e0ef32beddba1d839f9a2058e7455fd177f02a853
25854529dfd80da9454358daf40864b45bc80b929a20f4093e9d94968e702905
25c960e6973d48c6e7a4f595992a62bef31c01831f03900cb812596232ad0798
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27860bbd92fc2f77d8f4c4b0c01ab7649cc8002ad183240e7289338d217b0566
28cedc5adecf88127594ec050de623389d03ada8faa8b92f3afdd73fb29e7ece
29818f1649bcbc5f650e74a39ede3535f341caa863bebcfdf6a43e2368dafe2a
2ab18b4ed2b880165b454d2f5c3e9783d7eea3a8e090502e49f4a8281041e965
2dcaa1b25e6ca3f74383aec53bc9e13045f959c4665427f1a611782d11596982
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ff7e1b42cf6a24deef86e871af090de1b994c3e3eded0ec5739725ff312b40c
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
30328f094f43577b5a948e0433f27f64102f1d3ce45b90e0320c618974ae2dc3
30f35dfe26352e21674cba1debc159f8546a9ca2c5e5d5026bf91447590941b9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33282533cc24514d5d9232e9b77c9068d5e1e8082478576fe1b3ccc1e6346800
343cdcef906fe4982aafcc55a8b6a2df176b9067dbc44ef7cc7da620fca7c10e
357cedd9dc32e67e4c8668a93270ccda0faeb3394233c9cb61458555c912ef16
37a34003fb8b5ce2d75a0dff478b3001f362f3ffd31087534aef3279e0ba44d3
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
387a8fc487fc3d10c734b00079b652de1271bef8dff6fcb766882e77adb62549
387d6d3023f2a5d73184edcf298aa1867ec4aa563049990e1da488195066c431
39adcb8492bfd92965aa2bb57eb2b5f7da7f78295dc565de2791ebfa5296dda3
3b0a75a6dc10383fd60a39c24dfa571d807444ff7d8711cdde77a8980d22b4f0
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df7ef31e8580d0dbac134e8aaa8321d2224df1c6f33cc8fd9d795cb163747ea
3e0e9aee59a8919c4ee9af9c84bcc909203fd3ffc60e2f40166738ce95f18324
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
43177c0da7d5c1d00724bc555f5714efddbc14722f6d4ac54829eb3bf3003632
437af9604de773de6150aff27bde1800e7a469935bca76a1f6bac5adf15b8c06
4389015248ad482bdb15fc61adff9eae30f0f02185d7fcd1eb54e34a082e2a0e
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44106fd9db6e577cf179be391a2b6feaa199b3cad396f157569737cc5a392ee0
4649d635fc0e0761db66bd0542d8671bf6f6fccfb2b9668bf6fefaaffa9cd65f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46c4a807a44b06fea1ec016132365b39deb80ad5d5b24631c61d60a9a7052e9f
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47c45acfa9580a3e8ed305945892d95bfef0e4815e12947e9e86bb786fd3c273
47cd44d492a4e589c6c5d62e14637d8f805657af3bb8fe5d0294d764374c75fb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d012e48d01bafe1ad92cce8c15a0395b3e61cf13255fc9411983e72cd04b2c0
4d0c930a651c31c3e7e55fe247530b5da4f470c233fdd473ab9c168e4a331ffd
4d15e7a88e23896dbbac9302c090e5129959fd10e7fdf728d88b4cdd6900c376
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3ef90c6df625cd4e0cb72b725bfd6f5dc98101da5eaa109fdbf9b5081cc3a3
4f1bf0ccf9c3cec4c13bd71ac9e5bd2bd3a77fd63029f626c90b3ded7ad20f3b
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
52515814e1d41cb4a5cb99f886bcd7a7862a0a1f608c2ba757d38de4c035569c
536bcdf7d6a133f69b6f2f082c53b8d84a92c61c3e067bcf4ea3b11727a7ae43
53afa4f03fb940df8dce7ccc9948204306781a7c5bc4801612dce3b9e4f1c414
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5801870e6b4db1a649de08f8f8d09e35e53787fe1ab611e79b2deade128e79ef
5862a40771dfb77dcd3b253b53a19aa19d9e7c47d4a06bc283ac7c57a4b7af2f
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d
5a2e4e0d9c3c9bf8456d9acb66f7e18c67b1786d4be4ee41d1241366f9e95ba3
5b1c04ef107237523cb7b3d130bee53a510afd282d540d5267a45b64045d8ef5
5cb55a19282949ab74b2d6552e07fa969ff3808fe38b7e00c5daa8a27e0a07ad
5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e463c30039e8a35f5ae73df025b65211361f9d38c4ff4245951549eacf45c57
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0
6075a0a2aa3990f73370c30d7e5410d1f46d76913e1c2fe285b61a18450e14bb
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
64a10429031264d6cf4a5773dc7c0fd8fd65e760e33f4f561b688e86bbe13230
661dafee20fc0fed2a44c98b931be80992e5bdcbe6d6eb924162c5396ae2ca29
671490ef750146408380729e427f51b3b3b508d6eaf1cf6e089bc2120d27dd4d
69fcbc10685c946e921d8998d001c80ca6526e7bdb622d0de1ae2b2a52be098d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6e3154de017550f72d913eb2b8e5576348d9452a0bc4f5ced470bd22744b7f2d
6ede17bc5125e51adae2276f83fdf13f17522ab5e0531993f6e918b13117e069
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6f8148e9429a21205ca6bc71c8987e8f0495ed56f6cb7b17a0063ec657657f8c
70719b44d4bf56d563da3b9585204780fd9fe97ad312fa004a886501ee375a3c
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
71329c9b4391abd32ee3fbdb7c27811f394f42a5f96d2a4616274e5ec8b08be2
71b557942694d032d2f95f529acadc3a764fa01e6afd8e948c459dc23437835e
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
72184684ebb1471e42b550d4188b0fb3d663b13367adcf4352eb788ad5539a22
736a32b4f4dba8d4777e9ae99e095a5ecc6db00f121a2d89f3296a5521dbebd2
743d23a83f13080779947faf2b8ed4857bb9d0980c23e44678aa2df2a65386ba
74483da7f1d55d008c9adf882fc22a26a5acb505e5bc7f8dec2fb23a37b06c95
7456261de4f1cc0176d6fc11e939616420eff75243df25d2968e3dbf907b56cb
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7475ed67c86cbb577d1e88c08770cecc181cda9c652256f1ab74e85a51ee1ba5
74db8bb2b27c5f3d1f9f9de3b2f72a8c0e9366f81f8f443378a1bd087357c1a2
760be05035c413a0a8b4f236087a0738496e1147e7f955c3471bebe0001c417b
76d8d86da2f5b73d7a58094ba3307a1001d2b8cfa3729259e1362fde2ece3622
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7803873001f00b8bdc5efc897f77f6064c8b0e66b20faef333b2832930612f01
7a36910e7773d4d98113eb1d4975a70bbefd257cf246669df97e0c4ab038cd76
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7c43dbd339fa29c64002ce5d60b9b52ea3df1a9019fa9d514d1b862ffaa0ef83
7c786cb14f080d178e56ef576a1d88757f933ec271aab2c3227af3596317a7ee
7c9d7693c1c890c7ef6acb44503d90e8ff96048ac861958db5145eb03e1fbf0b
7d32428e9c5952c382e8f4002f3749c82d782672fedb85652c015526385f03f5
7dc83d2b2def26d111d9fad25ab064d7ec712e6c604334b01a5eaf6626abe75c
7e1435bc5fe0f70c6edbfa69415c77c3c2a350742e74fb7f83ca21be62695b87
7e514d38f025dee832c3c129b2f5462dc1bbf68ae816a23262d4a0aac7d50aa8
7e7c7d921df5c0de23ffce0d794f20c84226e5e508c6f5e075e6944945e0fe82
7f1f0c01e67e3068dca57d02a59a7a122d0105cca80121f34e92d6d9e12b9eba
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
81a12caf8ddc6a1365b530411369c2e44dcc496074bd6957d79fa53ea9c2fc65
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8374977b079d19ee5ec4f69a9aef62152cc6c0c4f39c4a3809d8e3bf2922bbc3
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
856377fde78e4bdc57703db6457f6e243db704c135a4829e1951185173cec9b7
868a90c8d90118ba24a45aba34b91bc63ed80255733acd5fced944cad8238919
87ec59758fe234344499e963b0b78919e75507c00f7d629746cd3219974959fb
8830fb6f3f48ec331c4eb729a181e5a21785e97d9885791af90f5cbcd24c84e2
885716c3681ae2ba93757fe434fa72fd335116dee9ee727fafae7fe91b3fe968
8871f9b05daa2f0679fdd3584a3fa8e263ba2c7782111f964bd8992749116929
889ab174b29277cb3129e6b238682d4b28f2a479456a6171d7e1ddf88ebd6d92
8974257423ee2e13d61df1c0be5bec1319a51019fddb79fc29462cd947c0a9b7
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8c4596ed3bd6148cd57f319131af517412b230427fcf6a9ecd36cf81e4323b73
8ca4dd01d1d8c5af51269340b33c8433fcabe755a19145ed33bc1765be7bfce4
8cd6f7b36a628b09c711a2650f33eae7cb688639d08b74c8be1b772b48ed96a6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e001aa51b4e31f78dbc6884ec502cc6c8855d8b24beffc8e071608614232e37
8e95e30325817581bad0e680f1e0f6a1e32bc25d2438a60b26bb7e160ff94d2d
8fc89f7dfdbbb53e1206c74da9b618a6f93bba6521d7accf89d005589c907c0f
8fe4c73c03f0423d75be50f798fd02a5bd1bc9d8c346f559dbd1901a79b9e004
905ee24c7a31f468137514814f8697c6ee0c9fd6b43aa0e817c4e731150d791f
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94206037fcdcc394648b3bf986bdc42a23056f499a26859dff22ec3c59edaf9e
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
9545b52eb558eb7d63a5881a02e7878b4af4d46d54dc20d1b2c543797878c535
964e6b87e7c76a069a86650b904648737a173563e099c9ca81934d02bc2fba8e
97496b2665be0b9abd2a59bc580114dd8749cd889df063adfd52078ff11403f6
976e4b3c715c2e1b097b67bf0fe4b76ef91878e2a0c523d8992609537d2175ff
986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875
988f8a187e8294e06a72ca9a5164c0716ccdec713e0f4db7e982e6b955bd8178
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae93204e6f56e5165c67884e09048f19fca83cfb6c8302098328a6f3ad00a7c
9beaca4fc10363e8d4b27637f7ed2418e008b8d265c91e45fa4351f35eb3b317
9d2279c20b628cf8050e193b6099cbd98ae75a282acc0d7d98d411741936f88d
9f162ce21592b6691efb06759c754d5a7c5c281eac6b59b9358eb2e8304619b2
9f87e7118373094e7151d57fc105e5c2c284ce3cb3b55cdf0adc7593fc366eb7
9fa48a13434253e43c7a1ba7d0bbf4828afd1d6081868c8338a4be5a1e2effc8
9fcb46b2dc408ab6cf59a367f4090a6f5f892d44a0f725dd82ed404797b5bb6f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00cfc6b02ce49da3c5be9f93f1a0d92091fe3f201165b1f6723b89e87db56ad
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a122fc2dffcd8565cbcb6ff53c83b0738c6cafdc6c410a9272bd360e1f0e2907
a2d1fb496c17e4a1d234944ea0c4c3efa22e98b45685736d464fadccdb591346
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7c85eceb8c8f8da6573aa5561dd2f62ca9163296df703a231bb6ddd7e0b605a
a82819baeb35e91d6f9071fc4a81f6c3196a01c23715377ceb9ce89768fffa50
a845345cd977a6543894b1938de5a4402b99900ded07d4f4dae618bd6038aa1c
a86b434f76ebfa992699afb4bae79a3528b97c0426d831ae60046d09b63c761e
ab1fa00bfd11518bbc974adb4d3502c7fbd44eaa3103f29de71e2dd45789faef
ab546eb3c1f0d36c9af7d2aac30b3dff73c93691b4bade217df522a260d4b138
ab6875ed4c1b203f3f0b89314e3ea0ca6687a9e0fa8a7463f707134486c9a0c6
abf9f1e60c38cef91027437a6cdbcd914fddbf5b599c3e52f85ec0434c6081f3
ac31ee81bea22e7ae83392d77f400ebf7f91e468b2b154c9e5f9596d56d0bea0
ac7537a17e404695f67e2e19693f59b5cf941af74a426fabd749d2d8012ace8c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac9cf2c6d068439fdf335c59f39407a516757394c5ba7b3d275ae8524e2bd16e
acb594812772a032a8a6d937d0caa3896156d825b7f03169c5b0b6cfc15fcd73
ad78d3049e9946374dde6c6e02b03386f29c483d7633a63030e0c7cbb3539e33
b05bfaa39d48eaeedba31bdb1ab40438529ef39eac030e203dfaafad10cfd1b3
b08ee4f76b058a3366c880dfa532b787e9688628e70d274315f5b54047f0751a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b151aa3d07143e0caf0150faf6eeb78f9869493f8eedb7ae5ad677194b5c39b4
b23543d16101531b886bae44aeecc20f0e1782e9ed31fdbcf295fa9c93602af5
b56542256f067f68cd0115c9947cfdcc78da05c3b411535f82f1b75c46fd20bb
b769093a19d592ca037d008dc4c9093c775f9aabe3dd94d8c5667f4ce678fe56
b7dcc6281435fa895e69d4a3b08c50ef3fc121828e9b765215ead6b7ed72f09c
b83a0656c5a202c0aba5b14950ddb6efb36414a7fa1e6431a41fadeb3e1f9bcd
ba7744908c14a049d68ec99a017ab4e54b0c2a8afd716a357b3f5996c9f46dbd
bafb8f939a31c8051567e11c9cfe86e6f54aa5c989f63ab8aa815bc780de5aaa
bb1fdc119c490db48b190a61af5096aa5f02832c39ecaea7001d95859d9e1898
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb960a2c7a44e25d8a89f017a9786d66eff2d2b9c8c02d086dd4f66c8c40155
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bce778572057ee32bb544cab2e1e9b3356379a57b0666f16939bf254d99d2e68
bd1586528a16384635aba918b665e59acb7df92eda64289f1b352053b3dfaa98
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
beffd17263cd14248eebcc06e351d7efe6299df462d5356bc5445d354bb21e33
bf5a5cfcdc9ccc4d0219f66983e0d6e5c835251ff7a68357b081af49e17f2011
bfe8d1e906a6f97906f9d41a502ff80816fc0a84787076107dbeb8379fe983ba
c065c958c870ddd04bca9749c517a4465563aaf8b8a57babffb356bd60a44b4d
c0cb6e13f34b140c9abd105219cdb12ad765c19d03b6a6477ddf2caa179e53d5
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5541794665f1c9043ac86bb924aa0558ff75f94600c9a9d81379c42367cb0a0
c5585f8c49b390de63411ef267d0241bfbf13a4a95f6a95ea73765b76c416635
c7415cba464cc2277879d8a46ba2e72860777ee6311d1665deb078f0ca04972d
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c96b67edd277b9d12add863bf157c68853eb1429929972195f629cddc8b6b48f
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cc99a7c3d00df09293cb18360d00c7e19c72bfd8f97a2293b4081c9da3cc88dd
ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a
cef27b207924de7d3e5109014718dec9661bca2062d948c349be4cf6a0ffc1e4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d078e14db3212424bf96b19b3670ccfbe56b10d080f0b628de33670588b1737b
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d153b2b8a32200a9491a23c25e7d6888ebcc96ed23841005d0782c52d046a887
d3896897e8db9c2fe1a35e5bda5eb7085be5846936ccc6d1cf5d425ec324d3a4
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d786bf4b4abb3053f46344d2ff42504311ce2409a03eee695da0834d0f7667b1
d7a412d6ec874a81ee7cdddd421b3cc976b7908139b8bfd36b4687b29eb2c295
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da113d5c8af5bc0b2ef4a2ad0f7111caf9374be70bb5ee17ea2149bb66ae6ad2
dae198bf28ccb316d8dbee5edfe5097cd24a6211bca5d2bda0314c4c2ebf7641
daf324d513de2e9d717b5c75f73c4828075a15ee02887ffca9e433ceeb2e3bb0
db4e40b5540d66095d71835c638cc4acc67c8e17a2371228b98231d4419931a6
dcdb8c55c8e5bc637bf94e6e3b3a8014d8fa2ce825a09bffaa91ddb202750fd4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd4518640ae1f3fc362fb0b666738cca6100c3fc775909bc8ff41dd8810c7b53
dd625e5fd8fc3058566964a2f467e314adb5e2d1a2aaf7fc8f3f59272be927ec
df4a485ef7990a68074ce4b99c3ba7fa1666cb33bc312a3f7d9ce2653c5a0849
df9cd6e555a4f9e8a56e6e46787d6af020cb9cb4d044e90576f8574aac115099
e2502db2ce3d5345fa38fbab7f1af8a3739e9096debacc7d8bec8361edc7b60f
e2b1353ec42c26a50c5f47ee2bacdc5cb8a964fb8ce6ab58c8da0d9eadf65570
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e525d4d8511d9acf82bf903f3fe8bd42f0f56bccbdfbef47cd80832a9c5c8f90
e568495376a86fc75544b670bedaad2825f9d913a65e3826a8e80aff934b145e
e57e4530e1485e779cf6831af4f943e87f0c2f6b9c73a5a3218cc265a96cefcb
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
e9aac8f368f0627c43d5c9bc1602eaa1c7a786e19be2831e7aed049154b57704
ea76dee032f8d0a126a3f4d9fe042a3cc9606284b64e5f758c84e8469b7417a5
ea8cfe0496b40adf85b240134c1c595e01abb11c15f6660d9a60248ad2fff881
eb580236f5f05da93521702a73d1ec14ee1260eb0a8ac8b63908b2dee130efa6
ed4d586ee6f39350c8d3c9f4d28fe03707c737f2565e0c4b91c2bb665677af12
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09d039bcebf600f7ca6668936d3e817b05928d8da0bf35d149107124bea1c18
f149423f67ceab2e28ca0b092dc80f612b3ed93a067b80641bf8c37f5eee06d5
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f5015ee440c02bca300bca5995e7372d53ff8ed6de9da75d94aac5107832ac0e
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2
f73697f7baf4be75029ab4db40d564c3c92263211da7960a992249536168e047
f8054d353b56f10afca3b1a6d914bcabb99f8872e15817d18020687b3978aa3e
f83b11be8add7edf935e43601ad69f2b916c3b37270e4544c2a902ea91d7c2ba
f9f1da66dcb2ea5d6555967c329a1df7e1d7d8d3c3a37129fdb6762312e78715
fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca
fca1e63ba63c621bd26786262371a997c68e26819b1a468bd4343b93937687d5
fcbe779ec8f02306de65b4e0bfaae4f14c3ec101f7e01bad8e0778f8186fab8c
fcc98777444a7e0412cee876c71e6f2a3c939c24a220a7f39123f2bf451ab421
fd24aab83534d0aed9a029d566be23ccda791fd0e57c17627216c9eb1fd4b4cd
fee3864ade0efb63463216c1d948e3f6ce4b856def993aa107faa2ba7a059969