www.theonion.com Open in urlscan Pro
151.101.66.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.theonion.com/
Effective URL:
https://www.theonion.com/
Submission: On July 06 via manual (July 6th 2023, 8:46:13 pm UTC) from US — Scanned from DE

Summary HTTP 333 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 66 IPs in 9 countries across 46 domains to perform 333 HTTP transactions. The main IP is 151.101.66.166, located in United States and belongs to FASTLY, US. The main domain is www.theonion.com. The Cisco Umbrella rank of the primary domain is 102803.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q3 on July 25th 2022. Valid for: a year.

This is the only time www.theonion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 74	151.101.66.166 151.101.66.166	54113 (FASTLY) (FASTLY)
10	151.101.2.166 151.101.2.166	54113 (FASTLY) (FASTLY)
2	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
1	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
13	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	99.86.91.43 99.86.91.43	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	104.18.10.47 104.18.10.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.224.192.181 13.224.192.181	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::681a:932	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:205... 2600:9000:2057:c00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	34.202.96.43 34.202.96.43	14618 (AMAZON-AES) (AMAZON-AES)
1	35.153.244.124 35.153.244.124	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
1	54.237.67.213 54.237.67.213	14618 (AMAZON-AES) (AMAZON-AES)
1	52.84.174.45 52.84.174.45	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
3	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 7	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
2	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.155.122.7 18.155.122.7	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:224... 2600:9000:2240:5000:1d:8c8c:47c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3 17	54.246.204.72 54.246.204.72	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
4	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	52.57.42.51 52.57.42.51	16509 (AMAZON-02) (AMAZON-02)
4	35.71.161.21 35.71.161.21	16509 (AMAZON-02) (AMAZON-02)
4	3.75.37.27 3.75.37.27	16509 (AMAZON-02) (AMAZON-02)
4	52.213.55.169 52.213.55.169	16509 (AMAZON-02) (AMAZON-02)
1	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
4	52.59.41.160 52.59.41.160	16509 (AMAZON-02) (AMAZON-02)
4	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 5	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.222.139.109 52.222.139.109	16509 (AMAZON-02) (AMAZON-02)
2 4	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
33	151.101.2.114 151.101.2.114	54113 (FASTLY) (FASTLY)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
6	2a02:26f0:480... 2a02:26f0:480:9::210:ee0e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	2600:9000:223... 2600:9000:223f:1e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:21:... 2606:4700:21::681b:c258	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	130.211.44.5 130.211.44.5	15169 (GOOGLE) (GOOGLE)
19	2600:1f18:1ac... 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529	14618 (AMAZON-AES) (AMAZON-AES)
1	13.249.9.70 13.249.9.70	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.6 18.66.147.6	16509 (AMAZON-02) (AMAZON-02)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
333	66

74 151.101.66.166 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.theonion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.kinja-img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kinja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.2.166 (United States)

ASN54113 (FASTLY, US)

f.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.theonion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.91.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-43.cdg50.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:932 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kinja-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:c00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.96.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-96-43.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.153.244.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-244-124.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.237.67.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-67-213.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.174.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-45.cdg50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.166 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.155.122.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-122-7.cdg52.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:5000:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-magiclinks.trackonomics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 54.246.204.72 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-204-72.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

56f3afd73e0a2f73f7d1fdf206b8f59d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.42.51 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-42-51.eu-central-1.compute.amazonaws.com

krk.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.161.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac9557e2e67bd8033.awsglobalaccelerator.com

direct.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.75.37.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-37-27.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.213.55.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-55-169.eu-west-1.compute.amazonaws.com

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.59.41.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-41-160.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.21 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-109.ams50.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 151.101.2.114 (United States)

ASN54113 (FASTLY, US)

c.qz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
qzc-assets.qz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:480:9::210:ee0e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:223f:1e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:21::681b:c258 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.plyr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.9.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-70.cdg53.r.cloudfront.net

fr-actions.trackonomics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-6.fra60.r.cloudfront.net

trx-hub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	adsafeprotected.com 3 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 743 static.adsafeprotected.com — Cisco Umbrella Rank: 624 dt.adsafeprotected.com — Cisco Umbrella Rank: 542	600 KB
33	qz.com c.qz.com — Cisco Umbrella Rank: 191153 qzc-assets.qz.com — Cisco Umbrella Rank: 538902	3 MB
33	theonion.com 1 redirects www.theonion.com — Cisco Umbrella Rank: 102803	723 KB
25	kinja-img.com i.kinja-img.com — Cisco Umbrella Rank: 25331 no.kinja-img.com Failed	202 KB
25	kinja-static.com f.kinja-static.com — Cisco Umbrella Rank: 31382 x.kinja-static.com — Cisco Umbrella Rank: 29635	328 KB
24	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 ad.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	192 KB
15	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	83 KB
12	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 482 tps.doubleverify.com — Cisco Umbrella Rank: 510 tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 8846	327 KB
10	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 719 gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102	15 KB
8	pubmatic.com 3 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 575 image8.pubmatic.com — Cisco Umbrella Rank: 738 image2.pubmatic.com — Cisco Umbrella Rank: 1036	1 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 56f3afd73e0a2f73f7d1fdf206b8f59d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	41 KB
8	google.com ampcid.google.com — Cisco Umbrella Rank: 2261 www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 113	3 KB
7	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 603 match.adsrvr.org — Cisco Umbrella Rank: 383 direct.adsrvr.org — Cisco Umbrella Rank: 3794	2 KB
7	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 353 aax.amazon-adsystem.com — Cisco Umbrella Rank: 438	64 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	355 KB
6	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2361	157 KB
5	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 257 secure.adnxs.com — Cisco Umbrella Rank: 469	86 KB
5	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 646 eb2.3lift.com — Cisco Umbrella Rank: 422	2 KB
5	casalemedia.com 2 redirects as-sec.casalemedia.com — Cisco Umbrella Rank: 2024 htlb.casalemedia.com — Cisco Umbrella Rank: 642 dsum.casalemedia.com — Cisco Umbrella Rank: 1666 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	3 KB
4	plyr.io cdn.plyr.io — Cisco Umbrella Rank: 13020	9 KB
4	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 4054	2 KB
4	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 1134	1 KB
4	kargo.com krk.kargo.com — Cisco Umbrella Rank: 3372	3 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 1077 api.btloader.com — Cisco Umbrella Rank: 1148	7 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	169 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 274	70 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	73 KB
3	google.de ampcid.google.de — Cisco Umbrella Rank: 52173 www.google.de — Cisco Umbrella Rank: 4752	884 B
2	trackonomics.net cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 6748 fr-actions.trackonomics.net — Cisco Umbrella Rank: 12518	28 KB
2	ml314.com ml314.com — Cisco Umbrella Rank: 1974	11 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1168	1 KB
2	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1051 ats.rlcdn.com — Cisco Umbrella Rank: 2652	73 KB
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 500	347 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 162	3 KB
1	trx-hub.com trx-hub.com — Cisco Umbrella Rank: 6717	447 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 2056	609 B
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 552	894 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1242	201 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 325	17 KB
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 6008	168 B
1	liadm.com idx.liadm.com — Cisco Umbrella Rank: 3223	313 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1447	15 KB
1	videoplayerhub.com 1 redirects kinja-com.videoplayerhub.com — Cisco Umbrella Rank: 36216	461 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 689	16 KB
1	kinja.com kinja.com — Cisco Umbrella Rank: 29117	1 KB
1	speedcurve.com cdn.speedcurve.com — Cisco Umbrella Rank: 5875	8 KB
333	46

	Domain	Requested by
33	www.theonion.com	1 redirects www.theonion.com
25	i.kinja-img.com	www.theonion.com
21	qzc-assets.qz.com	c.qz.com www.theonion.com
19	dt.adsafeprotected.com
17	pixel.adsafeprotected.com	3 redirects x.kinja-static.com tagan.adlightning.com
17	x.kinja-static.com	www.theonion.com tagan.adlightning.com
15	static.adsafeprotected.com	tagan.adlightning.com www.theonion.com
13	securepubads.g.doubleclick.net	www.theonion.com tagan.adlightning.com securepubads.g.doubleclick.net
13	www.google-analytics.com	www.theonion.com www.google-analytics.com tagan.adlightning.com
12	c.qz.com	tagan.adlightning.com
8	f.kinja-static.com	www.theonion.com
7	ad.doubleclick.net	3 redirects www.theonion.com
6	cdn.doubleverify.com	tagan.adlightning.com
6	www.googletagmanager.com	www.theonion.com www.googletagmanager.com tagan.adlightning.com
6	tagan.adlightning.com	www.theonion.com tagan.adlightning.com
4	cdn.plyr.io	c.qz.com
4	gum.criteo.com	2 redirects tagan.adlightning.com
4	ib.adnxs.com	x.kinja-static.com
4	bidder.criteo.com	x.kinja-static.com
4	tlx.3lift.com	x.kinja-static.com
4	hb.yellowblue.io	x.kinja-static.com
4	grid.bidswitch.net	x.kinja-static.com
4	direct.adsrvr.org	x.kinja-static.com
4	krk.kargo.com	x.kinja-static.com
4	hbopenbid.pubmatic.com	x.kinja-static.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	adservice.google.com	tagan.adlightning.com
4	aax.amazon-adsystem.com	c.amazon-adsystem.com
3	tpsc-ew1.doubleverify.com	cdn.doubleverify.com
3	image8.pubmatic.com	2 redirects
3	tps.doubleverify.com	tagan.adlightning.com
3	www.googletagservices.com	tagan.adlightning.com
3	cdnjs.cloudflare.com	tagan.adlightning.com
3	tpc.googlesyndication.com	tagan.adlightning.com
3	www.google.com	tagan.adlightning.com www.theonion.com
3	static.criteo.net	tagan.adlightning.com x.kinja-static.com static.criteo.net
3	api.btloader.com	kinja-com.videoplayerhub.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	c.amazon-adsystem.com	www.theonion.com c.amazon-adsystem.com
2	dsum.casalemedia.com	2 redirects
2	mug.criteo.com
2	region1.google-analytics.com	www.googletagmanager.com
2	ml314.com	www.theonion.com ml314.com
2	www.google.de	www.theonion.com
2	ad-delivery.net
2	match.adsrvr.org	js-sec.indexww.com
2	imasdk.googleapis.com	www.theonion.com tagan.adlightning.com
2	sb.scorecardresearch.com	www.theonion.com
1	dsum-sec.casalemedia.com
1	secure.adnxs.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	eb2.3lift.com
1	trx-hub.com
1	fr-actions.trackonomics.net	cdn-magiclinks.trackonomics.net
1	geo.privacymanager.io	ats.rlcdn.com
1	fastlane.rubiconproject.com	x.kinja-static.com
1	htlb.casalemedia.com	x.kinja-static.com
1	56f3afd73e0a2f73f7d1fdf206b8f59d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn-magiclinks.trackonomics.net	tagan.adlightning.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	ats.rlcdn.com	tagan.adlightning.com
1	ping.chartbeat.net
1	s0.2mdn.net	imasdk.googleapis.com
1	ampcid.google.de	www.google-analytics.com
1	api.rlcdn.com	js-sec.indexww.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	idx.liadm.com	js-sec.indexww.com
1	insight.adsrvr.org
1	static.chartbeat.com	www.theonion.com
1	btloader.com
1	kinja-com.videoplayerhub.com	1 redirects
1	ampcid.google.com	www.google-analytics.com
1	js-sec.indexww.com	www.theonion.com
1	kinja.com	www.theonion.com
1	cdn.speedcurve.com	www.theonion.com
0	no.kinja-img.com Failed	www.theonion.com
333	77

This site contains links to these domains. Also see Links.

Domain
theonion.com
avclub.com
deadspin.com
gizmodo.com
jalopnik.com
jezebel.com
kotaku.com
qz.com
theroot.com
thetakeout.com
theinventory.com
store.theonion.com
facebook.com
twitter.com
www.reddit.com

Subject Issuer	Validity	Valid
*.avclub.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-07-25` - `2023-08-26`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-19` - `2024-05-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-07`	4 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-06` - `2023-10-05`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M01	`2023-02-21` - `2023-10-29`	8 months	crt.sh
securedvisit.com Amazon RSA 2048 M01	`2023-03-01` - `2023-11-26`	9 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2023-06-13` - `2023-09-11`	3 months	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
ml314.com GTS CA 1D4	`2023-06-07` - `2023-09-05`	3 months	crt.sh
*.trackonomics.net Sectigo RSA Domain Validation Secure Server CA	`2022-12-01` - `2023-12-01`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.dev.kargo.com Amazon RSA 2048 M01	`2023-02-13` - `2024-03-12`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-19` - `2024-05-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M02	`2023-02-22` - `2023-09-24`	7 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
qz.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-05` - `2024-01-06`	a year	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
cdn.plyr.io Cloudflare Inc ECC CA-3	`2023-04-12` - `2024-04-10`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.trx-hub.com Amazon RSA 2048 M02	`2023-01-21` - `2024-02-19`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://www.theonion.com/
Frame ID: D84FCF8D72EA6F6137A9C8818F9D523C
Requests: 219 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.579.0_en.html
Frame ID: 4912D2F043D14617493E80A8D4F3F068
Requests: 1 HTTP requests in this frame

Frame: https://56f3afd73e0a2f73f7d1fdf206b8f59d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 60F92983CBECC01846499EBC4E190E55
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.theonion.com
Frame ID: 8AADCA51181ED1B757395EE7536B6F6A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CDEE8F780437D26FF66D96FB560734A7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 997AF0AEF05B73D29463A0F0DECEB273
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8DUpeBdGzPcRWV-dBJCgEItYW_V8T73WqX9gG75zD8ziQem58fJvAm74sSKdYapy8NA-E2qMeU6bccmv0XMhy8iltHn5dCR0yXdKZS8xPX5XiXihd9Ue0tlhUA5fVamDpoAk0_osqCwHAe5fVbLtaqZLN2dNQ46r4aSMkWf5K9ShZfZSjj8jYCVCazZ-mXamNJI9_oxYztoIBeNoC_AgeJqEQyVjEThGpDIYpmtmKTPKumHztLSRaGXFr-aK_V70aZ12KmUK4qP7YJtyHTr5cfxaDool1C5UzZDoXYR1g6GlFS43obUTdZb3txnovr2jn2whgw0IxqlS0IdCQ&sai=AMfl-YQqb0D2tsph_GScgzykRiu6SHKXIdpAJihtrhyMGqowzSNHFoVPNLLsqMVxxAlMCj-jOvl15m9GOv0qmkYD5hfxSSgjudCa1CnV3E6i1EMlUbO4aF_VwB9kCXijNC4&sig=Cg0ArKJSzBIAyuHBNoOZEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D3CB8A30BDC35A1E6B43AA4B9354704F
Requests: 32 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931294&campId=1600x520&pubId=72487178&chanId=22405397127&placementId=6314551905&pubCreative=138436347090&pubOrder=3212079107&cb=873580468&adsafe_par&impId=12d9af4b-1c3e-11ee-8ff7-02c790015d1e&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-02
Frame ID: 6AD1E1A934899F6B9E68D57058BB3E3D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4122.js
Frame ID: E0756BD7E393B4747476928DE3C95A8D
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYL2ZQDlsZopvDwSpgb5sCzLSAlIdHzwQtp0oDLxiBHbX9OGxR3kQ37HXvR_JnVZFOR9_9-WOEZ9_drd884bjPpqhQXVbRtSdIoNw6r--7sWu0akXCSLuzKGZ6IzYeGdpzqxI0WXI7fk_1AcFZ_sqmh49QSBz2w0Wi5yRe9idliJMqh6NpFBo_4NYqqjOwFTb8BSUljAWDs4V_alve9W2AdcQ-cyik_LSLvnI5nyVT8hzyLRD_e_6LdLAdqNS-m44pjZMmmDP_Ho8JXnqs7COOwuI_qgMChMXnk0OJYb8z1WBauc1Iun56MalDTck7iqJ0PmBV0025Eqfe5p2S&sai=AMfl-YRA-zLU1Q71Iy45QeBmC-Mj7WMbn0Gb8hmZ8ZpvTbt3ihRsukuNCIV94H7IlNrw9znVCI6Er9O2WyLGALre3XgBLNCKiMnrq7EAQQcuFNC7SF7UWON9DHEcr7TgLYY&sig=Cg0ArKJSzL8j0OEslA9AEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4BDD978D9AD88946828E0FD324320972
Requests: 27 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931294&campId=1600x520&pubId=72487178&chanId=22405397127&placementId=6314551905&pubCreative=138437127990&pubOrder=3212079107&cb=577084310&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-01
Frame ID: F7F41578A2289C8F41EF85CCC62AA40F
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4122.js
Frame ID: 0111DD19FF00081ADDDD0D2D1EA111E9
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 965986CFB0169A7FCFFC05941AF6DABA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1GR4nlbLXdPsiDItLHEY7nfTmBRhHZiW-gSQA3CEk858XNz8qTc9amTu8tMXH-eI9UY-uW4ZSwLHjWesAxQWp_-uwFBr3PfGP910BQhp_pTyHFZpcR1c_CtIz3CfB22K-hiYEZWYI5MaldL6crZkWDW-Tq4SZZz54iXoaqkrg9EeoGtM4sY80DXK1P1n3IEIvgJSuDSEFpukvduJNIIzfr7cu05xy6klDEkKSa5aBqLYB_rac3fD8NfeyjBVKOrFBh_V5M78UmWtKjgGXyU7hWUAeLHeaeKmOM3kacYMg7EonHpx5l_43lli2MpDDIQzw5Z_Ixyot99ylx3UM&sai=AMfl-YRh9PsDmTmziYadJXH1_OFGre9X7mJM3_LmEM3qz3WoBA9VaakJRiAeAn2zQS3YxfM_-1-n5Ab_KUqSsGLoOQ3S6apV8uUgrpUSOWgxo60Rjmn9mEKuopFTF88-j0Y&sig=Cg0ArKJSzDbyGxvdNBthEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8741A4652980E0433A5B34DEE96279AC
Requests: 27 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 0BCF9CF49FA88F87F5AECFC220833A35
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931294&campId=1600x520&pubId=72487178&chanId=22405397127&placementId=6314551905&pubCreative=138437207397&pubOrder=3212079107&cb=1514643184&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-03
Frame ID: 9EA036C32168715B2B0C1ACFEDBD07B5
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4122.js
Frame ID: 86FDB54490D9BA8BFB0A150E7FAE54EC
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 685B0A921E66354BAB24C062376D418E
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 962847A9D8692C2F08FD9B6AB5CA5205
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com
Frame ID: C9BBEB42BBBA9CE61C1A98A0130DAD20
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: BE34C1CBB7581E4CBE3919816CE9DAE0
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8D06FF9803AABF41615702C78337FE60
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Onion | America's Finest News Source.

Page URL History Show full URLs

http://www.theonion.com/ HTTP 307
https://www.theonion.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

333
Requests

96 %
HTTPS

44 %
IPv6

46
Domains

77
Subdomains

66
IPs

9
Countries

7132 kB
Transfer

19450 kB
Size

42
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://theonion.com/
Title: The Onion

Search URL Search Domain Scan URL

URL: https://avclub.com/
Title: The A.V. Club

Search URL Search Domain Scan URL

URL: https://deadspin.com/
Title: Deadspin

Search URL Search Domain Scan URL

URL: https://gizmodo.com/
Title: Gizmodo

Search URL Search Domain Scan URL

URL: https://jalopnik.com/
Title: Jalopnik

Search URL Search Domain Scan URL

URL: https://jezebel.com/
Title: Jezebel

Search URL Search Domain Scan URL

URL: https://kotaku.com/
Title: Kotaku

Search URL Search Domain Scan URL

URL: https://qz.com/
Title: Quartz

Search URL Search Domain Scan URL

URL: https://theroot.com/
Title: The Root

Search URL Search Domain Scan URL

URL: https://thetakeout.com/
Title: The Takeout

Search URL Search Domain Scan URL

URL: https://theinventory.com/
Title: The Inventory

Search URL Search Domain Scan URL

URL: https://store.theonion.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer.php?u=https%3A%2F%2Fwww.theonion.com%2Fthis-weeks-most-viral-news-june-30-2023-1850595500%3Futm_medium%3Dsharefromsite%26utm_source%3Dfacebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.theonion.com%2Fthis-weeks-most-viral-news-june-30-2023-1850595500%3Futm_medium%3Dsharefromsite%26utm_source%3Dtwitter&text=This%20Week%27s%20Most%20Viral%20News%3A%20June%2030%2C%202023
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fwww.theonion.com%2Fthis-weeks-most-viral-news-june-30-2023-1850595500%3Futm_medium%3Dsharefromsite%26utm_source%3Dreddit&title=This%20Week%27s%20Most%20Viral%20News%3A%20June%2030%2C%202023
Title: Reddit

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.theonion.com/ HTTP 307
https://www.theonion.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.theonion.com/undefined HTTP 301
https://www.theonion.com/

Request Chain 85

https://kinja-com.videoplayerhub.com/gallery.js HTTP 301
https://btloader.com/tag?h=kinja-com&upapi=true

Request Chain 156

https://gum.criteo.com/sid/json?origin=publishertagids&domain=theonion.com&sn=ChromeSyncframe&so=0&topUrl=www.theonion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=bg-ZUXw4dmZHeWVOSkRDdEVsVUJBdmpUVC9GN0RVZzUwWExKdVV3VzIvRWgzMmVrTEhLbUZuZW50ZjRPVTdVV3JPR0dMSnVMNWZxaUZtL3VRWHl4MWdHKzVsbUpITzZUWXpva1lKK3BwMUdVOU1rUy9vMlIzcFZZOWo1SjFaRUN3TGRvV3dmOWdmM1lZbjNqV3JVYlMwU3lWR29yYnpib0dSajVOc1VyRkREYi9rQkFsbnJrZnhnakswY25HT3pFUCtiblc2dkh2UDRzLzBtSVFjb3hUNEtNOHJIVG1nWU9Ic1o3d3NHSG5ZaHJCaDNwcVNGQW9rZXM3TE9xRm54UTJ0RFpEb2NXMEJ5T1AxVzhOK0diWHRBSFVQUT09fA&cppv=2

Request Chain 202

https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=1251680754;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_pre=CPeGstj5-v8CFcP0EQgdD6QNJg;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=1251680754;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

Request Chain 225

https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=1554650479;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_pre=CP26xdj5-v8CFaSeewod18gELg;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=1554650479;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

Request Chain 243

https://pixel.adsafeprotected.com/rfw/st/1503538/71719453/skeleton.js?adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=abedfq&adsafe_jsinfo=,id:8f1af7cb-3e9d-ea75-1e56-575d18925b59,c:hCDtRl,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6b6dfd5f7-v8frx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1200.2629.1600.520,am:i,cc:1200.2629.1600.520,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,mtim:453,mot:0,app:0,maw:0,fm:tJgtWJb+11%7C12%7C13%7C14%7C15%7C16*.1503538-71719453%7C161%7C162%7C171%7C172,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:470,oid:22097848-1c3e-11ee-98bf-c620dd20dd71,v:19.8.425,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 252

https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=586502270;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_pre=CMyo29j5-v8CFabzEQgdExIIRA;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=586502270;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

Request Chain 279

https://pixel.adsafeprotected.com/rfw/st/1503538/71719453/skeleton.js?adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=abedfq&adsafe_jsinfo=,id:7471b616-e53a-25df-b54e-6fe5404bf3d5,c:hCDtWL,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6b6dfd5f7-jxxtx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1200.1455.1600.520,am:i,cc:1200.1455.1600.520,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,mtim:406,mot:0,app:0,maw:0,fm:tJgtWPx+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C164%7C17*.1503538-71719453%7C171%7C172%7C181%7C182,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:412,oid:22303a76-1c3e-11ee-9bd0-42f802e502d1,v:19.8.425,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 299

https://gum.criteo.com/sid/json?origin=publishertag&domain=theonion.com&sn=ChromeSyncframe&so=3&topUrl=www.theonion.com&bundle=iInL3F9HMEhqVDVKTTJKem8lMkJ4b3VRZWlyQ2JIYzdsQzVNd0RtcTc0eUE2R29IcVk1QmQzczhJMElJZiUyQmcyU1J6U1M4MmxHazlwTk9tUFpVcjkzNlowZTBDRkhZcE1WSXpNbjdxWnlidUFXYjZGR1Rrd1pROUlCZVplMWVSdVVCcGJiRVd3c053ZGJPaUxXcnQ0ZnU1NGc5emRnJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=5bm0nHw0TERzNTd1T24zVnFpSkxpaWdieW5za015SVI3RXBRQTd5SSt3WmYreiszbmVOWWk3SlYrUFRyRndBQ2NPTVNxVjE4QitYdE5RdzU4eGo4TlQrRlZOUTJFUzZ2ZjVJK2NFeER2OVNLa0ZOYmltTERNQXpCYUxPN0NlRmFEZWQranRDcFUyNjlMRXlIN3BrellvK2pBRE8wcElmZEJZa0tnS3hyL0w4SjQ5VnRmL1N6SjNja1R2N0phQTh2a1JXeGNhMk9VbVlVS2JxNi9KWFJ6Zm5rN3hFcjBOM2o1TUcvYWwwY1laYlVWdTlNRnV2Mmt5djAzdG53TisxY21wc0JVWm1pS2E4QitpN1B0VDgxOXQyQ09PZz09fA&cppv=2

Request Chain 300

https://pixel.adsafeprotected.com/rfw/st/1503538/71719453/skeleton.js?adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=abedfq&adsafe_jsinfo=,id:4d567336-1465-aab9-227c-38f7ca61253b,c:hCDu1H,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6b6dfd5f7-s2lp2,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1200.4077.1600.520,am:i,cc:1200.4077.1600.520,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,mtim:353,mot:0,app:0,maw:0,fm:tJgtWVj+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C18*.1503538-71719453%7C181%7C182%7C19,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:361,oid:2266da5e-1c3e-11ee-a724-8a6375f23e64,v:19.8.425,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 324

https://image8.pubmatic.com/AdServer/ImgSync?p=161204 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=161204&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDk0Nzc3NjYtMTgyQy00NTc0LUFENkUtNTA0N0FFQTFBQTZC&gdpr=-1&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 326

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6852412375541553958&gdpr=0

333 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.theonion.com/
Redirect Chain

http://www.theonion.com/
https://www.theonion.com/

392 KB
63 KB

68ms
12ms

Document
text/html

151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

81b45447d601b50f3396af441782bec982e4fb240f06ca30f4f421d2357de7ac

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 64
cache-control: stale-if-error=86400, stale-while-revalidate=300
content-encoding: gzip
content-length: 63228
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Thu, 06 Jul 2023 20:46:06 GMT
etag: W/"6212b-RESwqRsy3TyFobBqmT5jSN+DmUY"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Authorization
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 4, 1
x-cdn-fetch: mantle-default
x-content-type-options: nosniff
x-googlenews-bot: false
x-kinja: kinja-magma-kube02-6bdcbc45d9-vsmft #4224
x-kinja-build: 4224
x-kinja-gdpr: true
x-kinja-revision: cb47241b1bbabf279759659d5a15604627c5565c
x-kinja-server: kinja-magma-kube02-6bdcbc45d9-vsmft
x-kinja-superheroloaded: true
x-powered-by: Express
x-served-by: cache-iad-kiad7000116-IAD, cache-iad-kiad7000116-IAD, cache-fra-eddf8230022-FRA
x-timer: S1688676366.010571,VS0,VE3
x-ua-device: desktop
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.theonion.com/
Non-Authoritative-Reason: HSTS

GET
H2 200 roboto_condensed_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 15 KB
16 KB 49ms
10ms Font
binary/octet-stream 151.101.2.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_reg-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: ZPD6HJE46TCZTVYQ
age: 83
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 15700
x-amz-id-2: gNTb+dOgEsiyN86xu4flhjHu0+ps/72/5ReD0WyhA3xGgBajZzcFu/Dvt9letJg6ha8T7jjG9S8=
x-served-by: cache-fra-etou8220105-FRA
last-modified: Fri, 13 Jan 2023 15:40:59 GMT
server: AmazonS3
x-timer: S1688676366.065504,VS0,VE1
etag: "3d7f7413fca69bff4d231ebdc50aaab0"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 roboto_condensed_reg_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 17 KB
17 KB 57ms
18ms Font
binary/octet-stream 151.101.2.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_reg_it-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ab6d5bddb52a980ebe7658cca937e1ce087c1478cbeb13715876e463b2dd7f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: BHKXPM5ZP47NY82D
age: 71
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17376
x-amz-id-2: HenXJSt93kZBNfFqymMzfX4GynHbTgw0vxvZDVnuW/c/EZJyLCu8Br56Jc6jDKZiO+QYta3xo0Q=
x-served-by: cache-fra-etou8220105-FRA
last-modified: Fri, 13 Jan 2023 15:40:59 GMT
server: AmazonS3
x-timer: S1688676366.065874,VS0,VE2
etag: "8e134f1169d65556e833a4f33fd78242"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 roboto_condensed_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 15 KB
15 KB 49ms
10ms Font
binary/octet-stream 151.101.2.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_bold-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: F8YBVGY8ZQ22QB7C
age: 71
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 15660
x-amz-id-2: BhlJN2rM7JzItJn/PGiwawjgfeCjNIjVZhVXsk1e5y0YRX3MbFURDrBpztsnLM0U3XSsElr+H98=
x-served-by: cache-fra-etou8220105-FRA
last-modified: Fri, 13 Jan 2023 15:40:57 GMT
server: AmazonS3
x-timer: S1688676366.065868,VS0,VE1
etag: "d7b0b953a50fddaa88089b5b787cf719"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 roboto_condensed_bold_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 17 KB
17 KB 56ms
17ms Font
binary/octet-stream 151.101.2.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_bold_it-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

921d6a08298f520a4f4c7444ba3cf32d128706ad4018c6a576f915d79122a8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 5CRA4PJ8RH8WK588
age: 44
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17080
x-amz-id-2: ZLM80vzPDCGS/umGdyrj/vhoZPDnQX3MzLtw18h5euCfJT/R+M0LQz5zuazdzITMxraLRRRwPIDEb5lA4Yk/Ig==
x-served-by: cache-fra-etou8220105-FRA
last-modified: Fri, 13 Jan 2023 15:40:56 GMT
server: AmazonS3
x-timer: S1688676366.065868,VS0,VE1
etag: "e43aefe2f0b22276ca8ade3f8040749b"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/ 18 KB
18 KB 48ms
9ms Font
binary/octet-stream 151.101.2.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 6QD4HZ02QKAYJEE4
age: 104
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17984
x-amz-id-2: /nLI+YlfZt8WKcs3SfLvNh36ITmFfDLgjjnpucI7l7KzkagaDUK3cRzaMxYvvK2/CIKZOweAiX0=
x-served-by: cache-fra-etou8220105-FRA
last-modified: Mon, 26 Jun 2023 20:58:11 GMT
server: AmazonS3
x-timer: S1688676366.065855,VS0,VE1
etag: "0518781cd45a71291d17ea1febfcc5fe"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 51ms
9ms Script
application/javascript 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 05:03:49 GMT
content-encoding: gzip
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 63104
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 1VshmnZ-o1RsvB-sCu2JxOYl8aQ99Os90grwPjh8xfEBDiVuhjkXug==

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 21 KB
8 KB 44ms
9ms Script
application/javascript 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=527761496
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 5f5fae80f0c98899eeabe0f618454ca066c741eba7ed03141bb60fd47fe27fdc

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 2
date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 vegur, 1.1 varnish
content-encoding: gzip
age: 2694
x-cache: HIT
content-length: 8026
x-served-by: cache-fra-eddf8230042-FRA
last-modified: Thu, 06 Jul 2023 20:01:12 GMT
server: Apache
x-timer: S1688676366.083472,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 20:01:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Jul 2023 19:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6089
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 06 Jul 2023 21:04:37 GMT

GET
H2 200 2305f3bef51422d775d40cf03846ce5d.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,q_60,w_645/ 6 KB
7 KB 48ms
14ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,q_60,w_645/2305f3bef51422d775d40cf03846ce5d.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3377e1a113eeca45f93cc42019d38537b17ef0ff6355580ba5d0e1c5e771eec5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: U3AvErXDKU6XqB.w9Fhyz4GGDpIliOc7
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: BAV0AMRM1NXS265J
age: 849183
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=340073 idim=2000x1125 ifmt=jpeg ofsz=6508 odim=645x362 ofmt=webp
x-amz-storage-class: STANDARD_IA
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 6508
x-amz-id-2: cxOMeptqBKMbNcfaVvhh3rJ+VikzROOTGjHBk82+Z9bbGeq92yx9usoBNFY452hTjpmMuTyeHgPbq3JoABi70g==
x-served-by: cache-iad-kjyo7100117-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.089572,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=362&quality=60&width=645
etag: "JUwy4NXUHO9Pb08Wo84FdlJMfBzFmUNzuPqkIlAefK4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 28, 1

GET
H2 200 c34ea0450d0b74d1facfb6bf96406d73.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 10 KB
11 KB 47ms
14ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/c34ea0450d0b74d1facfb6bf96406d73.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 15eb1d1a29b666daa6f19ee44a5e49cdf8a9cd48b57ddbe9ef76c6a02f572d76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: rlvYieg4G2lKszpr9fCTwmr2.FVqK.AA
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: JWNG773CQZESY6WF
age: 89291
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=2641510 idim=2000x1125 ifmt=png ofsz=10124 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 10124
x-amz-id-2: KsYvg8zMD+18NJcH2E4AYBHpKWgWr3ue6mr8cIe+LcJqtmbgnOwsO5T/xELEDvTbiH3tkZcXxzY=
x-served-by: cache-iad-kiad7000126-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.089550,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "ka2dOrKIJOfWaODzkhyBjrwXE3vSpvhHbythxAtzG0Q"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 21, 1

GET
H2 200 798cc14c66c6e23a7a78be162c12ebf8.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 3 KB
3 KB 48ms
14ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/798cc14c66c6e23a7a78be162c12ebf8.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 574891491dd40cc9638a5ddce867c0174c82a444964a89959d5416d75188147b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: bsBtkkeX0ml4qd3XPAR9zI8ySurOqJN_
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: 36YF23Y8MFWWNJBR
age: 16742
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=421349 idim=2000x1125 ifmt=jpeg ofsz=2674 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 2674
x-amz-id-2: LEX8dH3S+EsAmJkI/5tSkSS7KDlllEcG3qGa/scu1xwSQx2hg46Fu1plZrJ+n1/SVWmQbuenUv8=
x-served-by: cache-iad-kcgs7200132-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.090452,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "jjVqwAp4r1UL7UQ7V0K3YTFSzbki23G8wHt9irQ6Ku8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 21, 1

GET
H2 200 babe47e490bac70a2fa92be366074204.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 9 KB
9 KB 49ms
16ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/babe47e490bac70a2fa92be366074204.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53911f0c933d90a5b8eb2b12cf93c60b1b1f23ac7e95c0a653b0de77be82b737

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: dujrG2LCgmz9I9bhiWye4kgVSanXlCYx
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: SEB0GQYGQZEFTXV6
age: 88955
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=366270 idim=2000x1125 ifmt=jpeg ofsz=9102 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 9102
x-amz-id-2: SdEqAwqxwl7YifOvss9zOPlhGlsnnw0vzwpuX3pXSmXDjMJPnUEHejK2/t0orFmzwV8GdDRxv1bphUvRBZg1bQ==
x-served-by: cache-iad-kjyo7100063-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.089529,VS0,VE3
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "i/iEFL6iNnPOa3qRX8V9Hgt9q9PG5iCObFQLbj1qb2c"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 18, 1

GET
H2 200 e860a36cc8e7c1910299a62bca8a12ab.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 16 KB
17 KB 48ms
15ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/e860a36cc8e7c1910299a62bca8a12ab.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05f099e06f27c794191092c46d51fc6452210bb7207dc7f86d94b58b9173c9cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: jaOHwW_Mxb8q_4H5_cnPdJlS6KUj2eSB
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: ZVNG2BC6R4677HR7
age: 90073
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=4027531 idim=2000x1125 ifmt=png ofsz=16882 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 16882
x-amz-id-2: hMLuXL4uw8dWBZiEzdkliV4U91ZlI375dMMa+DuJjux8wR7g77J9hosQRr6LEDyxja42YHDqowk=
x-served-by: cache-iad-kiad7000121-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.090049,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "lg5x9KuaaAuZ1ar+iQHHNc9+gK0xXhfU6uitlGYgeyA"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 2, 1

GET 197xrjaz7466rpng.png
no.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_542,pg_1,q_60,w_965/ 0
0

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 8e945cb5e683071e96a81c7951f0c841.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 9 KB
10 KB 47ms
15ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/8e945cb5e683071e96a81c7951f0c841.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb222c75b3ffd8bcfb83f847b4e7b25fe498e45bb6a830d15f70628f93a68018

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: q4hksDK9ECEVSzvcV6Zm3Lk0VTFRPqAn
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: 74FTWY1FZXDQW4GZ
age: 611619
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=3731256 idim=2000x1125 ifmt=png ofsz=9466 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 9466
x-amz-id-2: uT6s0hK+8fyBQ+hQwMtlC/z5IWVe2EsEf/fZEeMBOpR9jKBWLeU9yq0/yE/eyfTi/IYo8pay5dE=
x-served-by: cache-iad-kcgs7200123-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.090146,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "iFitr/jbmBOuga7trR+ga4YFbpUohRrb+wvIOM/MW3M"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 5461, 1

GET
H2 200 25939ce130d76fff10fb5e91e49f0bd6.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 5 KB
5 KB 13ms
13ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/25939ce130d76fff10fb5e91e49f0bd6.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71f8801d321baffde05447678811d9120a708671ce1cfc7ceab578c6908b63fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: E.9wqCkv.QLrHsnmxpSN02A9sfG5Uvf8
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: KK3D3ARNGNDRHKRQ
age: 611478
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=2939269 idim=2000x1125 ifmt=png ofsz=5148 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 5148
x-amz-id-2: D0sHPGYHuPnie2myF0/LeBcO5vkPu7CVEbDZDqwHzp/VuSNfpMP6Ma2lnv+PqiT4gdo49HKM9ckrMqJbgT5axQ==
x-served-by: cache-iad-kcgs7200142-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.101446,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "H5RWsXC7W+E0+DAvByZNYPciRxn5r4h/uz4Pac3ofV0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 28, 1

GET
H2 200 f83b0ef6560962000fc5d41163a96a37.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 11 KB
12 KB 17ms
16ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/f83b0ef6560962000fc5d41163a96a37.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: befa3f2d4613803528d855539bfdab8f660991240781aae6c9d077f1847485ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: O.kftG5y6EmfKAfYnUcHOq1fj9QMtpxE
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: HTAEYWB489H49YBK
age: 609160
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=2618079 idim=2000x1125 ifmt=png ofsz=11654 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 11654
x-amz-id-2: sktjxWKmdVyldNtjsHZRa6bWpZErEekQheeB1RccEWueSEsqpbmDTG8j36tfVSZW5Z0koRsOQgw=
x-served-by: cache-iad-kjyo7100127-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.107332,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "kvihi1HSyhPJ4wBnmprYkHC3S+9PVHFFPkUebYz9p9o"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 15, 1

GET
H2 200 013a465fff6680d9d979801a0e5ad551.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 17 KB
17 KB 15ms
14ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/013a465fff6680d9d979801a0e5ad551.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 007a8bb9a74d663de7e5e1aa6528ee396b8a7ebd4f774f4868ed9cc9a0998fd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: J33b5WdtjhL.JNfZNNbuFUB.myYyafJs
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: ZAQG68T78VDX8CX1
age: 613114
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=498378 idim=2000x1125 ifmt=jpeg ofsz=17174 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 17174
x-amz-id-2: hHuzDmTJQ31MSypOuVL/Asikz3YR/2nqZminxlXcHRnCrMGwCQ4bD8LIDfw4VBXAEd85MDYAV/0=
x-served-by: cache-iad-kcgs7200152-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.105908,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "cRBDQlQZWjV8UMJxUBu/XsQ/j6hr3J5d+/Al6IGEIeY"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 537, 1

GET
H2 200 dfca04ccc8684a0ed70f94728cf20544.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 5 KB
5 KB 14ms
14ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/dfca04ccc8684a0ed70f94728cf20544.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4383e2dc65cc69ca4372919380797d485250f350ce7a5f6972c8cd20ffcff82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: x58agRWKytWs74.MOzb2DFpkRzi_cz_r
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: H1D8D0ES8H2DF51Y
age: 1219466
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=920265 idim=2000x1125 ifmt=jpeg ofsz=4960 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 4960
x-amz-id-2: 6QwtKFngEYYo6rodE32CGgqOr5XC5RLGyr1HqlqfEDMf28/QuHOrHYzNKGIdDuA99g4Lw13YkyE=
x-served-by: cache-iad-kjyo7100022-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.106359,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "emsk/pH7qT9wEXZS5tBUvFTKX/GIyUAyFZ9KOlHaQRI"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 57, 1

GET
H2 200 35e99a2ca95496c33b64b180c6028bac.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 9 KB
9 KB 16ms
16ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/35e99a2ca95496c33b64b180c6028bac.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f4513c897a61a5d4e316c184eb02ba011b9c7aaf1edc54d9ef4ae000787c298

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: yK.BIv6_fHNKT8emylJNXwgoFeChmnEP
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: PQG1Y6S7A50G81RV
age: 987489
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=340911 idim=2000x1125 ifmt=jpeg ofsz=8750 odim=340x191 ofmt=webp
x-amz-storage-class: STANDARD_IA
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 8750
x-amz-id-2: +DSyDg9ftyXyxtwVtisRZoVV0Jzm+v6hOmI9934mQk6P4X0mWwydD5gZAw8Wiuy/y4Rm3LyP4hU=
x-served-by: cache-iad-kiad7000114-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.106348,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "K146PX8sN2is3U612y+CeaQLLYOIx4wwKwINH0MjBm0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 1476, 1

GET
H2 200 c768bca3dc498dc2817b9e3f63bd988d.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 8 KB
8 KB 15ms
15ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/c768bca3dc498dc2817b9e3f63bd988d.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 207e27a470eb1b6b1055a1397b6d01fdf7d8420d1de9bc78259401dfb4f1b159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: iTW4Hu9gpuXH4X6hxYy.qQe4t_Nh.jf9
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: 5CZ6RF0CNJ1VWF1B
age: 544823
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=3498075 idim=2000x1125 ifmt=png ofsz=7822 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 7822
x-amz-id-2: Nbt5JSL1BUqC8VUD702I3yYTZp0ghPhrusglT1IsNL+UbnfkEeJoSvSKOiyVZ1dTHv7CcNxi7cMCgTz5kqRAQYCrMknre/K2BvFkAfz3CyM=
x-served-by: cache-iad-kcgs7200169-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.105834,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "xZP9bidpAGciAcVeDXub3WfCiNiwuCCJMJW9pZmMSUY"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 4034, 1

GET
H2 200 b81865b7bd14aaae56be1ad66cb1a26c.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 5 KB
5 KB 10ms
10ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/b81865b7bd14aaae56be1ad66cb1a26c.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e1ea7b184565df380886da792bf63c83aec7d55ebd6ba92b591d564e682caa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: dbABDY2dnAuCZe3RdA1uXQvYRDZAcIwx
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: 9H0ZJDAW47KHCVCK
age: 1306844
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=3010046 idim=2000x1125 ifmt=png ofsz=4686 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 4686
x-amz-id-2: sl4wdnLQRvLkfhjzJFqQOjqnlo2BgLPA2bfTMQjHry6yEkSYPr3vYqgcQ7PrREM1kN5e4KJPLqk=
x-served-by: cache-iad-kiad7000105-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.114801,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "JNPxHbqjWsmCLfWXIOM/+YEYtI+2IKEUxMGdymzQu34"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 14525, 1

GET
H2 200 ed5bf447aa31204716f287fe7db666ac.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 7 KB
7 KB 13ms
13ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ed5bf447aa31204716f287fe7db666ac.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d3a73c7af4cd3eb08ae2f614c902a732c4ffef061b53de6059cc2382af740783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: hV8FaPl9MAHmW4.bt43iEOEvqCO7.Qdn
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: 8KDDQT26YKFTKKBZ
age: 1003387
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=466802 idim=2000x1125 ifmt=jpeg ofsz=6774 odim=340x191 ofmt=webp
x-amz-storage-class: STANDARD_IA
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 6774
x-amz-id-2: rj7rPlBF92wJ0tpWJxvkMm6/eOK01scK1Acp7Tm3sX5o8Z7070HMqlnmj9ihD/HTlp+Lx1mR5VU=
x-served-by: cache-iad-kjyo7100133-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.120618,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "Ei//ksJbxjZ8jLrr3zy3TLrC7nP8qVe7ruGYHlwiVKY"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 6733, 1

GET
H2 200 3d832d1d2e3d5ea954c6094de3502fd0.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 5 KB
5 KB 14ms
13ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/3d832d1d2e3d5ea954c6094de3502fd0.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b4fc51822b44a84e339edd6f93a671770075c6fe52f2f47c5b32f415c24f5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 8fiZ43JS3KjTTPlBUzR.KS_qaxW4Ma6v
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: S5XNNAZ1H1NFDEM9
age: 1379029
x-cache: HIT, HIT
fastly-io-info: ifsz=273311 idim=2000x1125 ifmt=jpeg ofsz=4986 odim=340x191 ofmt=webp
x-amz-storage-class: STANDARD_IA
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 4986
x-amz-id-2: YRlTG6Ri5SIp2Bibh2UoPl0ANeTV6amqBFoA5ffz1UHoeSgHltDBNAsYVE4UrVMzq6gF9juV4Q0=
x-served-by: cache-iad-kcgs7200131-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.120579,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "ka36iRAX/RXeByDTTzCEF4jcCr8LP+M8zQE5ajZr24s"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 20, 1

GET
H2 200 a1glirmtpgnnrgkq96yv.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 9 KB
9 KB 16ms
15ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/a1glirmtpgnnrgkq96yv.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 98555f82ad12532d426de758a88dbfe0d27a0d57f42a62cce2c700a6891ae6c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: AmericanVoice_OG_FINAL
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-meta-cld-interesting: {"eyedea":[[427,10,347,463],[54,70,312,416],[804,10,336,448]]}
x-amz-meta-cld-transformation-id: 10000011314925
x-amz-request-id: QJ6F531XXVBEQ1GP
age: 723226
x-amz-meta-cld-version: 1526415104
x-cache: HIT, HIT
fastly-io-info: ifsz=761483 idim=1200x627 ifmt=jpeg ofsz=9086 odim=340x191 ofmt=webp
x-amz-storage-class: STANDARD_IA
x-amz-meta-cld-surrogate-key: 518906947868701340742262034292367127578
fastly-stats: io=1
content-length: 9086
x-amz-id-2: eLB5HcIVc2ZcggiQrr5ddJ1rHJfKdgBdn5sDRAEeQxx5/7lvUPfL85ig+mRXdb6mSgtHh7s4asjDsLk/cvowRQ==
x-served-by: cache-iad-kjyo7100116-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.121241,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "PRBmtvRCn9V0E1H9+X/6W8GnpVgLvyY1cPsdlyxihnA"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-meta-cld-original-extension: jpg
x-cache-hits: 5038, 1

GET
H2 200 ca593c361e26871ca5cf9bc5f72bbe9f.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 14 KB
14 KB 15ms
14ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ca593c361e26871ca5cf9bc5f72bbe9f.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7d606c62808f1b092bdc63c998820d65178bff515beda58f42328c37ce94c93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: xaZ4iMqc9uAUlpdLjNw7RtE.iIl9n0TW
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: SBBFQ6EDT1YW4HN1
age: 1507548
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=3595730 idim=2000x1125 ifmt=png ofsz=14306 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 14306
x-amz-id-2: 1Q+Cr4SaMTLq9sj156wnBPLZGAcW0rVkOBWHikkoJpaI0Yzrr7slW/lQhcnRstmAqycjXTmHY4o=
x-served-by: cache-iad-kjyo7100127-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.121211,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "XHredkTZGyL5+XmsAkP1XredoTdYpYeANOLsLQcgDrU"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 12, 1

GET
H2 200 47968aad0927884ad57f7bb42332306b.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 8 KB
8 KB 15ms
14ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/47968aad0927884ad57f7bb42332306b.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0843b297cca33177426f54e971999aa8a607e40d80a625831eda4b72aae9aab8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: qr3xE9HMrKZORWYyzabDXMNdc9kp9o7R
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: FVTQHKHX37S687J8
age: 88799
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=4053933 idim=2000x2553 ifmt=jpeg ofsz=7686 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 7686
x-amz-id-2: ogQYiwyr8H0w0Ln0ZpZtWhBn6Q3Eyes2IgXBF28ysm4nrIH4SHYCi8j8H0sIVP99fwZMy8iRLsQ=
x-served-by: cache-iad-kjyo7100021-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.121195,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "IR9OWJMcilQDkrAsR2ubwTV9mgPAA1ootwLIx8Aipac"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 55, 1

GET
H2 200 e8f4483dfc213a43424ffc7e8c390e25.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 4 KB
5 KB 12ms
11ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/e8f4483dfc213a43424ffc7e8c390e25.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a4e74ea8fca68be38b5b68d516bb18f8a80b5c37017274c60623c03e6004e58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: VRloWN5S0.3W9ZNdhLPA14B2r6GEIOES
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: QD6E066Y29740J6Z
age: 92461
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=330653 idim=2000x1125 ifmt=jpeg ofsz=4104 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 4104
x-amz-id-2: ZN7oe5FEpA4cPa5gNFvK/ZQDixh6e4DA9gAiN9+iaRVn6cQMiN7oDmzpa260m5LNuNs26P2fwhw=
x-served-by: cache-iad-kiad7000124-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.125707,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "WLSHjt3EPYkShSEZXqS6GICKA2QEs5pxOA7f9imepII"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 82, 1

GET
H2 200 bd3765f29ad1c7473ecff5ca7b82ac06.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 4 KB
4 KB 14ms
13ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/bd3765f29ad1c7473ecff5ca7b82ac06.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b262554ba29db61e894400053304c2c9f895195448dd0e4febd43eed8597c244

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: YgLOVJBGGoNIlcpYGg8MoT3nP4eKUhzN
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: YT0C4VBZH23X22VM
age: 275143
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=1161545 idim=2000x1125 ifmt=jpeg ofsz=3628 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 3628
x-amz-id-2: h+GvnWV9o2SZvMMLYU9+kkCSgZkxk4BcfRaDdqu9W0atsCn1IuYfQutYjoTJb6nKL/2Jb8twfTDsEbcXm5u8UQ==
x-served-by: cache-iad-kiad7000176-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.139665,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "lb9hY+UBNXbX3Z3vYc6Sw+ykeKO2qtKwmNMKw7ebxP8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 25, 1

GET
H2 200 ad5e175dbf9903aaa7d2e3be83aeddb9.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 4 KB
4 KB 18ms
16ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ad5e175dbf9903aaa7d2e3be83aeddb9.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f3784c5bde9f3d473b778228104573143532fbf25ae50caaf5aad3d4d5c057c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: q.GZL_JPK0pEzgmjT6npQpbi_Yf3TW7s
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: 50BK6NB5JX39CHDY
age: 537554
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=123829 idim=1315x740 ifmt=jpeg ofsz=3744 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 3744
x-amz-id-2: kYH25XfGKd0zlF7rrIhxFKK46KWer9fbHYM5zs+oiHhLe95H8qTgIa7yJ+e+SGOtFLDtwwUwHPo=
x-served-by: cache-iad-kiad7000140-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.139661,VS0,VE5
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "Xi0HbzCdZ9Q68XsLaN1yWGjBPTqlBD09l5O5lrBPZQk"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 53, 1

GET
H2 200 01d57a4de57ebf2266c5eae71ad4f485.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 9 KB
9 KB 15ms
13ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/01d57a4de57ebf2266c5eae71ad4f485.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d617fb46ef25d32cdfc6459393c2d7933339093ee270b951e1fdb50ab5662140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: NwZu3wWEv9m8p0lAy6OfzRs5.isDdDsp
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: 45HYAHSBXTD5QN8W
age: 1350457
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=3275455 idim=2000x1125 ifmt=png ofsz=8888 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 8888
x-amz-id-2: /OPBtwv0meJcpmMAL+uZsrtk+4VoaPLIXWO2c18EUddnZqLDC6lgYuOkLMK7kobqRw/VCTQ5R/ZigICY0uSQuVw+glZftqQI
x-served-by: cache-iad-kiad7000162-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.139222,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "iJWLJZZChrOfWUTPoJVowbWY5BuAfpp3e2GaHCRELic"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 14748, 1

GET
H2 200 5f3d655b41dff4a340ce7ce0b3ff2083.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 5 KB
5 KB 14ms
13ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/5f3d655b41dff4a340ce7ce0b3ff2083.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2d12302eee2d4e702a095497dd20133916901be34e4f4f7748f5e87385fef5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: fGyZ1SPl_kwUftco9cMVOeadw6GT_xlv
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: SEDHH9N1K5NHEGJ5
age: 1429966
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=347964 idim=2000x1125 ifmt=jpeg ofsz=4836 odim=340x191 ofmt=webp
x-amz-storage-class: STANDARD_IA
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 4836
x-amz-id-2: dysjnziEksusUP7/06smqeMz0UfSTMXOzgC+b7ZGzRhDazjbvXlDIWuMu1KNmn4y3HeTZe+F4CI=
x-served-by: cache-iad-kcgs7200158-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.139198,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "D/50CCA6OIhwOSD1LdxXcMNjXRTCdrWBqsoXmwo4DGc"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 6, 1

GET
H2 200 24a2fb1ad1b2b58f9fc6dea435552c14.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 6 KB
7 KB 15ms
14ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/24a2fb1ad1b2b58f9fc6dea435552c14.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1bcc37432884a16b8c3a3d39f32ea9ef7d6f4330dd92571b760343e89556a42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: U5jObEI6FuavFiYGrYiJh33k2aPVYdLv
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: 9BPSEJ4NC64D0FJS
age: 826086
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=1562125 idim=2000x1125 ifmt=jpeg ofsz=6600 odim=340x191 ofmt=webp
x-amz-storage-class: STANDARD_IA
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 6600
x-amz-id-2: vjJZLv645EnE/jhXJxSAvQnf9Mb/9HpSozkpEFQMZeSz6cKqiqTCpOTYjkyApEASL+oRzudVgxo=
x-served-by: cache-iad-kiad7000020-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.139189,VS0,VE3
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "MRi68yjN38yvPckvCY39Z9SQtJ7XYB4rOHv0hn7wOek"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 2593, 1

GET
H2 200 306410a4faaa91cd97d1213831d7517c.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 6 KB
6 KB 17ms
17ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/306410a4faaa91cd97d1213831d7517c.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 528a5bcdfe99d459ca9724e827f3ac036b5ef16ed581942fa62f947676c37af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: djMDEqN9CMUt.nCZqjVl2eGMsUCBjnr_
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jul 2023 20:46:06 GMT
x-amz-request-id: 64QN81ZG28FVN21B
age: 2551623
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=3283571 idim=2000x1125 ifmt=png ofsz=6244 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 6244
x-amz-id-2: nlg7MUoKd47y+QeK1bK83rv8fpZ0jyhz9eAvwcjDExudtnDHZkLh+eXehyrHBwRtMulUP5XGm+E=
x-served-by: cache-iad-kiad7000153-IAD, cache-fra-eddf8230022-FRA
server: AmazonS3
x-timer: S1688676366.139323,VS0,VE6
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "o9Torqo81fPuC6Hko5YgXTtYcJoCpr92eYJdrK4KLY0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 8117, 1

GET
H2 200 runtime~videoMediaQuerySupport.87053d08d5634a107c35.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
1 KB 13ms
13ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoMediaQuerySupport.87053d08d5634a107c35.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: CV7H0Q4JR0079E6F
age: 2062999
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 774
x-amz-id-2: FVY62oKnZKgbjxj9ubEmyASig1WrGEEpRGmn3SqbwjVjs0ePCZI5eG2I8H3KisIlOX/DKe1NBW8=
x-served-by: cache-fra-eddf8230086-FRA, cache-fra-eddf8230022-FRA
last-modified: Mon, 12 Jun 2023 22:03:21 GMT
server: AmazonS3
x-timer: S1688676366.056537,VS0,VE3
etag: "df042ee2742c71b59300a1b35069e3aa"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 videoMediaQuerySupport.b68e2424feab32dd0c91.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 1 KB
1 KB 10ms
10ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/videoMediaQuerySupport.b68e2424feab32dd0c91.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: W0FP7HWJPDBQ2KNX
age: 836274
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 683
x-amz-id-2: BVAIxXMraXVSNCzd8ujGKv0/V5FA3jcukC1pzWsE1qAAaGFOykv6f2ZS0oZL90JdHBzxFFZSebI=
x-served-by: cache-fra-etou8220112-FRA, cache-fra-eddf8230022-FRA
last-modified: Mon, 26 Jun 2023 20:58:05 GMT
server: AmazonS3
x-timer: S1688676366.056522,VS0,VE1
etag: "cd8a0c9965106e2f8e59fd060ddad4f1"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 accountwithtoken Show response
kinja.com/api/profile/ 243 B
1 KB 131ms
112ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja.com/api/profile/accountwithtoken?jsonp=_fasttoken&newFollows=true

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c743a8b3e6450b986097e7e46a370bdbaca5666d6bc30a90995be0330787d67d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src 'self'
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-kinja-gdpr: true
x-cache: MISS, MISS, MISS
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja-continent: EU
x-cdn-fetch: mantle-setcookie
content-length: 222
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000033-IAD, cache-iad-kiad7000033-IAD, cache-fra-eddf8230022-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1688676366.091524,VS0,VE103
x-frame-options: DENY
vary: Accept-Encoding,Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, private
accept-ranges: bytes
x-kinja-country: DE
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2

200

/
www.theonion.com/
Redirect Chain

https://www.theonion.com/undefined
https://www.theonion.com/

392 KB
392 KB

10ms
10ms

Image
text/html

151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theonion.com/

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-kinja-server: kinja-magma-kube02-6bdcbc45d9-vsmft
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
content-encoding: gzip
date: Thu, 06 Jul 2023 20:46:06 GMT
age: 64
x-kinja-build: 4224
x-powered-by: Express
x-cache: MISS, HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja: kinja-magma-kube02-6bdcbc45d9-vsmft #4224
x-kinja-gdpr: true
x-cdn-fetch: mantle-default
content-length: 63228
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000116-IAD, cache-iad-kiad7000116-IAD, cache-fra-eddf8230022-FRA
x-googlenews-bot: false
x-timer: S1688676366.121171,VS0,VE0
etag: W/"6212b-RESwqRsy3TyFobBqmT5jSN+DmUY"
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Authorization
content-type: text/html; charset=utf-8
cache-control: stale-if-error=86400, stale-while-revalidate=300
accept-ranges: bytes
x-kinja-revision: cb47241b1bbabf279759659d5a15604627c5565c
x-cache-hits: 0, 4, 3

Redirect headers

x-kinja-server: kinja-magma-kube03-546df9b9fb-nv2nd
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
date: Thu, 06 Jul 2023 20:46:06 GMT
age: 64
x-kinja-build: 4224
x-powered-by: Express
x-cache: MISS, HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja: kinja-magma-kube03-546df9b9fb-nv2nd #4224
x-kinja-gdpr: true
x-cdn-fetch: mantle-default
content-length: 35
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000128-IAD, cache-iad-kiad7000150-IAD, cache-fra-eddf8230022-FRA
x-googlenews-bot: false
x-timer: S1688676366.071545,VS0,VE2
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Accept, Authorization
content-type: text/plain; charset=utf-8
location: /
cache-control: stale-if-error=86400, stale-while-revalidate=300
accept-ranges: bytes
x-kinja-revision: cb47241b1bbabf279759659d5a15604627c5565c
x-cache-hits: 0, 5, 1

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 9ms
9ms Image
text/plain 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6770184&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1688676366144&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2F&c8=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&c9=
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: FQCbzRvMeO3ZQF3C796FcAE-HyJIjt4N8tYcigpNJKTc18jHvqYJXw==
x-cache: Miss from cloudfront

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 135ms
90ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a8b2beb9a7ae30ed389c8722be48aae6a527358a2825a48230695e6929449b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25958
x-xss-protection: 0
server: cafe
etag: 866 / 19544 / m202306280101 / config-hash: 12271679515500602931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 06 Jul 2023 20:46:06 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/gomedia/ 44 KB
18 KB 82ms
19ms Script
application/javascript 99.86.91.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/op.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-43.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9525e0d948aad570c20fc40dd92c7be637d7bc196d207bb894e814b9a4f398ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:06:15 GMT
content-encoding: gzip
via: 1.1 54ebf0a06ec7306301fb9a98086cc9b0.cloudfront.net (CloudFront)
x-amz-version-id: VCVwxpwkbVfRfhKWoWo0nTYldBvi7KBd
x-amz-cf-pop: CDG50-C1
age: 2392
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17613
x-amz-meta-git_commit: e09f10f
last-modified: Thu, 06 Jul 2023 19:32:05 GMT
server: AmazonS3
etag: "a7eedf49a50997459896d2a5ad3051b4"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: m9lafzHahmhdvlfz2Pj8Zh3vn4xNaqDGg35Tyts0ALkALj1Hejq7Pg==

GET
H2 200 runtime~adManager.56d264d17892de6da910.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
2 KB 19ms
14ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.56d264d17892de6da910.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2f87a67144f45a9ed3f19f2d86d6eb202eac85e7334c1c96bb23912d8368d096

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: DFZM6EAXG8QZPRG8
age: 843644
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2008
x-amz-id-2: lcWY2MPxCZtqiIcqxiNxlpfPUkrZqGmvl4mVZyK04dtt2WOwQv/ptNPevp3TTKk5H81dn6DmrRs=
x-served-by: cache-fra-etou8220020-FRA, cache-fra-eddf8230022-FRA
last-modified: Mon, 26 Jun 2023 20:58:02 GMT
server: AmazonS3
x-timer: S1688676366.308402,VS0,VE1
etag: "0373abe392b52313f49648bd64e9dbbc"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 adManager~video-html5-playlist~videoHtml5.88eaa917a40b09ce5a01.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
2 KB 19ms
14ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adManager~video-html5-playlist~videoHtml5.88eaa917a40b09ce5a01.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9b13954de4843a833408e2cf285f2bbaca8645e605bfb528572837b00a31cff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: 2CY8DP4NWE9MTCQ8
age: 250146
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2292
x-amz-id-2: RGJIRb0jnWq6kcyBa+d7j4CT/G4bIca23UU2LT7bPZN20unYShx/7lu979E6V8z2gXEkOysUTEs=
x-served-by: cache-fra-eddf8230125-FRA, cache-fra-eddf8230022-FRA
last-modified: Mon, 03 Jul 2023 18:27:54 GMT
server: AmazonS3
x-timer: S1688676366.308458,VS0,VE1
etag: "34e2a3795b64d15c25ac93a3505d43e9"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 adManager.2be677965c51e7deea78.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 27 KB
9 KB 18ms
14ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adManager.2be677965c51e7deea78.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a22a8340577296b30df7331d2357f1efa9fe97862e2fa74559fc744a01302245

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: R857NW1CZ5SGYD2V
age: 1215468
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 8946
x-amz-id-2: dfFFK4ejacZwbVLOy5i4d8uHQW0P5hg1bI58CNk3ksD59R9Cqmjj7vtGlDN70UwlTETy47C8ZPM=
x-served-by: cache-fra-etou8220114-FRA, cache-fra-eddf8230022-FRA
last-modified: Thu, 22 Jun 2023 19:03:01 GMT
server: AmazonS3
x-timer: S1688676366.308361,VS0,VE2
etag: "5583cedb1e56a38f41c598808d9abbea"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~534cc8c3.f5f0b7e049d48392c16c.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 13 KB
5 KB 29ms
24ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~534cc8c3.f5f0b7e049d48392c16c.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

323c876527719654731597972ddbef7186f072ad4aa829e27328035b6c17ac6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: CN8KJWGDQ0FRK6BV
age: 1433427
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 4313
x-amz-id-2: /WpW8BsrOmgyiQnVzO0nfCOISdA9kw3o9Z9GUNZG7iQjPc0PEUgmA+ux9wcUugn+WtCEFkPuYGYjZK0mwjS5haqEdYSk1Bf1b50BTEwMedc=
x-served-by: cache-fra-eddf8230070-FRA, cache-fra-eddf8230022-FRA
last-modified: Mon, 19 Jun 2023 15:42:11 GMT
server: AmazonS3
x-timer: S1688676366.314324,VS0,VE2
etag: "abb7562572173b8e6c4555a7864a7630"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~20d188ba.8ced87a4f7bf688b4715.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
3 KB 22ms
17ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~20d188ba.8ced87a4f7bf688b4715.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c244e9ba6f97f476b3ae3f409cad884c5d845c3837bc2a4c811e7b37469800b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: 4ETY0KA8PNK96QVS
age: 509764
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2398
x-amz-id-2: C6FNmelCU63MyhPn7AP5sGRyVquIqoM+fGe8JLwhXxcvJEw5JCB0gP1pVZsKss9P1FJ22x5AaGuQ0/+kjWAzFy666j0CKHikyyWOlRXUtqE=
x-served-by: cache-fra-eddf8230136-FRA, cache-fra-eddf8230022-FRA
last-modified: Fri, 30 Jun 2023 14:12:33 GMT
server: AmazonS3
x-timer: S1688676366.313955,VS0,VE1
etag: "441a9687cdaceb7f09aed32605652baa"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~350a662e.d8b4da397d9fabad0c1e.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
1 KB 29ms
24ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~350a662e.d8b4da397d9fabad0c1e.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

eb26135cb44e7336f3080f3302d3f2c9a7aae5b2d9c32e145371b8674af9b09a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: WSPXVD7KGP14Y676
age: 244298
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 756
x-amz-id-2: 7McbAg4OlqpWn4MKIgfVD2x3E6/ztZxRoy/ru5zcucgAnRwKDyhbH6VOUule8OXNJAphULHrVLU=
x-served-by: cache-fra-etou8220052-FRA, cache-fra-eddf8230022-FRA
last-modified: Mon, 03 Jul 2023 17:18:39 GMT
server: AmazonS3
x-timer: S1688676366.313804,VS0,VE2
etag: "e779d06d4ca135cffb02a1813b1224e7"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 runtime~videoHtml5.b250158d391641881230.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 7 KB
2 KB 23ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoHtml5.b250158d391641881230.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2b60df7f81a6d23eb48cb6085f8229dfaf06c32058b51bc4455686b6c1fe2692

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: 9151Q95D3BQR16XS
age: 665513
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2284
x-amz-id-2: FkWLAKAPx8q2+vt3N9X4BxGH+QS4Ybn+3R7TcwmKRNBpxq2CgF9bAlx9+yVAQnXj7bdtt0/InWw=
x-served-by: cache-fra-etou8220068-FRA, cache-fra-eddf8230022-FRA
last-modified: Wed, 28 Jun 2023 19:58:05 GMT
server: AmazonS3
x-timer: S1688676366.313129,VS0,VE1
etag: "c7f0f1da7215d41f3488371d09cbeb8b"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 vendor~video-html5-playlist~videoHtml5.627412c1c383e835744b.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 5 KB
3 KB 23ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~video-html5-playlist~videoHtml5.627412c1c383e835744b.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ffdae19c25b4f39b38f71be6c3806f06ae8b5083777526c1e0197ce035d9ecc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: 19T9XM2Z4HH36449
age: 250146
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2224
x-amz-id-2: UTV0t+TxRQ3J+hJEuQVYNhbKYMas/1YqkgPLlqmjxgSkAg5052ztl1BMIygEkHfI/0tPDBpyTeU=
x-served-by: cache-fra-eddf8230125-FRA, cache-fra-eddf8230022-FRA
last-modified: Mon, 03 Jul 2023 17:18:40 GMT
server: AmazonS3
x-timer: S1688676366.312643,VS0,VE1
etag: "9e61e0d6a06b7d643c5196ecd887f029"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 1

GET
H2 200 video-html5-playlist~videoHtml5.0b89aa4d43d367d4f730.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 48 KB
13 KB 29ms
24ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.0b89aa4d43d367d4f730.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f05e86e26132efc711e22cb1e368e3b715ed62f426ad5cc7cfdc8c9018d3920c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: 9JX30Y20KC1ZYSBF
age: 1316765
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 13430
x-amz-id-2: xQFNYzZUEb6k87TrKUQb+XxMpCw9pzkOVYwgvJOOOWoWtgJWyH3HA9+WznaLkSw73wAQhsiKlAM=
x-served-by: cache-fra-etou8220059-FRA, cache-fra-eddf8230022-FRA
last-modified: Wed, 21 Jun 2023 14:53:25 GMT
server: AmazonS3
x-timer: S1688676366.313359,VS0,VE3
etag: "6d17d97ecfd633bfbd31858d32b7e002"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 0, 1

GET
H2 200 videoHtml5.db25b1492c2d90a05277.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 11 KB
4 KB 22ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/videoHtml5.db25b1492c2d90a05277.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b14250a35ef7d8c65b7338c1fe48333f3bbfa18fd27d5b7e2fddc3356b341be7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: HJZ2H0R8RTXZYCBQ
age: 251976
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 3885
x-amz-id-2: m541a80SaUviMplKKPzqyxSTCKygZsVqsAv52SLpoH3HC1kIRb9hvxx4fPlUKMziNAq7gdFQ+Go=
x-served-by: cache-fra-eddf8230077-FRA, cache-fra-eddf8230022-FRA
last-modified: Fri, 30 Jun 2023 14:12:41 GMT
server: AmazonS3
x-timer: S1688676366.312976,VS0,VE2
etag: "0bcd80795e1cede0327a18cc7828b3c6"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 109 KB
43 KB 62ms
17ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbba3e5286391b858a98b4aec88f83f571ae14571dc522bfb9e60a86365fba00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43238
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 19:47:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jul 2023 20:46:06 GMT

GET
H2 200 183957-47751755686051.js Show response
js-sec.indexww.com/ht/p/ 47 KB
16 KB 62ms
21ms Script
text/javascript 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 20:25:55 GMT
server: cloudflare
age: 942
etag: W/"7637f8-bde7-5ffd752c768d6"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 7e2ab1f9ae325c6e-FRA
expires: Fri, 07 Jul 2023 00:46:06 GMT

GET
H2 200 runtime~trackers.72ff5fb7f8166ed35204.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
1 KB 29ms
24ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~trackers.72ff5fb7f8166ed35204.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d7fa261298e7430c764efe74a192a4bb2b3c975032be043c0402d23d800ca438

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: 53PXK3MCW6AEQ8SS
age: 162204
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1240
x-amz-id-2: I9cG2HzfLhfk+dd4pd8G3MgeOsFczB1lIlha7iRl+SfAM0PkzhPmhYGIjrEBVL/m2Gng+9D94NA=
x-served-by: cache-fra-eddf8230061-FRA, cache-fra-eddf8230022-FRA
last-modified: Tue, 04 Jul 2023 15:46:03 GMT
server: AmazonS3
x-timer: S1688676366.313384,VS0,VE2
etag: "28ce9e853d973730f3213e688dbbab3d"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 1

GET
H2 200 vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~926c15bb.d337c46a311ef1ea893d.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 39 KB
15 KB 27ms
23ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~926c15bb.d337c46a311ef1ea893d.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f9ac17e5056ae8a4164d00e94dfd41ec6ce77007750307aeac7027b5e3c1cd88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: KNV22JAP43QNW298
age: 1926620
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 14553
x-amz-id-2: Ofn3ubrEb+c+3jftZuFA/n7z7RTvdQSzf4xRz01Oakaz2RPkjcAH7l6llZh7QeBjLFnrxpRupwk1iMpe73MXZTOMlQUbWwLtFE4EE1PcS4k=
x-served-by: cache-fra-eddf8230127-FRA, cache-fra-eddf8230022-FRA
last-modified: Wed, 14 Jun 2023 13:29:26 GMT
server: AmazonS3
x-timer: S1688676366.312982,VS0,VE4
etag: "d827e84275dab4a888c25b2a22cbc17e"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~f851d9e2.3d32790debd1850b074b.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 10 KB
4 KB 28ms
24ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~f851d9e2.3d32790debd1850b074b.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3606128e5a967d8c1a65a3fb8c7ccd31c4e33e7202785b6fb08bc40d0d58a333

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: 3CX4JV7JQ7GQF9GD
age: 665513
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 3858
x-amz-id-2: jfsZad6yC6gau2YlABxKExEiqm18fJ/p1xN56rFa8/I/ngEERHeVSFGDjgCyzlfDCLJ9BOT8whQ=
x-served-by: cache-fra-eddf8230068-FRA, cache-fra-eddf8230022-FRA
last-modified: Wed, 28 Jun 2023 19:58:06 GMT
server: AmazonS3
x-timer: S1688676366.312517,VS0,VE3
etag: "437bda109020ce5060632f1e1b9a3c51"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~52931c5f.8ef2adb028013b849896.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 4 KB
2 KB 22ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~52931c5f.8ef2adb028013b849896.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c2f7899c0a8e661d6c5d3cf69a5d881a96ab41b1ca55c0345cefa2eb6c201b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: QVP4N6ZK5GKXX2NZ
age: 1925910
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1539
x-amz-id-2: uucZElr3x0U89e6RpvDkvvKWgm2eLcD29fY5cJiE3LHs1KAiSDT5NVZXjYC1lnIVbjLJTdUOdlY=
x-served-by: cache-fra-eddf8230059-FRA, cache-fra-eddf8230022-FRA
last-modified: Wed, 14 Jun 2023 13:44:00 GMT
server: AmazonS3
x-timer: S1688676366.312489,VS0,VE2
etag: "eecd449c2cd91fd5c5b824096c8fe32d"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 0, 1

GET
H2 200 vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~6893d9c6.578bad37503cae751ddb.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 171 KB
56 KB 27ms
23ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~6893d9c6.578bad37503cae751ddb.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

784fef805a86ae93619c99a80a9c103a142918b35c4b4cbca279c5c84f63f780

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: KNV7P8B7CH0N46G4
age: 1926620
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 56784
x-amz-id-2: QkSluGxppQg5EsQstBBPyMI94bsvig8EhVaww+8ruZ2QaTGSJMd5Hak7leKZc5O58GXFXFct4oQ=
x-served-by: cache-fra-etou8220105-FRA, cache-fra-eddf8230022-FRA
last-modified: Wed, 14 Jun 2023 13:29:26 GMT
server: AmazonS3
x-timer: S1688676366.318338,VS0,VE1
etag: "4a39fc951f790ff6d0093d47f874d4f2"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 65

GET
H2 200 vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~d75b4e01.5444802516c3947d50f8.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 3 KB
1 KB 30ms
27ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~d75b4e01.5444802516c3947d50f8.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9a35d743eaa74a2f3695de99372b81b9bcdc6212dd365d91ebf65cb2d569dfa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: X9GXQ6CZREC85A7K
age: 851523
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1037
x-amz-id-2: iNtL7xhRTU8JOiS5pWHp4rN90HtmTaU6IUS+m3whunjK0Y/BjLdQwqcSnfEUZnDZ0/eEAwa9BGM=
x-served-by: cache-fra-eddf8230024-FRA, cache-fra-eddf8230022-FRA
last-modified: Mon, 26 Jun 2023 20:58:04 GMT
server: AmazonS3
x-timer: S1688676366.320000,VS0,VE1
etag: "82a68aecb59f1ef1dc1db2cdae2bda2a"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 vendor~curatedHomepage~featureSwitchPageClient~frontPage~modify-commerce-links~renderThumbsModal~sea~f37cf8a0.88978f37716afab12513.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 22 KB
7 KB 30ms
26ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~curatedHomepage~featureSwitchPageClient~frontPage~modify-commerce-links~renderThumbsModal~sea~f37cf8a0.88978f37716afab12513.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9708fbfcf504ef77c5c4170d1e9db38c159049f8ab47d04f6a452e689cf696aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: ASHC7JZY6CH8MAQ0
age: 1449305
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 7001
x-amz-id-2: KqEj8zfCS+t2ShH+A34B8yCnh/hAVq/BvWfVo5sD1f6l4/5ZmnOIU6bHRryHzp0ae8hIJno1u4c=
x-served-by: cache-fra-eddf8230106-FRA, cache-fra-eddf8230022-FRA
last-modified: Mon, 19 Jun 2023 17:55:05 GMT
server: AmazonS3
x-timer: S1688676366.320625,VS0,VE2
etag: "01f64ef2b8592ef8b13bd1f3bfeba967"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 vendor~trackers.69cf1538d897182afb52.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 112 KB
40 KB 31ms
28ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.69cf1538d897182afb52.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5d50385df4d0eeacaa1052680bb97319104fd337934465e133a569999134ebe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: QT41NT8DB2BFKBDW
age: 231574
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 40230
x-amz-id-2: qiWexz3NbjcRJ0SWt05cYv1u3ZJRY2J/iAG0c5ISbmcxWytRWSDjREovRGmKPrnhzsD5PjT3qBI=
x-served-by: cache-fra-eddf8230033-FRA, cache-fra-eddf8230022-FRA
last-modified: Mon, 03 Jul 2023 18:28:00 GMT
server: AmazonS3
x-timer: S1688676366.322172,VS0,VE2
etag: "2dab96f60930147fbf60cf58f7511661"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 0, 1

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~4515a4d0.389c65f371311bb9daa5.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 13 KB
4 KB 32ms
28ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~4515a4d0.389c65f371311bb9daa5.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

59e7af66755d7261ec32618b4bae8b13e7fe8ac97df668baf7c8894e3c0f3c5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: GRB595P9YYH8QBT9
age: 587675
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 4158
x-amz-id-2: /nWcvf9dSOeoRprtFwJseqgDrRYtpbpmBm6dweNtZ5bKmjNLwHbn7vQ7/IAmqW7ARit2bDQeYGs=
x-served-by: cache-fra-eddf8230072-FRA, cache-fra-eddf8230022-FRA
last-modified: Thu, 29 Jun 2023 17:12:46 GMT
server: AmazonS3
x-timer: S1688676366.322994,VS0,VE1
etag: "886c5de9ce5754c4d1f8f7af3a380d6d"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~772cc8f0.48fee4aa0127d5de814e.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 59 KB
15 KB 36ms
33ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~772cc8f0.48fee4aa0127d5de814e.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e0db4555f7d3b48a9b05e3dc7cd80b28a427748df5c1dc9283a3f7f392096b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: 67ZG8YMYBNAA39CJ
age: 217314
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 15220
x-amz-id-2: IiHHd28H4dunvT3nId56krlIhGxD340iZiQ7uF703rYufQ+Cp+3FTZPYX464/T9LS7CcR2CXM9M=
x-served-by: cache-fra-eddf8230037-FRA, cache-fra-eddf8230022-FRA
last-modified: Fri, 30 Jun 2023 14:12:33 GMT
server: AmazonS3
x-timer: S1688676366.323459,VS0,VE2
etag: "a16a5c87c8df0f139561fb909ca222a2"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~21c6822b.f981a41d3c8712b888a0.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 193 KB
58 KB 33ms
30ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~21c6822b.f981a41d3c8712b888a0.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5514cf4529d67dc343c9eae581094d7047abb3a41511cf3132a379a4d54c8620

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: 2VQKMBT14KKPRCCG
age: 235604
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 59497
x-amz-id-2: rVgKfCRnhXTjsOhmTFLHe27nXck+Eh0bTw1RmN6Ir2Uly622Wzrq6+TmHF8VcdkMUEeNeMldNyM=
x-served-by: cache-fra-eddf8230093-FRA, cache-fra-eddf8230022-FRA
last-modified: Mon, 03 Jul 2023 17:18:34 GMT
server: AmazonS3
x-timer: S1688676366.323010,VS0,VE2
etag: "79dd90e1df7d3db39d3989932793748a"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 0, 1

GET
H2 200 carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.f2ec6a30df72e578aac7.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 15 KB
6 KB 38ms
35ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.f2ec6a30df72e578aac7.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

76a9eb24800c88f860a57dca4cc55199fc51d2a8d1a023515d24c8bfbb63d007

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: QBZ81V5EQNV2HVTN
age: 229567
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 5575
x-amz-id-2: JUOuDHYI6lnWVfKJ/4V3wiOK+pU0Bqy697NaYzbMgFBSNBnY6Dtjl9smFtoQFczhhv/aXsd2q1Q=
x-served-by: cache-fra-eddf8230117-FRA, cache-fra-eddf8230022-FRA
last-modified: Mon, 03 Jul 2023 18:27:54 GMT
server: AmazonS3
x-timer: S1688676366.325614,VS0,VE5
etag: "c4b264642d8581200573733a3b0c64bb"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 trackers.c0fd02569f5f9d6747ac.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 9 KB
3 KB 37ms
34ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/trackers.c0fd02569f5f9d6747ac.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bd92594712c334e6e6a5a93562f0bcea353c61519de68582617557030606d8df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: C804XXK8M5VC0J10
age: 1827386
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 3021
x-amz-id-2: J/p79hKEYVtvQFhvGQaP2GTUOycV3FvC0NlTtjjo7bMgb2/KNBCivx+2dewg13aAnXw/Zna2Zb0=
x-served-by: cache-fra-etou8220023-FRA, cache-fra-eddf8230022-FRA
last-modified: Thu, 15 Jun 2023 17:03:05 GMT
server: AmazonS3
x-timer: S1688676366.327693,VS0,VE3
etag: "d9ac08107c833a9c4ae2fd0e0a531f0e"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 0, 1

GET
H2 200 runtime~curatedHomepage.7a89ff827308ca067e76.js Show response
x.kinja-static.com/assets/new-client/ 28 KB
6 KB 248ms
240ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/runtime~curatedHomepage.7a89ff827308ca067e76.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3a01c26208e2c52b9e6ed8133826b5a81d490e8a79ca6210e4e149115b9f9041

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: AMN05ZYR7FR84Z93
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 5461
x-amz-id-2: os8YBhbduQjIk66Guuv806aBtY+ULcbKkJYZaPhsGH3tAObgd/NVWGV4B89F6CNifWYFD/0SuI8=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Fri, 30 Jun 2023 14:12:38 GMT
server: AmazonS3
x-timer: S1688676366.334184,VS0,VE213
etag: "7de9863e77fe8e3e0db97d0b2b77080f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~adEditor~biztoolsPage~celebrityPage~channelSectionPage~commerceDashboard~copy-to-clipboard~cu~2bc87e96.ad2bb9015a71069a6d14.js Show response
x.kinja-static.com/assets/new-client/ 119 KB
33 KB 41ms
33ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~adEditor~biztoolsPage~celebrityPage~channelSectionPage~commerceDashboard~copy-to-clipboard~cu~2bc87e96.ad2bb9015a71069a6d14.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f99e5595a10069d77e724d624731811712b1a813f8a2e11959a6fd5e84f39ef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: TH7ZVTFVE50XS63Y
age: 33
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 33731
x-amz-id-2: L3/fpevjBgOQnqFeMxCk1ZFsrMG2f00f5dtTpl7y9l/5R1cy4pxtr8e7Cante1t8yonPU1yxi8U=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Tue, 20 Jun 2023 21:34:12 GMT
server: AmazonS3
x-timer: S1688676366.326223,VS0,VE12
etag: "fbb8523ae96be4b80880fd2dcf4a164f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~PlaylistCarousels~YMALModule~adEditor~biztools~car-comparator~car-selector~car-shopping-widge~39575bc1.d29fd6d0776e4f3b8ab6.js Show response
x.kinja-static.com/assets/new-client/ 5 KB
2 KB 40ms
32ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~PlaylistCarousels~YMALModule~adEditor~biztools~car-comparator~car-selector~car-shopping-widge~39575bc1.d29fd6d0776e4f3b8ab6.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ada00969c963d3c65e6a66c9f1d212a00edfbf207003cf518d4a36d3a827d720

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: GGQKMT95G24FGXRC
age: 23
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1684
x-amz-id-2: N0SpMHqwjV/gJAjZ5RpB9jdr9312W2lcGTfQdbk+h2hLPR69KwDSK9uJ3ihXprL8/SZtAgaabgk=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Tue, 04 Jul 2023 15:28:23 GMT
server: AmazonS3
x-timer: S1688676366.335377,VS0,VE2
etag: "2418fb0fdc408c28d24ed1544371fc94"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~curatedHomepage~frontPage~modify-commerce-links~searchPage~tagPage.61d2c100b52672ab7ba5.js Show response
x.kinja-static.com/assets/new-client/ 18 KB
6 KB 42ms
34ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~curatedHomepage~frontPage~modify-commerce-links~searchPage~tagPage.61d2c100b52672ab7ba5.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ee5ad8d0cb9457a5eb1a90dc1cdadd6de8ad54025f9974de7bf0d5e0835a2636

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: YAAZB2S8ZNRV0N25
age: 71
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 6350
x-amz-id-2: gfvL5HdsXjeSjVk/qI9w+7fAXp8eJMZmHcy9TH1EDmEt4YCSY/2gOTfgOQTo7/gcnM3epcabWNM=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Fri, 30 Jun 2023 14:12:40 GMT
server: AmazonS3
x-timer: S1688676366.326285,VS0,VE14
etag: "886202647e87fad84877530658f06e77"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~curatedHomepage.69a7cf82b82d70603014.js Show response
x.kinja-static.com/assets/new-client/ 4 KB
2 KB 39ms
31ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~curatedHomepage.69a7cf82b82d70603014.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

94e99199dff89e774809eaa578147853c4bb31d61beb5f0f399f1f90b8ee3afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 2ABRHJVSFVDM6YG2
age: 59
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1453
x-amz-id-2: FUQW0q7B77hmpmetUjQU4Oj+jbLZZyytftaHQhI6X7k5iY8a9mYg7w45DC5ETi2a+Aik9TAX1f2bqdHq0vqPfw==
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Wed, 28 Jun 2023 19:58:07 GMT
server: AmazonS3
x-timer: S1688676366.333825,VS0,VE1
etag: "d43cbbc6eea3d325b30f9d4b79f0ad21"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 PlaylistCarousels~biztools~commerceDashboard~curatedHomepage~curatedPostsPage~getPopularPostIdsForNe~4848954a.3032796338b331f1f90c.js Show response
x.kinja-static.com/assets/new-client/ 12 KB
3 KB 40ms
33ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/PlaylistCarousels~biztools~commerceDashboard~curatedHomepage~curatedPostsPage~getPopularPostIdsForNe~4848954a.3032796338b331f1f90c.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ef2b19a73e5069a088c200039373a36809766d7218500637eadbf2b5e9ef82a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: WYQF6W4K24ANFTKD
age: 2
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2966
x-amz-id-2: 1A1BE3bjdlsmNV442s94amJCR8TKrNTce/TkeZvpmlilGFBB67tciPHE7rliKFli4CApSFZ3Qck=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Mon, 19 Jun 2023 10:52:59 GMT
server: AmazonS3
x-timer: S1688676366.335747,VS0,VE2
etag: "0cb01e4b467666ecbdd3a3aa8cf6cf25"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~e1c975cd.7846bf181ff872770908.js Show response
x.kinja-static.com/assets/new-client/ 6 KB
2 KB 21ms
19ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~e1c975cd.7846bf181ff872770908.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13b7b03fcc0adfe09c66efb7b34a00d17280c1feaf09d482dfb130e1f24fd230

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: NNBZ1WJJ8K2FVM1Q
age: 111
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1718
x-amz-id-2: 8BOMePRl5Dt5uFGboDksSaQqmZWSijOeggjOktCZuqCTTuLSj2QHTZ+O+upZNfPLy+FkILa+5HA=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Mon, 19 Jun 2023 10:52:59 GMT
server: AmazonS3
x-timer: S1688676366.357256,VS0,VE3
etag: "948aa45104d44a32399b08ba9da4fab0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~b736a20a.d6ed875b3cf43d18a127.js Show response
x.kinja-static.com/assets/new-client/ 56 KB
12 KB 20ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~b736a20a.d6ed875b3cf43d18a127.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

faf7b11d2e97e87484a2a2af9df8f5f9dcf59a2f7b0aa2b5c21f01c06eeb9123

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: JZ352AZ8S7XK4280
age: 44
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 12107
x-amz-id-2: 5UtIIZmACZWzLWmXYRyMn+y67ik/pu0ThBoDUKZz5S5tnQTroCRF15arPJCS4fJp8d6ySZANWcA=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Thu, 29 Jun 2023 15:45:30 GMT
server: AmazonS3
x-timer: S1688676366.357648,VS0,VE2
etag: "19e59515b7999c0e3c4123a65cfc6bc8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 curatedHomepage.39aeb2a7e7d4ee7651a4.js Show response
x.kinja-static.com/assets/new-client/ 69 KB
15 KB 220ms
218ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/curatedHomepage.39aeb2a7e7d4ee7651a4.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8dd162665b0172c5538f697e6126a73826b8ab7fcdcbefcb95d41015923d399

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: KR1XPSQJWVREBQHG
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 15565
x-amz-id-2: 6KpXDWqeVPVCy5kpNYJ+vlLgIK8o+vstHF0pVvR0cIuU8OE0YLP7WQd+ZtC3opInUUNe18rV60o=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Fri, 30 Jun 2023 14:12:34 GMT
server: AmazonS3
x-timer: S1688676366.359704,VS0,VE201
etag: "b014db9f0e2482ea2dd56fbbd001c15b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 runtime~taboolaLoader.683b559fe2d66b7544b6.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
1 KB 37ms
35ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~taboolaLoader.683b559fe2d66b7544b6.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d3e6ff2649ac9a0611e35d957b3a5b693d0efb3a53c2ebe79e990f178a7e5768

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: HM277G6RMA5TJ2Q0
age: 1316746
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1220
x-amz-id-2: SaTFff9wWkX9c7UR+5Hx0BXok5txtscC4ZyVI/MNJhSxszkBF5lxxnaoqfHfC0WLStO/DoHiK+I=
x-served-by: cache-fra-etou8220034-FRA, cache-fra-eddf8230022-FRA
last-modified: Wed, 21 Jun 2023 14:53:23 GMT
server: AmazonS3
x-timer: S1688676366.327255,VS0,VE4
etag: "831d5c285111156a63ab4d5bd231daac"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 0, 1

GET
H2 200 taboolaLoader.32d140250012b0d009b0.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 13 KB
4 KB 35ms
34ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/taboolaLoader.32d140250012b0d009b0.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e0bfcf56f669a44a6ae33bf13de405eb4ef6c457a3dbd95766646c61b8e9e4d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: V7YH4XAPF2CQP4MW
age: 94583
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 4046
x-amz-id-2: MBl9fM+Cg6+XXsdJJcylzjBHtTPeaYnWOcExp9FLlpNi285q1hDyIFiKAW2t5QYhxbrOA1Qsssg=
x-served-by: cache-fra-etou8220065-FRA, cache-fra-eddf8230022-FRA
last-modified: Wed, 05 Jul 2023 18:27:16 GMT
server: AmazonS3
x-timer: S1688676366.325819,VS0,VE1
etag: "bb58a0f30d3655857a9808c11196ad78"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 ad-units-default.84bc96545096a383a705.js Show response
x.kinja-static.com/assets/new-client/ 15 KB
3 KB 19ms
19ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/ad-units-default.84bc96545096a383a705.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.56d264d17892de6da910.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

99b3945ee463c44d7623809fd1e888d0eaa1d8810e526ef517a114ea61c33e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: SQC2GB9CZ54K9QSY
age: 85
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3173
x-amz-id-2: h3ll1iBlRp65mmH1xpRfMj8WssG3zQpdE6deYeo/aAOZMjTlNMfXoJS0W1HRqkM1q47uqtNm5ok=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Mon, 03 Jul 2023 15:11:41 GMT
server: AmazonS3
x-timer: S1688676366.359760,VS0,VE1
etag: "e9b62b434c1a36edebbe87a5399b179d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 display-theonion-desktop-config.c3ea742a568e1952e8fd.js Show response
x.kinja-static.com/assets/new-client/ 11 KB
1 KB 20ms
20ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/display-theonion-desktop-config.c3ea742a568e1952e8fd.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.56d264d17892de6da910.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

622fb51880ca649d2bec903515a6ce45ceb17a8b146b38f1909f08cc96874c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 6DF1ZY4STY3ZGHV0
age: 104
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 919
x-amz-id-2: ydoU8cefqeW3ofhjN4lXyc0vUy+eibK/qK/NRtayPgYIuu5v+mkZjkVTVUZpCPZQmL128NMJo5k=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Tue, 20 Jun 2023 20:55:37 GMT
server: AmazonS3
x-timer: S1688676366.360441,VS0,VE2
etag: "9468c3e024d25849ffa665f5a086c9cb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 236 KB
58 KB 52ms
8ms Script
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/adManager.2be677965c51e7deea78.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:35:12 GMT
content-encoding: gzip
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 21:03:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 655
x-amz-server-side-encryption: AES256
etag: W/"9352f20e556bff9fea6fd0461aac850d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: lV5nzLXBFx-0OgOVwXUr6f8l8vThrWXKwxP2YJXosMaA-yWQvMF-Aw==

GET
H2 200 prebid-js-prod.8b5ec702998cef0f1ae7.js Show response
x.kinja-static.com/assets/new-client/ 409 KB
103 KB 20ms
20ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.56d264d17892de6da910.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

585d23402652cfcdc7be363aef1ad5da2198dbe35abf449f4ae259903fc87aa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 61QX6B6X4CPFTWKJ
age: 84
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 105004
x-amz-id-2: Ao2bKOG/B9/Bd2tuheje+kNbAErpQnKid2wXNG8MoUw66hf5IkzYVkT0Z8Fe53Fso751jsfIjYw=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Mon, 03 Jul 2023 18:27:57 GMT
server: AmazonS3
x-timer: S1688676366.372440,VS0,VE12
etag: "6f577e085753f0c1c0cc233ccebd2546"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 344 KB
119 KB 60ms
21ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.0b89aa4d43d367d4f730.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02e7535563110e913669c43b9233db020deb9a4b0eaff84ab9de1b55b8ad21c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121444
x-xss-protection: 0
expires: Thu, 06 Jul 2023 20:46:06 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
440 B 62ms
15ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 pid Show response
www.theonion.com/api/magma/veritas/ 40 B
866 B 147ms
145ms Fetch
text/html 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/magma/veritas/pid?cb=1688676366428

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.69cf1538d897182afb52.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

301be8128b5a0ecfb0b6eef6f5b9b4c67d5395c1b7f24927612f58d4cc465501

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-kinja-server: kinja-magma-kube01-5567bcc8b4-wdvkd
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
date: Thu, 06 Jul 2023 20:46:06 GMT
x-kinja-gdpr: true
x-kinja-build: 4224
x-powered-by: Express
x-cache: MISS, MISS, MISS
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja: kinja-magma-kube01-5567bcc8b4-wdvkd #4224
x-cdn-fetch: mantle-nocache
content-length: 40
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200171-IAD, cache-iad-kiad7000032-IAD, cache-fra-eddf8230022-FRA
x-googlenews-bot: false
x-timer: S1688676366.433359,VS0,VE137
etag: W/"28-OckiX+LNB7MXJh8EL9wrZCf7NRg"
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location
content-type: text/html; charset=utf-8
cache-control: private, no-store, no-cache
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-kinja-revision: cb47241b1bbabf279759659d5a15604627c5565c
x-cache-hits: 0, 0, 0

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://kinja-com.videoplayerhub.com/gallery.js
https://btloader.com/tag?h=kinja-com&upapi=true

16 KB
7 KB

77ms
28ms

Script
application/javascript

2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=kinja-com&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e1fc7f0dc2753b94100eb0102879325412ba3f4b999b85656de2495c3403437

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 19:53:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3164
etag: W/"f0ba1f06c204007a8516768a5ef1ff1e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ozaegt4G2EpXeRjr1Jfpc6W63l3%2F2UwPdkpU71aELWVL3W8tIRXIXDpWXUz6N3Lew5McTI79MkM4K8kHOnjxEKHFJamp4BDi2P88hyXGEML8xrERupt0LZBO3u687GgWVJn3U0PGAF2Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7e2ab1fbc9bf3a72-FRA

Redirect headers

date: Thu, 06 Jul 2023 20:46:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGkzHAyq2L2LA0vJN%2BSTSIlI0EhPJ4MW6GkB72CGSWZyL8nBsPT%2Fc8Be%2F0lK6wBKSspvuAaxrR8EMQCosuSOvJl%2B5%2Fc6cq9%2FSnyLsU1k5oUqXScgsQTsxGkCTP0xqe1%2FGPGikB5RZT9evq6y2FF5K9bFCQizyaP8qRM%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=kinja-com&upapi=true
cache-control: max-age=3600
cf-ray: 7e2ab1fa7a0c18cf-FRA
expires: Thu, 06 Jul 2023 21:46:06 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 43ms
7ms Script
application/x-javascript 2600:9000:2057:c00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/trackers.c0fd02569f5f9d6747ac.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ca578004c17a038ab0b78306e6bf07a05fd2f4617cd4d2c9b774ef09b796a1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:38:36 GMT
content-encoding: gzip
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 00:35:23 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 7650
etag: W/"649b804b-9482"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 9gBALit50Wpzwf7LtfljFGc1bYQgdNoUn7eEyTSmbA9PQA577PHgWQ==
expires: Fri, 07 Jul 2023 18:38:36 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
261 B 113ms
34ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Jul 2023 20:46:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 roboto_condensed_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 15 KB
15 KB 8ms
8ms Font
binary/octet-stream 151.101.2.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_bold-webfont.woff2?11012022

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: F8YBVGY8ZQ22QB7C
age: 71
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 15660
x-amz-id-2: BhlJN2rM7JzItJn/PGiwawjgfeCjNIjVZhVXsk1e5y0YRX3MbFURDrBpztsnLM0U3XSsElr+H98=
x-served-by: cache-fra-etou8220105-FRA
last-modified: Fri, 13 Jan 2023 15:40:57 GMT
server: AmazonS3
x-timer: S1688676366.439443,VS0,VE0
etag: "d7b0b953a50fddaa88089b5b787cf719"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 roboto_condensed_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 15 KB
16 KB 10ms
10ms Font
binary/octet-stream 151.101.2.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_reg-webfont.woff2?11012022

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: ZPD6HJE46TCZTVYQ
age: 83
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 15700
x-amz-id-2: gNTb+dOgEsiyN86xu4flhjHu0+ps/72/5ReD0WyhA3xGgBajZzcFu/Dvt9letJg6ha8T7jjG9S8=
x-served-by: cache-fra-etou8220105-FRA
last-modified: Fri, 13 Jan 2023 15:40:59 GMT
server: AmazonS3
x-timer: S1688676366.440714,VS0,VE0
etag: "3d7f7413fca69bff4d231ebdc50aaab0"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/ 18 KB
18 KB 9ms
9ms Font
binary/octet-stream 151.101.2.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 6QD4HZ02QKAYJEE4
age: 104
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17984
x-amz-id-2: /nLI+YlfZt8WKcs3SfLvNh36ITmFfDLgjjnpucI7l7KzkagaDUK3cRzaMxYvvK2/CIKZOweAiX0=
x-served-by: cache-fra-etou8220105-FRA
last-modified: Mon, 26 Jun 2023 20:58:11 GMT
server: AmazonS3
x-timer: S1688676366.440706,VS0,VE0
etag: "0518781cd45a71291d17ea1febfcc5fe"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 204 any Show response
idx.liadm.com/idex/ie/ 0
313 B 315ms
94ms XHR
text/plain 34.202.96.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/ie/any

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.202.96.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-96-43.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 06 Jul 2023 20:46:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
trace-id: 12948a13087252da
vary: Origin
request-time: 1

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
168 B 334ms
112ms XHR
application/json 35.153.244.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=GOMEDIA&sv_domain=www.theonion.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.153.244.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-153-244-124.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 06 Jul 2023 20:46:06 GMT
access-control-allow-credentials: true
server: nginx/1.22.0
content-length: 2
vary: Origin
content-type: application/json

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
361 B 58ms
16ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
391 B 105ms
31ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183957&gdpr=0
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: c637fabda58ca7067854d523264eb30cfdfc9404d1f51cce07acaa9e059bc884

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 05 Aug 2023 20:46:06 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
369 B 60ms
15ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 194 KB
65 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3aa1129389e7bca9cfb0a6cda8a806c0436ef5f06fcaf31d973838afe7c90763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66090
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 19:47:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jul 2023 20:46:06 GMT

GET
H2 200 b-e09f10f-4415d417.js Show response
tagan.adlightning.com/gomedia/ 77 KB
29 KB 20ms
19ms Script
application/javascript 99.86.91.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-43.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 895fe95f9252951d1b3acfba50546376d3224bb5a19fa40df3be17e6571e844b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:27:04 GMT
content-encoding: gzip
via: 1.1 54ebf0a06ec7306301fb9a98086cc9b0.cloudfront.net (CloudFront)
x-amz-version-id: W1DH6jDxNN9jfL9k8Lwxuy3R7DRroyh6
x-amz-cf-pop: CDG50-C1
age: 2693943
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29341
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:51 GMT
server: AmazonS3
etag: "2bdbd3c490a4d678a49da1f2123b95f8"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 9WhmCjsbBmLDeO12t4jTi0OecpjUapTHwYYXbDZ5y_e0CtkfC2AWDg==

GET
H2 200 bl-1e0054c-47c7dd8d.js Show response
tagan.adlightning.com/gomedia/ 54 KB
22 KB 25ms
25ms Script
application/javascript 99.86.91.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/bl-1e0054c-47c7dd8d.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-43.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d95a4a0e34ef500228195f037935247d0264982293d1c7f36319bf9be0314fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:06:16 GMT
content-encoding: gzip
via: 1.1 54ebf0a06ec7306301fb9a98086cc9b0.cloudfront.net (CloudFront)
x-amz-version-id: lhuRKlOl6d7.ioYTakPw13ZupByGXs3t
x-amz-cf-pop: CDG50-C1
age: 2391
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22385
x-amz-meta-git_commit: 1e0054c
last-modified: Thu, 06 Jul 2023 19:31:24 GMT
server: AmazonS3
etag: "cf4db5267fc04f53ed83d67a68cbd91c"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5hUZLA29Pc8Pq2pNu5GvhQZP9U9W4OySafsCAju9vZ_vTfuCowIrHA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 937 B
1 KB 8ms
7ms XHR
application/json 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3076&u=https%3A%2F%2Fwww.theonion.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: Server /
Resource Hash: d7d8eda923854d45e87c11183868b806aff279a82906f1226d8752793a17ab67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 16:23:40 GMT
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 15745
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 937
x-amz-cf-id: Q49WflKijsXhWu2-ZkbxbwpADShpQ903BiKvsHWNIX2l2IqDX1SeGA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 25ms
8ms XHR
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 04:34:50 GMT
x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 58277
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: xCELo9NFsu_SW_HbVUpMqiuUIjlpPuYWmL-YefqLhVv27hR39Rfq_g==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ 392 KB
125 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 13:24:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26490
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127514
x-xss-protection: 0
server: cafe
etag: 13498126467117012333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 05 Jul 2024 13:24:36 GMT

GET
H2 200 bridge3.579.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4912 711 KB
227 KB 8ms
7ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.579.0_en.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06a4f350efd2f7070d82b804276d816dee436bc13c2d5cdd33960892090dbd17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 232615
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 20:21:11 GMT
expires: Fri, 05 Jul 2024 20:21:11 GMT
last-modified: Wed, 05 Jul 2023 14:52:34 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 62ms
24ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 20:46:06 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 15ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1026140388&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABFAQCACAAI~&jid=780252529&gjid=644185195&cid=1861076189.1688676367&tid=UA-223393-1&_gid=568724064.1688676367&_r=1&_slc=1&cd34=none&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=frontpage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=frontpage&cd134=1&z=934882466

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 14ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1026140388&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABFAQCACAAI~&jid=1228330394&gjid=1940505370&cid=1861076189.1688676367&tid=UA-142218-33&_gid=568724064.1688676367&_r=1&_slc=1&cd34=none&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=frontpage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=frontpage&cd134=1&z=711452134

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 292ms
93ms Image
image/gif 54.237.67.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=theonion.com&p=%2F&u=C2vEUqCbjnhsBh0bv&d=theonion.com&g=3012&g0=www.theonion.com&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6069&o=4000&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.theonion.com%2F&b=251&t=DVFdFMDqBibuR88KvBZ0-S7DjdeXS&V=140&i=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&tz=0&sn=1&sv=CI8mdjDpSm_eCPNlQBnAtz_Df1fIZ&sd=1&im=067b2ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.237.67.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-67-213.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 iframe-communication.b8862d0cd27d574861d9.js Show response
x.kinja-static.com/assets/new-client/ 3 KB
2 KB 12ms
12ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/iframe-communication.b8862d0cd27d574861d9.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dbca21de82ba69b1bc23cd1c49721d7b763db98007a74397ad196d494e552f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 4JKJ75ME3YP4GJAD
age: 23
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1218
x-amz-id-2: vrdvGOJ1uCqUK3OPCHn43LIPLSpM/ZU9QkZvOvJq5Q/aOzukB1SI+46RU04kckucks2eqtNG2hQ=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Mon, 03 Jul 2023 18:27:56 GMT
server: AmazonS3
x-timer: S1688676367.823371,VS0,VE1
etag: "aa0ce04290e2a01380cb9b1ab0a85b3f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 next-video-loader.52fcef726656f77c0916.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
933 B 9ms
9ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/next-video-loader.52fcef726656f77c0916.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1f297ca895bee5b30265c620eaada3bdd3834bd59c2c4300c952106f09784b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: WBE3BVNJ9NECJVYV
age: 85
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 708
x-amz-id-2: DDdTow1b+XmM1BEmQ51sH7rG2s9Fs9/UuAXoKHvjU+2buPi+CBY6eyzOy3ou+w8LRYCXOeFjjRE=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Thu, 29 Jun 2023 17:12:49 GMT
server: AmazonS3
x-timer: S1688676367.826795,VS0,VE1
etag: "f7257fabfe21786503451a5a3d862d71"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 adEditorComponent~api-video-meta~feed-stream-load-more~getShowBrowserData~in-article-selector~render~352baa22.6071083b0d296c14c828.js Show response
x.kinja-static.com/assets/new-client/ 7 KB
2 KB 10ms
9ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/adEditorComponent~api-video-meta~feed-stream-load-more~getShowBrowserData~in-article-selector~render~352baa22.6071083b0d296c14c828.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

73e0b4849267d52ad5b7ec2770d92fb24b85b127aa7ae835700f6d5d0e755c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: GV6PFCKHV2G5X0V4
age: 62
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1899
x-amz-id-2: U+cmrJA1tVMOLLVFbazn6DSFUdjC0raV6CMAAWB7dnMX2K+S7pMu4ZlldYRInSG360t48wwJTKQ=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Tue, 04 Jul 2023 15:45:58 GMT
server: AmazonS3
x-timer: S1688676367.827140,VS0,VE1
etag: "5cf61bd843998ad94ef5b09e6853d38b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 api-video-meta.0f24c8b17bc45e467906.js Show response
x.kinja-static.com/assets/new-client/ 5 KB
2 KB 10ms
10ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/api-video-meta.0f24c8b17bc45e467906.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a7ebec103c04aedd9c1b8e8136c0afc3d979b46c8d1cc92f8a4a9ea62dc6f3aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: SJE7VST2RN8P1KHF
age: 85
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1699
x-amz-id-2: f6ZQX/z2X3pSWivPWKUuwZhPZ0BMxdfiQubvflydEMeW/SqNXy1COxRS1E7q25iLf7Pb7Ijq14o=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Mon, 26 Jun 2023 20:57:58 GMT
server: AmazonS3
x-timer: S1688676367.827046,VS0,VE1
etag: "7dff80ea9d7a867ec9f469e1ff8843e5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 236 KB
73 KB 85ms
21ms Script
text/javascript 52.84.174.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.174.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-174-45.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding: br
via: 1.1 3ef764497246fd6dbe77cf02e99dc95e.cloudfront.net (CloudFront)
date: Thu, 06 Jul 2023 10:31:35 GMT
last-modified: Thu, 08 Jun 2023 08:56:13 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P1
age: 36872
x-amz-server-side-encryption: AES256
etag: W/"a23e5e8674928ef24c6825d63b8d2927"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: GQ0CG7Gx7ipByQUQf_csnbQkiuM8VWZGhUx2Uv9fNYO9NfMh6M7GzQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-223393-1&cid=1861076189.1688676367&jid=780252529&gjid=644185195&_gid=568724064.1688676367&_u=aGDACEAAFAQCACAAI~&z=870702966

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 06 Jul 2023 20:46:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-142218-33&cid=1861076189.1688676367&jid=1228330394&gjid=1940505370&_gid=568724064.1688676367&_u=aGDACEABFAQCACAAI~&z=292005464

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 06 Jul 2023 20:46:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 165ms
132ms Fetch 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 06 Jul 2023 20:46:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
336 B 55ms
18ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 827871
x-guploader-uploadid: ADPycdvro_DwRxT_Br0Skpvaw8cpnJbx6bo-pAn6xAmjgFTsIdShyUilOSMOPi8r905kHylNuwuT1giagd7eelg0YwsAFQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdOlEdICA71kkp%2FMglXUEBexIH17fTHbmxMmFDu9AMz7H2Tyn7fuVgJL9A2espsFaAc1vU3aZXWnGhs8xh%2BMJEUZz8YUN16ybqrwv7YcXQNh7ElyTW00leCo82gL5uwbQpvyULMFENqriY84Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7e2ab1fd6a9c1917-FRA
expires: Tue, 27 Jun 2023 07:08:31 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 47ms
8ms Image
image/x-icon 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 15:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20450
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 15:05:16 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
927 B 53ms
17ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.6625724009806617
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 827871
x-guploader-uploadid: ADPycdvro_DwRxT_Br0Skpvaw8cpnJbx6bo-pAn6xAmjgFTsIdShyUilOSMOPi8r905kHylNuwuT1giagd7eelg0YwsAFQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FtsYcqohF7KykXzu9XF5JrjARhNbjdsHtauf7GZ8sDM%2F8e4DT92xQdPN2pFr58GvonFk5l%2BSSa6XyQYZrUoHFxMg2IMYzMv7sJ9k5bdSYtbg%2FIOFk4DLkhd2hi9ltcIQlpsqLA8U61EiUL2Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7e2ab1fd6a9e1917-FRA
expires: Tue, 27 Jun 2023 07:08:31 GMT

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
487 B 63ms
33ms XHR
text/plain 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=365217&u=https%3A%2F%2Fwww.theonion.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFN4ftfzRAL23aI%2B7oheO4YIeTh5fAWNGTS%2BCwPPfyBwW61pXt%2Fqi8y0StgEm0GDKEEtUYCTttPCiRXa5F9ynhYPKYyLcz6%2FrL%2FesSMSl1VlW6J6Gx5FIDyBW8vQ3Qavy64Gv%2FPe3DU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7e2ab1fd6fec36dc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 ad-manager-bulbs.c463ea05828bf41db59b.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
1 KB 9ms
9ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/ad-manager-bulbs.c463ea05828bf41db59b.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5e7e337e9b90ce3eae8fb267bbc624428a3d3e24b01f093176ad8790727e9e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: DWH9Z9PVREDX5BC4
age: 63
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 887
x-amz-id-2: n1lpxxds8Wl18IiD8mlUAmXGIKhrUBeynPuILKPvpjj4x3kx9A98Xe8tU0CDhviMbR/hxrYrw9ffUy3beJIgsQ==
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Wed, 28 Jun 2023 19:58:01 GMT
server: AmazonS3
x-timer: S1688676367.931461,VS0,VE1
etag: "32650a844aaef4cb5374896e9bb83f0d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 131ms
74ms XHR
text/javascript 18.155.122.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=pRSvh9iA7jdBD&cb=0&ws=1600x1200&v=23.612.1758&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-2%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_top-banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.155.122.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-155-122-7.cdg52.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 7942de46d7f690659dee238fe5cd2d32.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG52-P4
x-amz-rid: NJ1MPXST85FW1FCRQQR3
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: vTxCul5r80luAMLFnp-ilJzYlW54JWsCk3lmUNeJSqzrgpa3BUqF2w==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 115ms
77ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jun 2023 05:28:55 GMT
server: nginx
etag: W/"649d1697-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 07 Jul 2023 20:46:06 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 72ms
32ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-142218-33&cid=1861076189.1688676367&jid=1228330394&_u=aGDACEABFAQCACAAI~&z=1134711618

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 71ms
32ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-142218-33&cid=1861076189.1688676367&jid=1228330394&_u=aGDACEABFAQCACAAI~&z=1134711618

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
11 KB 36ms
8ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?66
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:18:41 GMT
content-encoding: br
age: 1646
x-guploader-uploadid: ADPycdt9-U2GrK1yh1Q44G02WcXlLX28VX10cwqvkFHIKbE2Bq6RB7IxYkXT9AfD6EWJ7iIGvD3AFEggJrB0kQ2lt48s
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10525
last-modified: Mon, 10 Apr 2023 17:13:24 GMT
server: UploadServer
etag: W/"b0965f051977c0dd95ffe2c736cac352"
vary: Accept-Encoding
x-goog-generation: 1681146804366265
x-goog-hash: crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type: application/javascript
cache-id: FRA-fa985ced
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: none

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
88 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f2db95e84c8d236a15663beeb17fd4d6366b57861ad84e83aceca122e614fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90037
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 06 Jul 2023 20:46:07 GMT

GET
H2 200 gomedia_015a5_the_onion.js Show response
cdn-magiclinks.trackonomics.net/client/static/v2/ 95 KB
28 KB 58ms
8ms Script
text/javascript 2600:9000:2240:5000:1d:8c8c:47c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:5000:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash: 5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 03:58:23 GMT
content-encoding: gzip
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jun 2022 11:07:33 GMT
server: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
x-amz-cf-pop: FRA60-P1
age: 60464
etag: W/"17c61-5e21b75e9e639"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-id: XGjPDJO2rkWKfQZ2rdYVQXk_pHtkA8jr2ULWjzf0powRc6rxpcoMBQ==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 299 B
534 B 144ms
66ms XHR
application/json 54.246.204.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-1,ss:%5B1280.720,970.252,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.204.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-204-72.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7458a1054d9692f6d1b87c92271d057d6d27029b729e89420905f169365325c0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
server: nginx
x-server-name: app07.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 299 B
532 B 167ms
90ms XHR
application/json 54.246.204.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-2,ss:%5B970.250,970.251,970.90,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.204.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-204-72.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dd9ca94f65a85750445212041e046457b86609a21e96ea3c8a58c70e91793a2b

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
server: nginx
x-server-name: app10.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 40ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 688 B
377 B 52ms
51ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c24222a45fdf105c6b86f4f4d09bd8a243fb4ec2f2d8b7b5630ee0b22481ba39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 347
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 80ms
56ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306280101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88e57ebd103d16c6826e928ba79e601b22b3d8be24ac95414a7b7ed08bcd5ffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11800
x-xss-protection: 0

GET
H2 200 container.html Show response
56f3afd73e0a2f73f7d1fdf206b8f59d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 60F9 6 KB
3 KB 54ms
17ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://56f3afd73e0a2f73f7d1fdf206b8f59d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 20:46:07 GMT
expires: Fri, 05 Jul 2024 20:46:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 62ms
26ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 06 Jul 2023 20:46:05 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
689 B 53ms
14ms XHR
application/json 52.57.42.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2244152867-4f43-4ce6-bcb1-1e96cd680df2%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1688676367108%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%224f297ce4aa0f3%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%224f297ce4aa0f3%22%3A%5B%5B970%2C250%5D%2C%5B970%2C251%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%227e2ba634-b86d-4f49-aec2-5b31baf5beb1%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F2%2Ftop%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F2%2Ftop%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C251%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-2%22%2C%22transactionId%22%3A%227e2ba634-b86d-4f49-aec2-5b31baf5beb1%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C251%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%224f297ce4aa0f3%22%2C%22bidderRequestId%22%3A%2234b676d3d24de2%22%2C%22auctionId%22%3A%22614bf9f4-835e-4ae3-b496-59b7df720573%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B0.9000015258789062%5D%2C%22userId.mods.uid2.init%22%3A%5B0.9000015258789062%5D%2C%22userId.init.modules%22%3A%5B15%5D%2C%22requestBids.usp%22%3A0.09999847412109375%2C%22requestBids.userId%22%3A0.20000076293945312%2C%22requestBids.rtd%22%3A34.900001525878906%2C%22requestBids.validate%22%3A0.2999992370605469%2C%22requestBids.makeRequests%22%3A2.700000762939453%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%5D%2C%22prebidVersion%22%3A%227.41.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.42.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-42-51.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 20:46:07 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Nbr: 508
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 127ms
40ms XHR
application/json 35.71.161.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.71.161.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 23 B
366 B 117ms
57ms XHR
application/json 3.75.37.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.75.37.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-37-27.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7d49432da6db0077a316a917633888d844897b8505660cdc0ced8a9655abc292

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 06 Jul 2023 20:46:07 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 48

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
546 B 137ms
112ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=727144
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 671a212da87aaa3b5c770543f7bbe4a1499e1fb64ee38ba879b7705681d056d0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KPCXdsn8wYvhDa6v%2Bbw0iiGr8bPK1waGeCWExN5C4MJ9IWsSHNaUrbePO5PKKZq2gt5esmiBLOYK1LtYW7%2F5846F5Yz8ouVMMg%2FKDZL8VEVQWOhAi%2B53lrse1ZwEFs7nj0LxqNQ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7e2ab1feaa2b30cc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 105 B
448 B 112ms
38ms XHR
application/json 52.213.55.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.213.55.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-55-169.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 50319d3b8aac5aa721caa9ad3c010ff7de9e62ce05716cfca3e829e70639fadc

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
server: istio-envoy
x-reason: maxmind anonymous
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 6
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 379 B
894 B 160ms
116ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=392270&zone_id=2189722&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww.theonion.com%2F&kw=TheOnion&tg_v.iab_segments=1-4&tg_i.page=https%3A%2F%2Fwww.theonion.com%2F&tg_i.domain=theonion.com&tg_i.pbadslot=%2F4246%2Ffmg.onion%2Ffrontpage%2F2%2Ftop&tk_flint=pbjs_lite_v7.41.0&x_source.tid=7e2ba634-b86d-4f49-aec2-5b31baf5beb1&l_pb_bid_id=1430a1200e0b26c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F4246%2Ffmg.onion%2Ffrontpage%2F2%2Ftop&slots=1&rand=0.35565703635506574
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 47412d8e5b2bb7d136c31809842e2da35f32f1df7cf3696bc4afcdf46fae90c0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 379
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
527 B 532ms
489ms XHR
application/json 52.59.41.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.41.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.41.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-41-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
accept-ch: sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
195 B 105ms
37ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.41.0&cb=69853091356&lsavail=1

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 06 Jul 2023 20:46:07 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 45 KB
21 KB 211ms
175ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ec9d6adb252d2a480b995f335beef2161b88b504951a514518cff8b3187f71c8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
content-encoding: gzip
an-x-request-uuid: 476d6563-4f1b-41d1-af96-8d9da3739358
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.200; 80.255.10.200; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
141 B 119ms
118ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 118ms
118ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=2jt7tzy9j&w=5197056576585728&o=5726495427264512&cv=2.1.13-15-g6498499&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.theonion.com%2F&sid=0xfmm9kbo&upapi=true
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 06 Jul 2023 20:46:07 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
609 B 61ms
15ms Fetch
application/json 52.222.139.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-109.ams50.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 01:13:32 GMT
via: 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront), 1.1 dd133741afef09b02f3e6afd7cb39f40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, AMS50-C1
age: 70355
x-amzn-requestid: 5cd40e9a-f667-4bd7-a78f-4dcc829d08cb
x-amzn-trace-id: Root=1-64a6153c-156fd14a53a428676d286d5b;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: HnhBfHxZjoEFXSw=
content-length: 28
x-amz-cf-id: IeP3c2H71SpEHvH8PlSm3YUXz0rAk6CXl7OjpN-UrnPpuFjnYAkrGQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8AAD 15 KB
6 KB 47ms
17ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 20:46:06 GMT
server: Kestrel
server-processing-duration-in-ticks: 290587
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 utsync.ashx Show response
ml314.com/ 62 B
309 B 42ms
42ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=90810&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.theonion.com%2F&pv=1688676367184_v0x7xpa5e&bl=en-us&cb=1162154&return=&ht=&d=&dc=&si=1688676367184_v0x7xpa5e&cid=&s=1600x1200&rp=&v=2.5.3.49
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 38ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FBJXBGD4M8&gtm=45je36s0&_p=1026140388&cid=1861076189.1688676367&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688676367&sct=1&seg=0&dl=https%3A%2F%2Fwww.theonion.com%2F&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&uid=none&en=page_view&_fv=1&_ss=1&ep.site_section=1636079510&ep.content_channel=none&ep.content_section=none&ep.content_subsection=none&ep.content_role=&ep.adblock=false&ep.content_type=frontpage&up.adblock=false&up.user_type=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 69ms
34ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 20:46:07 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 49ms
49ms XHR
text/javascript 18.155.122.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=pRSvh9iA7jdBD&cb=1&ws=1600x1200&v=23.612.1758&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-9%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.155.122.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-155-122-7.cdg52.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 7942de46d7f690659dee238fe5cd2d32.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG52-P4
x-amz-rid: 1D7C6DMQSMQ1XEMSRYF5
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: UBMP4t70RpjUi_k-4bDTngrC66r-G0XxQC0C8zqNrWH2Hi7BF3u79Q==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 299 B
532 B 70ms
70ms XHR
application/json 54.246.204.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-9,ss:%5B970.250,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.204.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-204-72.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8d664e89bc3f26188c99d977345b10afeb1ac0a01bdbeb12fea7bb2602481b46

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
server: nginx
x-server-name: app02.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 49ms
48ms XHR
text/javascript 18.155.122.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=pRSvh9iA7jdBD&cb=2&ws=1600x1200&v=23.612.1758&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-12%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.155.122.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-155-122-7.cdg52.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 7942de46d7f690659dee238fe5cd2d32.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG52-P4
x-amz-rid: ASN4E4R134EM8X6Y97ED
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: TwCaKCR6sMZvtKW1s4z26MGh12Z2-BCuq_ClGDiL_i7p3XHPe1Gi_A==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 300 B
534 B 60ms
60ms XHR
application/json 54.246.204.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-12,ss:%5B970.250,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.204.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-204-72.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3c51c24a744e28eab7c48cd87b24b87b7b1ca0a479506c82015770235eb7fdb8

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
server: nginx
x-server-name: app23.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 53ms
52ms XHR
text/javascript 18.155.122.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=pRSvh9iA7jdBD&cb=3&ws=1600x1200&v=23.612.1758&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-7%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.155.122.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-155-122-7.cdg52.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 7942de46d7f690659dee238fe5cd2d32.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG52-P4
x-amz-rid: BJKNWTGH36HDMMCRXGZV
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 97c2qLM2SCD5qYjJW_buEoAUPK8ok0BKwYRov4QmiZZvq3BInv8tcA==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 299 B
533 B 61ms
61ms XHR
application/json 54.246.204.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-7,ss:%5B970.250,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.204.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-204-72.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dbf8c2121d7cb6926dc9ab44ffcdd41b9a491cb85e5c34f1d6149d177193e103

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
server: nginx
x-server-name: app06.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8AAD
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=theonion.com&sn=ChromeSyncframe&so=0&topUrl=www.theonion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=bg-ZUXw4dmZHeWVOSkRDdEVsVUJBdmpUVC9GN0RVZzUwWExKdVV3VzIvRWgzMmVrTEhLbUZuZW50ZjRPVTdVV3JPR0dMSnVMNWZxaUZtL3VRWHl4MWdHKzVsbUpITzZUWXpva1lKK3BwMUdVOU1rUy9vMlIzcFZZOWo1Sj...

422 B
649 B

87ms
23ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=bg-ZUXw4dmZHeWVOSkRDdEVsVUJBdmpUVC9GN0RVZzUwWExKdVV3VzIvRWgzMmVrTEhLbUZuZW50ZjRPVTdVV3JPR0dMSnVMNWZxaUZtL3VRWHl4MWdHKzVsbUpITzZUWXpva1lKK3BwMUdVOU1rUy9vMlIzcFZZOWo1SjFaRUN3TGRvV3dmOWdmM1lZbjNqV3JVYlMwU3lWR29yYnpib0dSajVOc1VyRkREYi9rQkFsbnJrZnhnakswY25HT3pFUCtiblc2dkh2UDRzLzBtSVFjb3hUNEtNOHJIVG1nWU9Ic1o3d3NHSG5ZaHJCaDNwcVNGQW9rZXM3TE9xRm54UTJ0RFpEb2NXMEJ5T1AxVzhOK0diWHRBSFVQUT09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

eef1c87eeba9a64c4eedf7558c83b1e0b9604836184433cfef174f1234480670

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:06 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1107575
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=bg-ZUXw4dmZHeWVOSkRDdEVsVUJBdmpUVC9GN0RVZzUwWExKdVV3VzIvRWgzMmVrTEhLbUZuZW50ZjRPVTdVV3JPR0dMSnVMNWZxaUZtL3VRWHl4MWdHKzVsbUpITzZUWXpva1lKK3BwMUdVOU1rUy9vMlIzcFZZOWo1SjFaRUN3TGRvV3dmOWdmM1lZbjNqV3JVYlMwU3lWR29yYnpib0dSajVOc1VyRkREYi9rQkFsbnJrZnhnakswY25HT3pFUCtiblc2dkh2UDRzLzBtSVFjb3hUNEtNOHJIVG1nWU9Ic1o3d3NHSG5ZaHJCaDNwcVNGQW9rZXM3TE9xRm54UTJ0RFpEb2NXMEJ5T1AxVzhOK0diWHRBSFVQUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 321593
content-length: 0
expires: 0

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
689 B 20ms
20ms XHR
application/json 52.57.42.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2244152867-4f43-4ce6-bcb1-1e96cd680df2%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1688676367284%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22223d5c2eaee8e2b%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%22223d5c2eaee8e2b%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22d0997111-5fdc-4143-bff6-6ccbc1863f9b%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F9%2Fmid_banner%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F9%2Fmid_banner%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-9%22%2C%22transactionId%22%3A%22d0997111-5fdc-4143-bff6-6ccbc1863f9b%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%22223d5c2eaee8e2b%22%2C%22bidderRequestId%22%3A%2221eabd350168fc2%22%2C%22auctionId%22%3A%22d6d2ed8e-f176-42fc-be94-3aef5dbaf0f7%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B0.9000015258789062%5D%2C%22userId.mods.uid2.init%22%3A%5B0.9000015258789062%5D%2C%22userId.init.modules%22%3A%5B15%5D%2C%22requestBids.usp%22%3A0.09999847412109375%2C%22requestBids.userId%22%3A0.09999847412109375%2C%22requestBids.rtd%22%3A16.099998474121094%2C%22requestBids.validate%22%3A0%2C%22requestBids.makeRequests%22%3A1.2000007629394531%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%5D%2C%22prebidVersion%22%3A%227.41.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.42.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-42-51.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 20:46:07 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Nbr: 508
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
544 B 9ms
8ms XHR
application/json 52.59.41.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.41.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.41.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-41-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
accept-ch: user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 62ms
61ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 06 Jul 2023 20:46:06 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 37ms
37ms XHR
application/json 35.71.161.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.71.161.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 105 B
447 B 36ms
35ms XHR
application/json 52.213.55.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.213.55.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-55-169.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 9b9e9eb11b2a9c7a1bd75bdd3891207ad9687857729d7f5c1870fb9c6556e432

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
server: istio-envoy
x-reason: maxmind anonymous
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 45 KB
21 KB 158ms
158ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

afa83745c17478762a0c53160daad92b8fce71e4e8f0ee8974297ab55968ce8c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
content-encoding: gzip
an-x-request-uuid: 36391aa3-62f9-4c87-8669-1a9c73235a52
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.200; 80.255.10.200; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
367 B 58ms
58ms XHR
application/json 3.75.37.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.75.37.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-37-27.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cd95a07d39534016d11b1c3f747b3d2a84198354c6c6eb1af5e6dbc582b01357

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 06 Jul 2023 20:46:07 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 40ms
40ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.41.0&cb=46211249131&lsavail=1

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 06 Jul 2023 20:46:06 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 17ms
17ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 06 Jul 2023 20:46:06 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
367 B 72ms
57ms XHR
application/json 3.75.37.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.75.37.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-37-27.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3e5d568437ccffc1e23e2d8bfeb887e81645592dffd60654a06263c432d92048

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 06 Jul 2023 20:46:07 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 45 KB
21 KB 265ms
265ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

3982f6173b3f8bfe9a4d10f956fe9d207e073db035d1d7b2e6b97362d78c9ca0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
content-encoding: gzip
an-x-request-uuid: dbd25f80-0235-4089-b969-139a7fe2c0b6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.200; 80.255.10.200; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 37ms
36ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.41.0&cb=34689099059&lsavail=1

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 06 Jul 2023 20:46:06 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 105 B
448 B 52ms
51ms XHR
application/json 52.213.55.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.213.55.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-55-169.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: a2788994c4e6f378aea4af43a4d7049786731125ac414ed69a0cf7ce3d23704a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
server: istio-envoy
x-reason: maxmind anonymous
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
527 B 114ms
114ms XHR
application/json 52.59.41.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.41.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.41.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-41-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
accept-ch: sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 80ms
50ms XHR
application/json 35.71.161.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.71.161.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
689 B 28ms
18ms XHR
application/json 52.57.42.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2244152867-4f43-4ce6-bcb1-1e96cd680df2%22%2C%22requestCount%22%3A2%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1688676367295%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%225658de8e1dfe2ff%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%225658de8e1dfe2ff%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22e86fbf34-0937-4722-9866-f38a11f211f1%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F12%2Fmid_banner%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F12%2Fmid_banner%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-12%22%2C%22transactionId%22%3A%22e86fbf34-0937-4722-9866-f38a11f211f1%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%225658de8e1dfe2ff%22%2C%22bidderRequestId%22%3A%225589e1832a402a3%22%2C%22auctionId%22%3A%22912fec72-38a7-43a9-85fc-062c702d4558%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B0.9000015258789062%5D%2C%22userId.mods.uid2.init%22%3A%5B0.9000015258789062%5D%2C%22userId.init.modules%22%3A%5B15%5D%2C%22requestBids.usp%22%3A0%2C%22requestBids.userId%22%3A0.20000076293945312%2C%22requestBids.rtd%22%3A21%2C%22requestBids.validate%22%3A0%2C%22requestBids.makeRequests%22%3A1%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%5D%2C%22prebidVersion%22%3A%227.41.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.42.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-42-51.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 20:46:07 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Nbr: 508
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 38ms
38ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.41.0&cb=87049560733&lsavail=1

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 06 Jul 2023 20:46:06 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 98ms
37ms XHR
application/json 35.71.161.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.71.161.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 105 B
447 B 34ms
34ms XHR
application/json 52.213.55.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.213.55.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-55-169.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: b580f69aa776389231af9b0c82e844cc91aee0b8d5890ff37701b33f12e49549

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
server: istio-envoy
x-reason: maxmind anonymous
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
543 B 8ms
8ms XHR
application/json 52.59.41.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.41.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.41.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-41-160.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
accept-ch: sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
367 B 75ms
58ms XHR
application/json 3.75.37.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.75.37.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-37-27.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: db01aa7c558509282ea40e9bdd0e9dfb5ccf4ee861bebba3ffcbbe53ac694fb5

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 06 Jul 2023 20:46:07 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 45 KB
21 KB 152ms
152ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a082679e7d0c16d2e5b89a28a7829e3d273543f7abde16df8eb00cd7a88e23da

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
content-encoding: gzip
an-x-request-uuid: 8366e717-0f5d-4f59-a2e7-07c5dd1e1d0e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.200; 80.255.10.200; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
689 B 36ms
26ms XHR
application/json 52.57.42.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2244152867-4f43-4ce6-bcb1-1e96cd680df2%22%2C%22requestCount%22%3A3%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1688676367301%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2272fab324759656e%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%2272fab324759656e%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%223f1bbe6d-4968-4aa4-ab43-04133162f553%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F7%2Fmid_banner%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F7%2Fmid_banner%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-7%22%2C%22transactionId%22%3A%223f1bbe6d-4968-4aa4-ab43-04133162f553%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%2272fab324759656e%22%2C%22bidderRequestId%22%3A%227150f423c469238%22%2C%22auctionId%22%3A%22cd6d1c74-6179-461f-a97e-31af91e62b5a%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B0.9000015258789062%5D%2C%22userId.mods.uid2.init%22%3A%5B0.9000015258789062%5D%2C%22userId.init.modules%22%3A%5B15%5D%2C%22requestBids.usp%22%3A0.10000228881835938%2C%22requestBids.userId%22%3A0.09999847412109375%2C%22requestBids.rtd%22%3A24.599998474121094%2C%22requestBids.validate%22%3A0.20000076293945312%2C%22requestBids.makeRequests%22%3A1.2000007629394531%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%5D%2C%22prebidVersion%22%3A%227.41.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.42.51 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-42-51.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 20:46:07 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Nbr: 508
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 25ms
24ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 06 Jul 2023 20:46:06 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CDEE 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 14:54:25 GMT
expires: Fri, 05 Jul 2024 14:54:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 997A 783 B
971 B 18ms
18ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

816df1ff3024147ced326fe20bc870f19e5612f20426e966ba94b61299e543b6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ziU0I2pPNMD8jSjQu1GE6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-ziU0I2pPNMD8jSjQu1GE6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 20:46:07 GMT
expires: Thu, 06 Jul 2023 20:46:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 info Show response
www.theonion.com/api/veritas/ 161 B
538 B 121ms
121ms Fetch
application/json 151.101.2.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/veritas/info?pi=29a59fac7a1474db343f29561756f76dc3685aa2&cb=1688676367337

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.69cf1538d897182afb52.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cba9b19f80c9b23b8867f1f6f2d0e8a36ba04b31fc3330d97e664e6807a34904

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src 'self'
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 06 Jul 2023 20:46:07 GMT
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-kinja-gdpr: true
age: 0
x-cache: MISS, MISS, MISS
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 138
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100127-IAD, cache-iad-kjyo7100036-IAD, cache-fra-etou8220105-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1688676367.339785,VS0,VE113
x-frame-options: DENY
vary: Accept-Encoding, Authorization, X-Valid-Scroll-User
content-type: application/json
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

POST
H2 200 b
www.theonion.com/api/veritas/ 0
0 112ms
111ms Fetch 151.101.2.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/veritas/b?debug=0

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.69cf1538d897182afb52.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-Veritas-Version: 1.1.2
Content-Encoding: gzip
Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self'
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 06 Jul 2023 20:46:07 GMT
x-permitted-cross-domain-policies: master-only
x-kinja-gdpr: true
x-cache: MISS, MISS, MISS
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-nocache
content-length: 0
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200033-IAD, cache-iad-kcgs7200033-IAD, cache-fra-etou8220105-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1688676367.344789,VS0,VE104
x-frame-options: DENY
cache-control: no-cache, no-store, private
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 997A 0
0 59ms
41ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306280101&jk=1932498375211271&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame CDEE 38 KB
14 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 09:16:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jul 2024 09:16:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
13 KB 290ms
290ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1932498375211271&correlator=1355896822373329&eid=31072019%2C31074948%2C31075339&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x520&ifi=2&adks=3426865480&didk=1378598711&sfv=1-0-40&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-02%26amznbid%3D2%26amznp%3D2%26id%3D12d9af4b-1c3e-11ee-8ff7-02c790015d1e%26vw%3D40%2C50%26fr%3Dfalse%26ias-kw%3DIAS_1509460_PG%2CIAS_3007987_PG%2CIAS_1500902_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.10%26hb_adid_appnexus%3D77dbfb39ce68d83%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.10%26hb_adid%3D77dbfb39ce68d83%26hb_bidder%3Dappnexus&eri=1&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&sc=1&cookie=ID%3Dff134c99f95a02e4%3AT%3D1688676367%3ART%3D1688676367%3AS%3DALNI_MYTpbx9n_Xzv7RVje68MKBzj-SYaw&gpic=UID%3D00000c63adf95d49%3AT%3D1688676367%3ART%3D1688676367%3AS%3DALNI_MYrXe28hn_uCkxufPg_g83ybw31pA&abxe=1&dt=1688676367459&lmt=1688676367&dlt=1688676366022&idt=897&adxs=1200&adys=1981&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=1028&ohw=4000&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1861076189.1688676367&ga_sid=1688676367&ga_hid=1026140388&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a894390f79df7eb2ec9080d6a2888ffb1e2e98095532620064a1e42de4085be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13336
x-xss-protection: 0
google-lineitem-id: 6314551905
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138436347090
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 573ms
573ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1932498375211271&correlator=1355896822373329&eid=31072019%2C31074948%2C31075339&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x520&ifi=3&adks=753366804&didk=1378598709&sfv=1-0-40&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-01%26amznbid%3D2%26amznp%3D2%26fr%3Dfalse%26ias-kw%3DIAS_1509460_PG%2CIAS_3007987_PG%2CIAS_1500902_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.10%26hb_adid_appnexus%3D79e8defe91d2ae%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.10%26hb_adid%3D79e8defe91d2ae%26hb_bidder%3Dappnexus&eri=1&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&sc=1&cookie=ID%3Dff134c99f95a02e4%3AT%3D1688676367%3ART%3D1688676367%3AS%3DALNI_MYTpbx9n_Xzv7RVje68MKBzj-SYaw&gpic=UID%3D00000c63adf95d49%3AT%3D1688676367%3ART%3D1688676367%3AS%3DALNI_MYrXe28hn_uCkxufPg_g83ybw31pA&abxe=1&dt=1688676367476&lmt=1688676367&dlt=1688676366022&idt=897&adxs=1200&adys=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=1028&ohw=4000&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1861076189.1688676367&ga_sid=1688676367&ga_hid=1026140388&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d984bb09f5f1e47bd4fb0201a5bb60122badd75f2ecd1addfeb9fa68c92aa398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13328
x-xss-protection: 0
google-lineitem-id: 6314551905
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437127990
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CDEE 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bEcy2Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 696ms
696ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1932498375211271&correlator=1355896822373329&eid=31072019%2C31074948%2C31075339&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x520&ifi=4&adks=546244911&didk=136931550&sfv=1-0-40&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-03%26amznbid%3D2%26amznp%3D2%26fr%3Dfalse%26ias-kw%3DIAS_1509460_PG%2CIAS_3007987_PG%2CIAS_1500902_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.10%26hb_adid_appnexus%3D81cee43ad2ab2c3%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.10%26hb_adid%3D81cee43ad2ab2c3%26hb_bidder%3Dappnexus&eri=1&cust_params=veritas-iab%3D12%252C%252019%252C%252015%252C%25209-30%252C%25201-4%252C%25201-6%252C%25201-7%252C%25201-5%252C%252011-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage%26veritas-segments%3D12%252C%252014%252C%25202%252C%25207%252C%25206%252C%25201&sc=1&cookie=ID%3Dff134c99f95a02e4%3AT%3D1688676367%3ART%3D1688676367%3AS%3DALNI_MYTpbx9n_Xzv7RVje68MKBzj-SYaw&gpic=UID%3D00000c63adf95d49%3AT%3D1688676367%3ART%3D1688676367%3AS%3DALNI_MYrXe28hn_uCkxufPg_g83ybw31pA&abxe=1&dt=1688676367567&lmt=1688676367&dlt=1688676366022&idt=897&adxs=1200&adys=2813&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=1028&ohw=4000&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1861076189.1688676367&ga_sid=1688676367&ga_hid=1026140388&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37d5c170f17dac2a503164b457766e1cfdc3bae3c93fb1a06f1f8e685d67632a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13362
x-xss-protection: 0
google-lineitem-id: 6314551905
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437207397
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
28ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 381 B
167 B 833ms
833ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1932498375211271&correlator=1355896822373329&eid=31072019%2C31074948%2C31075339&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x251%7C970x90%7C728x90%7C1600x520&ifi=5&adks=2283483005&didk=1378598704&sfv=1-0-40&prev_scp=article_position%3Dnone%26pos%3Dtop%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dtop-01%26amznbid%3D2%26amznp%3D2%26fr%3Dfalse%26ias-kw%3DIAS_1509460_PG%2CIAS_3007987_PG%2CIAS_1500902_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.10%26hb_adid_appnexus%3D752a415876e4ace%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.10%26hb_adid%3D752a415876e4ace%26hb_bidder%3Dappnexus&eri=1&cust_params=veritas-iab%3D12%252C%252019%252C%252015%252C%25209-30%252C%25201-4%252C%25201-6%252C%25201-7%252C%25201-5%252C%252011-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage%26veritas-segments%3D12%252C%252014%252C%25202%252C%25207%252C%25206%252C%25201&sc=1&cookie=ID%3Dff134c99f95a02e4%3AT%3D1688676367%3ART%3D1688676367%3AS%3DALNI_MYTpbx9n_Xzv7RVje68MKBzj-SYaw&gpic=UID%3D00000c63adf95d49%3AT%3D1688676367%3ART%3D1688676367%3AS%3DALNI_MYrXe28hn_uCkxufPg_g83ybw31pA&abxe=1&dt=1688676367673&lmt=1688676367&dlt=1688676366022&idt=897&adxs=1515&adys=303&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&psz=4000x290&msz=4000x290&fws=1028&ohw=4000&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1861076189.1688676367&ga_sid=1688676367&ga_hid=1026140388&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04f7fc334ffcac91f5dd2acbb1a6b73bbf059d98f34ed048c81e645a6f064083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D3CB 0
0 47ms
46ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8DUpeBdGzPcRWV-dBJCgEItYW_V8T73WqX9gG75zD8ziQem58fJvAm74sSKdYapy8NA-E2qMeU6bccmv0XMhy8iltHn5dCR0yXdKZS8xPX5XiXihd9Ue0tlhUA5fVamDpoAk0_osqCwHAe5fVbLtaqZLN2dNQ46r4aSMkWf5K9ShZfZSjj8jYCVCazZ-mXamNJI9_oxYztoIBeNoC_AgeJqEQyVjEThGpDIYpmtmKTPKumHztLSRaGXFr-aK_V70aZ12KmUK4qP7YJtyHTr5cfxaDool1C5UzZDoXYR1g6GlFS43obUTdZb3txnovr2jn2whgw0IxqlS0IdCQ&sai=AMfl-YQqb0D2tsph_GScgzykRiu6SHKXIdpAJihtrhyMGqowzSNHFoVPNLLsqMVxxAlMCj-jOvl15m9GOv0qmkYD5hfxSSgjudCa1CnV3E6i1EMlUbO4aF_VwB9kCXijNC4&sig=Cg0ArKJSzBIAyuHBNoOZEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 b-e09f10f-4415d417.js Show response
tagan.adlightning.com/gomedia/ Frame D3CB 77 KB
29 KB 20ms
18ms Script
application/javascript 99.86.91.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-43.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 895fe95f9252951d1b3acfba50546376d3224bb5a19fa40df3be17e6571e844b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:27:04 GMT
content-encoding: gzip
via: 1.1 54ebf0a06ec7306301fb9a98086cc9b0.cloudfront.net (CloudFront)
x-amz-version-id: W1DH6jDxNN9jfL9k8Lwxuy3R7DRroyh6
x-amz-cf-pop: CDG50-C1
age: 2693944
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29341
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:51 GMT
server: AmazonS3
etag: "2bdbd3c490a4d678a49da1f2123b95f8"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: FYfkZ276J6FqEFYZDSaVz2NuIbHIuRE8axILEYPoAYLwTtyCaINNPg==

GET
H2 200 index.8fdf3319.css
c.qz.com/sponsors/intel/q2-2023-video-display/qzcdist/ Frame D3CB 40 KB
41 KB 49ms
8ms Stylesheet
text/css 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.qz.com/sponsors/intel/q2-2023-video-display/qzcdist/index.8fdf3319.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51fd57f16dcbb74d648abf3fa96359945de8788de0d48c9dc6cba76ec8897c4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
via: 1.1 varnish
x-amz-request-id: 3XE1X5S50M55Q1F7
age: 764
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 41446
x-amz-id-2: +GZWNnQ6F1jEKbf4qvQaXxOJz6meI4OxvCVb5jbMp+8MF4r4BZ1hXO5K6Vepy+9IL8eAHOBSisU=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Fri, 30 Jun 2023 16:54:02 GMT
server: AmazonS3
x-timer: S1688676368.928891,VS0,VE0
etag: "580ac7689f3a58e5d1f261197700dff8"
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 jquery.min.js Show response
c.qz.com/scripts/qzcdist/ Frame D3CB 86 KB
86 KB 58ms
16ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.qz.com/scripts/qzcdist/jquery.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
via: 1.1 varnish
x-amz-request-id: 3XE58YVH9DTW0R6A
age: 810
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 88145
x-amz-id-2: 6DC7l7alxiiQjUdtv19coFCGc8VOw3oP7Lt6JAYKNKZHOjvCjPonY+VLYN57xzi8cxFBJR7DrnI=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Fri, 30 Jun 2023 16:53:47 GMT
server: AmazonS3
x-timer: S1688676368.928864,VS0,VE1
etag: "220afd743d9e9643852e31a135a9f3ae"
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame D3CB 64 KB
23 KB 36ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/gsap.min.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1181071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23292
last-modified: Fri, 22 Apr 2022 16:32:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6262d89e-5afc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vj%2BwAAf0ACGkTfsHdpe9hMzozYjantFcGxKAIDSsk434zmA9N8Ul0yLoqL3Lw0r46h786x8X2oA26bvGjNqMmwEPG%2F%2BGPd8UEji7AZr87DWWoIpqk8WzXHXV4HOlJxBec%2B6Wazv5Tjpi0PqgX9AJy3%2Fr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e2ab2036a6bbbb0-FRA
expires: Tue, 25 Jun 2024 20:46:07 GMT

GET
H2 200 index.90d57194.js Show response
c.qz.com/sponsors/intel/q2-2023-video-display/qzcdist/ Frame D3CB 132 KB
132 KB 50ms
9ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.qz.com/sponsors/intel/q2-2023-video-display/qzcdist/index.90d57194.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e31be4a80b256fd94789e75c0d4a51737c03190e8d9967246d81429bcd6da6d

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
via: 1.1 varnish
x-amz-request-id: NH146E10A5W7ZEFR
age: 2059
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 134767
x-amz-id-2: UWBQ9DQckAfJj+FAw6NHEGPKEr49ndnts/6ChuOyxQ+3EbUT8IMJMCz7xsvQ+lH4hexhTBQaTIc=
x-served-by: cache-fra-etou8220047-FRA
last-modified: Fri, 30 Jun 2023 16:54:02 GMT
server: AmazonS3
x-timer: S1688676368.928487,VS0,VE1
etag: "cea5d6713139c90495a8c2dc16535412"
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 qat.min.js Show response
c.qz.com/scripts/qat/qzcdist/ Frame D3CB 2 KB
2 KB 50ms
8ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.qz.com/scripts/qat/qzcdist/qat.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90d4b39a601ca0b67746e7a60473cc89d5b3d633e9bc94bba157568ee54962ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
via: 1.1 varnish
x-amz-request-id: X94QST3HEC6FTHRX
age: 3278
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2086
x-amz-id-2: lrk2MMR4UdjGmZE821ogmg/ewo2w/BC8EU1s1fWOhLavDelH3uIjwi8K7Jcsl0Lhx4mFnJGaLQQ=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Fri, 30 Jun 2023 16:53:46 GMT
server: AmazonS3
x-timer: S1688676368.928893,VS0,VE0
etag: "ba99e3602459691d2fd53148db3ff289"
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 4

GET
H3

200

B30016091.368183932;dc_pre=CPeGstj5-v8CFcP0EQgdD6QNJg;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=1251680754;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_t...
ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/ Frame D3CB
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=1251680754;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;g...
https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_pre=CPeGstj5-v8CFcP0EQgdD6QNJg;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=1251680754;dc_lat=;dc_rdid=;tag_for...

42 B
63 B

29ms
29ms

Image
image/gif

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_pre=CPeGstj5-v8CFcP0EQgdD6QNJg;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=1251680754;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_pre=CPeGstj5-v8CFcP0EQgdD6QNJg;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=1251680754;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/1503538/71719453/ Frame D3CB 46 KB
12 KB 99ms
32ms Script
application/javascript 54.246.204.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/1503538/71719453/skeleton.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.204.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-204-72.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e93597ebb047036156921ebffbea565fe5129f4bd821696e0985a3bb9abfc89e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:07 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3CB 179 KB
57 KB 52ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 20:46:07 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame D3CB 8 KB
4 KB 51ms
8ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&seltag=1&sadv=72487178&ord=3212079107&litm=6314551905&scrt=138436347090&unit=1600x520&splc=152253218&adu=22405397127&adsrv=104&btreg=6314551905138436347090&btadsrv=6314551905138436347090&cb=873580468&region=70dvtagver=6.1.src
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 39399d443a3ab24886d829aae4ac8b33492ab78b193aeadda64586f0467b5ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 20:46:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Jul 2023 12:19:54 GMT
Server: UploadServer
ETag: "8f00be3da9a0f0d7a1a8c47b91364b82"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3377
Expires: Thu, 06 Jul 2023 12:35:21 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame D3CB 150 KB
53 KB 67ms
67ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N3F3MXD

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

deacbb4086c70eb33c713e2b9d96f71d11a043d6478fb9bd2aeb410ca3249992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54547
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 19:47:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jul 2023 20:46:08 GMT

GET
H2 200 main.19.8.425.js Show response
static.adsafeprotected.com/ Frame D3CB 203 KB
63 KB 105ms
12ms Script
application/javascript 2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.425.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d24a3646c524336d1a00d5102a4fab0629caced791ff7f05a89d12253e147d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 21:04:08 GMT
x-amz-version-id: vTMh3VsUfsPfd30Q2lhQhLoWQZlv7Ed2
content-encoding: gzip
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 85321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Jul 2023 19:42:13 GMT
server: AmazonS3
etag: W/"8325ccb86878f05b0052313c53a93437"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 0yT9IO2rgWvJpD5WBlHnDzqvQk0oxpmNDZV-HHa1rQqgzXzCEtiCBA==

GET
H2 200 copy.png
qzc-assets.qz.com/clients/intel/q2-2023-video-display/assets/ Frame D3CB 34 KB
35 KB 51ms
35ms Image
image/png 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qzc-assets.qz.com/clients/intel/q2-2023-video-display/assets/copy.png
Requested by: Host: c.qz.com
URL: https://c.qz.com/sponsors/intel/q2-2023-video-display/qzcdist/index.8fdf3319.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4e84e2c6f72182b7f9922bc1ed2ea80ea89545de51a0d61309260991296f7fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.qz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: X9C0CB50DMMGPVMY
age: 84
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 35088
x-amz-id-2: hCiAURRXclMUIhail1zJSvB4DRGZ+oRTjNxa4ebHBTNT6INWGSgV+i/6PikcWbqIk9vefkYkf54=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Fri, 09 Jun 2023 18:40:19 GMT
server: AmazonS3
x-timer: S1688676368.066600,VS0,VE1
etag: "73bc338d382a37e79c28e40441ef23ea"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 cta.png
qzc-assets.qz.com/clients/intel/q2-2023-video-display/assets/ Frame D3CB 6 KB
6 KB 52ms
37ms Image
image/png 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qzc-assets.qz.com/clients/intel/q2-2023-video-display/assets/cta.png
Requested by: Host: c.qz.com
URL: https://c.qz.com/sponsors/intel/q2-2023-video-display/qzcdist/index.8fdf3319.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5941060954d00bf976579a0e809b4ba9d6f294705c0989fc29ea736fc214592b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.qz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: CA2Y7RPGQJP2GR2T
age: 84
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 6070
x-amz-id-2: eDOe1IW8wQ8TViQ6928LLjfl8jv/IJQFPH80Z3qcNmO9LhEKU+RjKl5iv6qADrfeap0Q0KyvvT8=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Fri, 09 Jun 2023 18:40:19 GMT
server: AmazonS3
x-timer: S1688676368.066295,VS0,VE2
etag: "47c74fcee0f61260bcb86db1873bff00"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 logo.png
qzc-assets.qz.com/clients/intel/q2-2023-video-display/assets/ Frame D3CB 3 KB
3 KB 51ms
36ms Image
image/png 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qzc-assets.qz.com/clients/intel/q2-2023-video-display/assets/logo.png
Requested by: Host: c.qz.com
URL: https://c.qz.com/sponsors/intel/q2-2023-video-display/qzcdist/index.8fdf3319.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97bc3d3b96d2655ce7fe030b0e276a2b8b4b75ccf2b07e9f926c8d4fe5e44476

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.qz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: E9EWRNYR82R2EHBD
age: 84
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3023
x-amz-id-2: hRBDJVlEEYWgoJwvmDeQ6gMPJ2bCJrU/sPNBZK1aZCZ8VLFu3W1tfoCEXAbEjJsxqscz74r8usI=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Fri, 09 Jun 2023 18:40:19 GMT
server: AmazonS3
x-timer: S1688676368.066767,VS0,VE1
etag: "14e260e6b62f7909e16ed82aa5c411c7"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 play.png
qzc-assets.qz.com/clients/intel/q2-2023-video-display/assets/ Frame D3CB 2 KB
2 KB 50ms
35ms Image
image/png 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qzc-assets.qz.com/clients/intel/q2-2023-video-display/assets/play.png
Requested by: Host: c.qz.com
URL: https://c.qz.com/sponsors/intel/q2-2023-video-display/qzcdist/index.8fdf3319.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 396bb5b08998bd1f8b02e6ecc8d08984599e1299eee87b21ae11066a4f91d30d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.qz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: CEMKHA2X7C8JAHPY
age: 84
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2103
x-amz-id-2: puYbRigc7QfOcKT0wQG1H37bIQwf2huJT84wHCjYj5l4+eL51nExly3hZuqMamk6O3Vm9SvfUNs=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Fri, 09 Jun 2023 19:40:28 GMT
server: AmazonS3
x-timer: S1688676368.066632,VS0,VE1
etag: "63e7889051cb2ace0daff98a5291718c"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D3CB 0
0 103ms
45ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupIjmxRPXb0Bs3i-4rFl6LkDbNtANx9_9x03L8eDilBqjyA4sWfcTK-mOEyP7nZWmyS51BbUWHiisSVEDNScjJ06s_DR2KNp6R3GZ6gCWV9N9B9XjgXWewBpu49NQAkl8rUgHES_j30J4qnoY3biHI15X1hNbTF_7cO7TJCJUqorxw4kPNySZEAwmcxvr1-c2tcl_mgvG05c2tmbKbaEQI1iySPzDsRejf7m0cDZ8m9jqXMSBpyNjzbolu6h6rllYWziCpzSOlGKeZtse3D8nn8IZGrX4HZ4T4SGOttlbrlSYkBfxvgq5GaU_gZk5nOIp5HGDLFOS128SI9XAOyEM&sai=AMfl-YS0adWjS4n4IWjtBaqsxB4s0rqJ_heuhx2bbUsqKH_kPJKadiOAEG79lyYO8emXxrjPyHu37rmyQtiL4VFdeJQFAObaIDI-pbs7wXnjuJjJNl9FItXNjh4yogHPt_A&sig=Cg0ArKJSzOpVkqKKBts6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 06 Jul 2023 20:46:08 GMT

GET
DATA 200
OK truncated
/ Frame D3CB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf5c64e397eda78cd4427f9d3fedc832b4d77181bc0cabbab04dc8ff1b0f004b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 6AD1 47 KB
13 KB 44ms
43ms Script
application/javascript 54.246.204.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=931294&campId=1600x520&pubId=72487178&chanId=22405397127&placementId=6314551905&pubCreative=138436347090&pubOrder=3212079107&cb=873580468&adsafe_par&impId=12d9af4b-1c3e-11ee-8ff7-02c790015d1e&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-02
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.204.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-204-72.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 14255747a68e1c07d017bde2cb3bcc8203d35353c980f99e13bdf61a8ca5dafe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK dv-measurements4122.js Show response
cdn.doubleverify.com/ Frame E075 547 KB
104 KB 22ms
21ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4122.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6c0a263cc7f40c33f21c21323b8b0cdef80fa00a1467d58e87f6cf3de6e0e11a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 20:46:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Jul 2023 07:43:16 GMT
Server: UploadServer
ETag: "9b4ec8c5f3573c4020d70289eee8e2d0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106219
Expires: Fri, 05 Jul 2024 07:43:19 GMT

GET
H2 200 plyr.svg Show response
cdn.plyr.io/3.6.12/ Frame D3CB 6 KB
2 KB 85ms
26ms XHR
image/svg+xml 2606:4700:21::681b:c258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.6.12/plyr.svg
Requested by: Host: c.qz.com
URL: https://c.qz.com/sponsors/intel/q2-2023-video-display/qzcdist/index.90d57194.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Apr 2023 10:33:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 267479
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPDSr%2FofIpt2ozsJgVWpSElbIwbPa7JVeZ%2Fk3UFF3UfKn5md%2FnZWmnWz%2BOs6vViKD6dMWFk0JigPcystaoouBh4H6uK%2BBq2LPM%2BFQWcrPgUSquNVx3jZzDc85oW%2Fkx6X3sL2TwVBS7bJ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 7e2ab2052d04385a-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 plyr.svg Show response
cdn.plyr.io/3.6.12/ Frame D3CB 6 KB
2 KB 59ms
25ms XHR
image/svg+xml 2606:4700:21::681b:c258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.6.12/plyr.svg
Requested by: Host: c.qz.com
URL: https://c.qz.com/sponsors/intel/q2-2023-video-display/qzcdist/index.90d57194.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Apr 2023 10:33:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 267479
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0ZKudUTZgWvuHjZ%2F722M%2Fq2qCl7UfATOmlFkqLXA3f0bIktCKSiCKwcDS6NtaWi727EWJYNQOulQbRqtRMV5S%2BwHCmCDMS2au%2FlfASJLDTHXciqT82xMqZeg0NzS9qvTb%2FpBf8YGSq7"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 7e2ab2053d06385a-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4BDD 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYL2ZQDlsZopvDwSpgb5sCzLSAlIdHzwQtp0oDLxiBHbX9OGxR3kQ37HXvR_JnVZFOR9_9-WOEZ9_drd884bjPpqhQXVbRtSdIoNw6r--7sWu0akXCSLuzKGZ6IzYeGdpzqxI0WXI7fk_1AcFZ_sqmh49QSBz2w0Wi5yRe9idliJMqh6NpFBo_4NYqqjOwFTb8BSUljAWDs4V_alve9W2AdcQ-cyik_LSLvnI5nyVT8hzyLRD_e_6LdLAdqNS-m44pjZMmmDP_Ho8JXnqs7COOwuI_qgMChMXnk0OJYb8z1WBauc1Iun56MalDTck7iqJ0PmBV0025Eqfe5p2S&sai=AMfl-YRA-zLU1Q71Iy45QeBmC-Mj7WMbn0Gb8hmZ8ZpvTbt3ihRsukuNCIV94H7IlNrw9znVCI6Er9O2WyLGALre3XgBLNCKiMnrq7EAQQcuFNC7SF7UWON9DHEcr7TgLYY&sig=Cg0ArKJSzL8j0OEslA9AEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 b-e09f10f-4415d417.js Show response
tagan.adlightning.com/gomedia/ Frame 4BDD 77 KB
29 KB 20ms
18ms Script
application/javascript 99.86.91.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-43.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 895fe95f9252951d1b3acfba50546376d3224bb5a19fa40df3be17e6571e844b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:27:04 GMT
content-encoding: gzip
via: 1.1 54ebf0a06ec7306301fb9a98086cc9b0.cloudfront.net (CloudFront)
x-amz-version-id: W1DH6jDxNN9jfL9k8Lwxuy3R7DRroyh6
x-amz-cf-pop: CDG50-C1
age: 2693945
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29341
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:51 GMT
server: AmazonS3
etag: "2bdbd3c490a4d678a49da1f2123b95f8"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: yIfE_ymWNc1ln2z-eqHtyBilZRM-okBuxnT8ZIBiuVHk6iF1sedaRA==

GET
H2 200 index.8fdf3319.css
c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/ Frame 4BDD 40 KB
41 KB 9ms
7ms Stylesheet
text/css 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/index.8fdf3319.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b6702af1b9a51b3cea18c0224eb1368acd3fc1d54cd4f0b8a59455fc8ea6f15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: 2F7C20BSG1KD7NC5
age: 1418
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 41446
x-amz-id-2: FdKjgQHTXQ/TG7IphfxSYQUU1ZAAMAymGtpnbN1qWWJpFJ42adg62rsLPce1kF688V7z1cxOVE0=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Fri, 30 Jun 2023 16:54:02 GMT
server: AmazonS3
x-timer: S1688676368.207441,VS0,VE0
etag: "cfecd31937a1fa8b99d74ded927f2f93"
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 jquery.min.js Show response
c.qz.com/scripts/qzcdist/ Frame 4BDD 86 KB
86 KB 20ms
18ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.qz.com/scripts/qzcdist/jquery.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: 3XE58YVH9DTW0R6A
age: 810
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 88145
x-amz-id-2: 6DC7l7alxiiQjUdtv19coFCGc8VOw3oP7Lt6JAYKNKZHOjvCjPonY+VLYN57xzi8cxFBJR7DrnI=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Fri, 30 Jun 2023 16:53:47 GMT
server: AmazonS3
x-timer: S1688676368.207700,VS0,VE0
etag: "220afd743d9e9643852e31a135a9f3ae"
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame 4BDD 64 KB
23 KB 16ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/gsap.min.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1181072
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23292
last-modified: Fri, 22 Apr 2022 16:32:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6262d89e-5afc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BsVYEONCzkfyMLz88inQ10frZo6X2P5d%2FZgC9BSbr4Jr3%2FxIlImijuIx%2BwhT9gXe9MdNO2Yu60iNrk8N5xeglDgbvXU6kpdyCByzAbnIl7TmO7JzLW65OauMhhEuvj5PfvEeUcxllWcrYwMJGTuZ1kE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e2ab2054d60bbb0-FRA
expires: Tue, 25 Jun 2024 20:46:08 GMT

GET
H2 200 index.90d57194.js Show response
c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/ Frame 4BDD 132 KB
132 KB 389ms
387ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/index.90d57194.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19e037946f24c1a75cf4dd5ce89242a943a9e199c97998512aa059fe2b591406

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: 04A21MJBJW8B07PC
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 134767
x-amz-id-2: m4Kr+IDlCGNzoUTRfv6Hw+VUNByTuz4eCGngpmz6abUKEdpcCuECVBj1eCzQqoKLH5QV3/k9nD8=
x-served-by: cache-fra-etou8220047-FRA
last-modified: Fri, 30 Jun 2023 16:54:02 GMT
server: AmazonS3
x-timer: S1688676368.207506,VS0,VE379
etag: "c1a9d69ec4ea82768cd989043ab7e0a5"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 qat.min.js Show response
c.qz.com/scripts/qat/qzcdist/ Frame 4BDD 2 KB
2 KB 16ms
14ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.qz.com/scripts/qat/qzcdist/qat.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90d4b39a601ca0b67746e7a60473cc89d5b3d633e9bc94bba157568ee54962ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: X94QST3HEC6FTHRX
age: 3279
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2086
x-amz-id-2: lrk2MMR4UdjGmZE821ogmg/ewo2w/BC8EU1s1fWOhLavDelH3uIjwi8K7Jcsl0Lhx4mFnJGaLQQ=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Fri, 30 Jun 2023 16:53:46 GMT
server: AmazonS3
x-timer: S1688676368.207700,VS0,VE0
etag: "ba99e3602459691d2fd53148db3ff289"
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 5

GET
H3

200

B30016091.368183932;dc_pre=CP26xdj5-v8CFaSeewod18gELg;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=1554650479;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_t...
ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/ Frame 4BDD
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=1554650479;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;g...
https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_pre=CP26xdj5-v8CFaSeewod18gELg;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=1554650479;dc_lat=;dc_rdid=;tag_for...

42 B
63 B

29ms
29ms

Image
image/gif

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_pre=CP26xdj5-v8CFaSeewod18gELg;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=1554650479;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_pre=CP26xdj5-v8CFaSeewod18gELg;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=1554650479;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/1503538/71719453/ Frame 4BDD 46 KB
12 KB 35ms
34ms Script
application/javascript 54.246.204.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/1503538/71719453/skeleton.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.204.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-204-72.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 84034df87021978ab426a7e00326c33836809681a86e6b63eebbd01040f27a63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4BDD 179 KB
56 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 20:46:08 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 4BDD 8 KB
4 KB 10ms
8ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&seltag=1&sadv=72487178&ord=3212079107&litm=6314551905&scrt=138437127990&unit=1600x520&splc=152253218&adu=22405397127&adsrv=104&btreg=6314551905138437127990&btadsrv=6314551905138437127990&cb=577084310&region=70dvtagver=6.1.src
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 39399d443a3ab24886d829aae4ac8b33492ab78b193aeadda64586f0467b5ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 20:46:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Jul 2023 12:19:54 GMT
Server: UploadServer
ETag: "8f00be3da9a0f0d7a1a8c47b91364b82"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3377
Expires: Thu, 06 Jul 2023 12:35:21 GMT

GET
H2 206 video.mp4
qzc-assets.qz.com/clients/intel/q2-2023-video-display/assets/ Frame D3CB 1 MB
0 17ms
16ms Media
video/mp4 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://qzc-assets.qz.com/clients/intel/q2-2023-video-display/assets/video.mp4
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.theonion.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: Y050YJ8G9K49MFSM
age: 10
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-2163331/2163332
Content-Length: 2163332
x-amz-id-2: qdKFp+rGLuGNWNegM3gSZeCVkoCd5ki75Q5wxIhKtbJXb6XuCbUxYFBl8wMfaENGxgHvAomUCfM=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Fri, 09 Jun 2023 18:40:19 GMT
server: AmazonS3
x-timer: S1688676368.247959,VS0,VE2
etag: "2f29eb7562cedfb24c96a5f6ee4ff958"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306280101&jk=1932498375211271&bg=!vb6lvurNAAb90kgr3dI7ADkAdvg8Wh1-vSQ95fpgr4lxlO_DQr1LVoIYY-jt8-gDit7m9l1yxCQED5z1S_F4g4_BPZY7dncT6TQCAAAAaVIAAAAIaAEHmQK9SYHmYSYqVS2RtphU4cVQZx1Kb5OmUGAPQw50my6kFgkg8jmFdoY-sBdVrFCwgJJihJlyzQzx1AKHQ9Q3nXI_USQ1O-BrIrpW6VnvaEzael_Z4DimFWqcprv4vMNpoo6r2CMvqdOXU45xpSxONirWzf8_vGQFn7lAKeIsqLRGyys9FT0MEmXe77jh_3mHA-zidyRxzkFOtc5MfMhXdK2BHTDX1wkIlULHJYOMfAbCSzo-bIg9ehrVxzZlPpYrTu0cCaf7mX-2WmGRPnb7-3VFaAItCEhaYrlcwNWiM3kdBkncQK9BFMIcPnmPysBwH2lLJouAkryAYUwIrFbwE19TH_73iQvqVBWUuiRwqa2O4g5RT9W2jH6sq57aTnEYJ12u2viZeJThJqEHaQpQOECmaUuzYFx9mdtaNR97Urlk51gRoMhEQMkNzEkYirShAixZuBP5MCV-5vKj2qiRwy4BMQoVHTCps3bqLSUIKws52LPly9x60cOmY9PRVjOL3MZkFX_hlC53BorFOyrktFP4hCIWjKuJqTK0Tfps4LqQXYvp0rsXrwOxcLt00Ukf-RCYKlXkX0YlDZpn2m1pBgPLhP0nycVTB7SqGp2zwpfbeGNFt0l9484YmMnR-n381XlDBpeFk7L7WGyEjktiD4d0eyw_m5GI2z_EfrA-f4ZgTtOx7XC8h_y6Vg_TYULadJtjFYzmW8dfWazPkZIJDir_3w6vOygA3100ca0gT8zDdUybKFjapbCGn1vmP2vMxFXTFqzYh6qj5-Bgsp_9FYw02TRycGlEahu8iaXYt7NS7KcXpX4GcBHf-QqJ6eEr8xY_kXkSHL3bXam8CDCevFFekQ5zcNXfhEIGdpuR_IEo_XyXYXbWFnxU2b3bKONTD3-DyOEapdZenbO-PSXmTi_i2DnlCNOK2dcvn12Jhc4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame D3CB 52 KB
21 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Jul 2023 19:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6091
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 06 Jul 2023 21:04:37 GMT

GET
H2 200 main.19.8.425.js Show response
static.adsafeprotected.com/ Frame 6AD1 203 KB
63 KB 12ms
12ms Script
application/javascript 2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.425.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d24a3646c524336d1a00d5102a4fab0629caced791ff7f05a89d12253e147d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 21:04:08 GMT
x-amz-version-id: vTMh3VsUfsPfd30Q2lhQhLoWQZlv7Ed2
content-encoding: gzip
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 85321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Jul 2023 19:42:13 GMT
server: AmazonS3
etag: W/"8325ccb86878f05b0052313c53a93437"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: WyAh1OqijydJhWWEhrMQvqeMcytS2vXMsU9duyeXGda3suN9I6rZjA==

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame E075 978 B
905 B 109ms
24ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=193&ttfrms=34&brid=3&brver=114.0.5735.198&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETar9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&dfs=124&ddur=51&uid=1688676368290139&jsCallback=dvCallback_1688676368290334&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4122&tgjsver=4122&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.theonion.com%2F&fwc=8&fcl=1081&flt=33&fec=1545&fcifrms=7&brh=2&sdf=2&dvp_epl=238&noc=4&nav_pltfrm=Win32&ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&btreg=6314551905138436347090&btadsrv=6314551905138436347090&adsrv=104&unit=1600x520&seltag=1&sadv=72487178&ord=3212079107&litm=6314551905&scrt=138436347090&splc=152253218&adu=22405397127&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&cb=873580468&region=70dvtagver=6.1.src&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=576897040.9055824&dvp_tukv=2510057173.9366803&dvp_tuid=778062040810&jurtd=336823274
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: bc31b38b2e713b0af2fd35c362bda221f0691fd4627b1a99c67ff3eb713adf60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 20:46:08 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 07/05/2023 20:46:08

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 4BDD 150 KB
53 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N3F3MXD

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

deacbb4086c70eb33c713e2b9d96f71d11a043d6478fb9bd2aeb410ca3249992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54547
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 19:47:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jul 2023 20:46:08 GMT

GET
H2 200 main.19.8.425.js Show response
static.adsafeprotected.com/ Frame 4BDD 203 KB
63 KB 7ms
7ms Script
application/javascript 2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.425.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d24a3646c524336d1a00d5102a4fab0629caced791ff7f05a89d12253e147d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 21:04:08 GMT
x-amz-version-id: vTMh3VsUfsPfd30Q2lhQhLoWQZlv7Ed2
content-encoding: gzip
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 85321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Jul 2023 19:42:13 GMT
server: AmazonS3
etag: W/"8325ccb86878f05b0052313c53a93437"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: DHsVVdE7CxqTPl3EAQPN3HbkvIgVZLsPDgsZkxQgF3jxmnuGBAIW4g==

GET
H2 200 copy.png
qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/ Frame 4BDD 31 KB
32 KB 9ms
9ms Image
image/png 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/copy.png
Requested by: Host: c.qz.com
URL: https://c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/index.8fdf3319.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbb17a36a5ad2233362cd6c777e9d2844b6a95fdc78b49311dd40a39a4e99fe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.qz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: MDA3N3FK39GXF3TH
age: 22
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 32206
x-amz-id-2: wedxQuUDYZwuldtGXA+1ZzEsZg9LseFyBnVVyBDHkpJOleuG0Xzehk0UEj6c23f/5+RmEd6FChA=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Tue, 20 Jun 2023 18:22:31 GMT
server: AmazonS3
x-timer: S1688676368.446954,VS0,VE1
etag: "36b3d60f3da43502b2ca3b59b6f7d57b"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 cta.png
qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/ Frame 4BDD 6 KB
6 KB 9ms
8ms Image
image/png 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/cta.png
Requested by: Host: c.qz.com
URL: https://c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/index.8fdf3319.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5941060954d00bf976579a0e809b4ba9d6f294705c0989fc29ea736fc214592b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.qz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: YCBBSSZH7V5A3GKQ
age: 22
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 6070
x-amz-id-2: Ewg+s4hSo/Kd+dE8ggsk2cD/KcfUBAWwlPCHQOnDzFkFBkskqYqRhKnvlHUfLhdzWThn8u+QkMs=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Tue, 20 Jun 2023 18:22:31 GMT
server: AmazonS3
x-timer: S1688676368.446950,VS0,VE1
etag: "47c74fcee0f61260bcb86db1873bff00"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 logo.png
qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/ Frame 4BDD 3 KB
3 KB 9ms
9ms Image
image/png 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/logo.png
Requested by: Host: c.qz.com
URL: https://c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/index.8fdf3319.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97bc3d3b96d2655ce7fe030b0e276a2b8b4b75ccf2b07e9f926c8d4fe5e44476

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.qz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: BH27X2HHV1V696ZD
age: 22
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3023
x-amz-id-2: kxJyaQ+vTlGxRgOniAzJetbOfivpgu1CJWRdHnD6i0RHmR2DB2j6fCx/EL06imyCLuz4EkMRBlU=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Tue, 20 Jun 2023 18:22:31 GMT
server: AmazonS3
x-timer: S1688676368.447160,VS0,VE1
etag: "14e260e6b62f7909e16ed82aa5c411c7"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 play.png
qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/ Frame 4BDD 2 KB
2 KB 10ms
10ms Image
image/png 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/play.png
Requested by: Host: c.qz.com
URL: https://c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/index.8fdf3319.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 396bb5b08998bd1f8b02e6ecc8d08984599e1299eee87b21ae11066a4f91d30d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.qz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: MDAD825GJC1W23H1
age: 71
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2103
x-amz-id-2: boYLWX3N7uCx5Q3yE1zpen5dO0wqFzO+5Qyr8noe0OBCUc7zQH2cO6JA+sTT5cmTLuCyJP7QJjs=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Tue, 20 Jun 2023 18:22:31 GMT
server: AmazonS3
x-timer: S1688676368.447372,VS0,VE2
etag: "63e7889051cb2ace0daff98a5291718c"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
DATA 200
OK truncated
/ Frame 4BDD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27c34838fc15b0dc50afa567fa40141800169900bfaa90ecdb048c9dc5e40456

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame F7F4 47 KB
13 KB 51ms
51ms Script
application/javascript 54.246.204.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=931294&campId=1600x520&pubId=72487178&chanId=22405397127&placementId=6314551905&pubCreative=138437127990&pubOrder=3212079107&cb=577084310&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-01
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.204.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-204-72.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e88592f5884c6cd540589a786003a9db7c8b507cb070704dc24ac56bca7f3e47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK dv-measurements4122.js Show response
cdn.doubleverify.com/ Frame 0111 547 KB
104 KB 9ms
9ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4122.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6c0a263cc7f40c33f21c21323b8b0cdef80fa00a1467d58e87f6cf3de6e0e11a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 20:46:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Jul 2023 07:43:16 GMT
Server: UploadServer
ETag: "9b4ec8c5f3573c4020d70289eee8e2d0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106219
Expires: Fri, 05 Jul 2024 07:43:19 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame D3CB
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1503538/71719453/skeleton.js?adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=abedfq&adsafe_jsinfo=,id:8f1af7cb-3e9d-ea75-1e56-575d18925b59,c:hCDtRl...
https://static.adsafeprotected.com/skeleton.js

17 B
466 B

7ms
7ms

Script
application/javascript

2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 14835258
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: WsRZvByU-BSPDsN44t9CglVX56WMQuhCqDv2u-6KZhMQ6jbNc8aBYw==

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
server: nginx
x-server-name: app23.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 9659 91 KB
23 KB 7ms
7ms Script
application/javascript 2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 24901792
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: ZvbbPOs6oSiZAwzRQF9eVHGkJgNlzOyeeUp9H3Fd1flpTQcX2udT-g==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8741 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1GR4nlbLXdPsiDItLHEY7nfTmBRhHZiW-gSQA3CEk858XNz8qTc9amTu8tMXH-eI9UY-uW4ZSwLHjWesAxQWp_-uwFBr3PfGP910BQhp_pTyHFZpcR1c_CtIz3CfB22K-hiYEZWYI5MaldL6crZkWDW-Tq4SZZz54iXoaqkrg9EeoGtM4sY80DXK1P1n3IEIvgJSuDSEFpukvduJNIIzfr7cu05xy6klDEkKSa5aBqLYB_rac3fD8NfeyjBVKOrFBh_V5M78UmWtKjgGXyU7hWUAeLHeaeKmOM3kacYMg7EonHpx5l_43lli2MpDDIQzw5Z_Ixyot99ylx3UM&sai=AMfl-YRh9PsDmTmziYadJXH1_OFGre9X7mJM3_LmEM3qz3WoBA9VaakJRiAeAn2zQS3YxfM_-1-n5Ab_KUqSsGLoOQ3S6apV8uUgrpUSOWgxo60Rjmn9mEKuopFTF88-j0Y&sig=Cg0ArKJSzDbyGxvdNBthEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 b-e09f10f-4415d417.js Show response
tagan.adlightning.com/gomedia/ Frame 8741 77 KB
29 KB 19ms
17ms Script
application/javascript 99.86.91.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-43.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 895fe95f9252951d1b3acfba50546376d3224bb5a19fa40df3be17e6571e844b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:27:04 GMT
content-encoding: gzip
via: 1.1 54ebf0a06ec7306301fb9a98086cc9b0.cloudfront.net (CloudFront)
x-amz-version-id: W1DH6jDxNN9jfL9k8Lwxuy3R7DRroyh6
x-amz-cf-pop: CDG50-C1
age: 2693945
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29341
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:51 GMT
server: AmazonS3
etag: "2bdbd3c490a4d678a49da1f2123b95f8"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 6VMzq_JHozdhgn4dym2v5lYar-uGhsroANnjZrfQ17tXvSMVBa3siQ==

GET
H2 200 index.8fdf3319.css
c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/ Frame 8741 40 KB
41 KB 9ms
7ms Stylesheet
text/css 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/index.8fdf3319.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b6702af1b9a51b3cea18c0224eb1368acd3fc1d54cd4f0b8a59455fc8ea6f15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: 2F7C20BSG1KD7NC5
age: 1418
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 41446
x-amz-id-2: FdKjgQHTXQ/TG7IphfxSYQUU1ZAAMAymGtpnbN1qWWJpFJ42adg62rsLPce1kF688V7z1cxOVE0=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Fri, 30 Jun 2023 16:54:02 GMT
server: AmazonS3
x-timer: S1688676369.565825,VS0,VE0
etag: "cfecd31937a1fa8b99d74ded927f2f93"
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 4

GET
H2 200 jquery.min.js Show response
c.qz.com/scripts/qzcdist/ Frame 8741 86 KB
86 KB 10ms
8ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.qz.com/scripts/qzcdist/jquery.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: 3XE58YVH9DTW0R6A
age: 810
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 88145
x-amz-id-2: 6DC7l7alxiiQjUdtv19coFCGc8VOw3oP7Lt6JAYKNKZHOjvCjPonY+VLYN57xzi8cxFBJR7DrnI=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Fri, 30 Jun 2023 16:53:47 GMT
server: AmazonS3
x-timer: S1688676369.566067,VS0,VE0
etag: "220afd743d9e9643852e31a135a9f3ae"
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 4

GET
H3 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ Frame 8741 64 KB
23 KB 15ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/gsap.min.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1696920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23292
last-modified: Fri, 22 Apr 2022 16:32:30 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6262d89e-5afc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A29he3Zkt3pIPKAU%2FyVftfwzLzyFrXuR2K9qwOTfvOO611QNxsxpLxCPljfln8MNhzeFvu9k%2BFxsMnb37YbM1fsxVlFKmafItpvS4UIcAio2SxKOkAxUCRFpYGvfbUisZdAfAjcLwXmyS3%2BnVDGAGJto"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e2ab207883037f7-FRA
expires: Tue, 25 Jun 2024 20:46:08 GMT

GET
H2 200 index.90d57194.js Show response
c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/ Frame 8741 132 KB
132 KB 31ms
30ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/index.90d57194.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19e037946f24c1a75cf4dd5ce89242a943a9e199c97998512aa059fe2b591406

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: 04A21MJBJW8B07PC
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 134767
x-amz-id-2: m4Kr+IDlCGNzoUTRfv6Hw+VUNByTuz4eCGngpmz6abUKEdpcCuECVBj1eCzQqoKLH5QV3/k9nD8=
x-served-by: cache-fra-etou8220047-FRA
last-modified: Fri, 30 Jun 2023 16:54:02 GMT
server: AmazonS3
x-timer: S1688676369.565641,VS0,VE21
etag: "c1a9d69ec4ea82768cd989043ab7e0a5"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 qat.min.js Show response
c.qz.com/scripts/qat/qzcdist/ Frame 8741 2 KB
2 KB 10ms
9ms Script
application/javascript 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.qz.com/scripts/qat/qzcdist/qat.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90d4b39a601ca0b67746e7a60473cc89d5b3d633e9bc94bba157568ee54962ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: X94QST3HEC6FTHRX
age: 3279
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2086
x-amz-id-2: lrk2MMR4UdjGmZE821ogmg/ewo2w/BC8EU1s1fWOhLavDelH3uIjwi8K7Jcsl0Lhx4mFnJGaLQQ=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Fri, 30 Jun 2023 16:53:46 GMT
server: AmazonS3
x-timer: S1688676369.566070,VS0,VE0
etag: "ba99e3602459691d2fd53148db3ff289"
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 6

GET
H3

200

B30016091.368183932;dc_pre=CMyo29j5-v8CFabzEQgdExIIRA;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=586502270;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/ Frame 8741
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=586502270;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gd...
https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_pre=CMyo29j5-v8CFabzEQgdExIIRA;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=586502270;dc_lat=;dc_rdid=;tag_for_...

42 B
63 B

29ms
29ms

Image
image/gif

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_pre=CMyo29j5-v8CFabzEQgdExIIRA;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=586502270;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N418801.1695341QUARTZ/B30016091.368183932;dc_pre=CMyo29j5-v8CFabzEQgdExIIRA;dc_trk_aid=559199884;dc_trk_cid=192641185;ord=586502270;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/1503538/71719453/ Frame 8741 46 KB
12 KB 35ms
34ms Script
application/javascript 54.246.204.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/1503538/71719453/skeleton.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.204.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-204-72.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7fadb9061e6106ec5e33035504d63ab7881b5e0ca37187b061e5e69c2f99249f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8741 179 KB
56 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1688579601580341"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 20:46:08 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 8741 8 KB
4 KB 9ms
8ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&seltag=1&sadv=72487178&ord=3212079107&litm=6314551905&scrt=138437207397&unit=1600x520&splc=152253218&adu=22405397127&adsrv=104&btreg=6314551905138437207397&btadsrv=6314551905138437207397&cb=1514643184&region=70dvtagver=6.1.src
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 39399d443a3ab24886d829aae4ac8b33492ab78b193aeadda64586f0467b5ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 20:46:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Jul 2023 12:19:54 GMT
Server: UploadServer
ETag: "8f00be3da9a0f0d7a1a8c47b91364b82"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3377
Expires: Thu, 06 Jul 2023 12:35:21 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame D3CB 4 B
24 B 16ms
16ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=212803046&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x520&je=0&ec=Ads&ea=Impression&el=%2F&_u=QACAAEABAAAAACAAI~&jid=172274551&gjid=260604179&cid=1861076189.1688676367&tid=UA-20189-48&_gid=568724064.1688676367&_r=1&_slc=1&gtm=45He36s0n81N3F3MXD&cd18=&cd42=72487178&cd43=3212079107&cd44=6314551905&cd45=138436347090&cd55=&cd68=AdImpression&z=437368959

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 video.mp4
qzc-assets.qz.com/clients/intel/q2-2023-video-display/assets/ Frame D3CB 33 KB
33 KB 11ms
10ms Media
video/mp4 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://qzc-assets.qz.com/clients/intel/q2-2023-video-display/assets/video.mp4
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 415870ff94373ce302fb6650ffeb1d77ca7e6264ef62c98dc538451f80b417f5

Request headers

Referer: https://www.theonion.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=2129920-

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: Y050YJ8G9K49MFSM
age: 10
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 2129920-2163331/2163332
Content-Length: 33412
x-amz-id-2: qdKFp+rGLuGNWNegM3gSZeCVkoCd5ki75Q5wxIhKtbJXb6XuCbUxYFBl8wMfaENGxgHvAomUCfM=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Fri, 09 Jun 2023 18:40:19 GMT
server: AmazonS3
x-timer: S1688676369.602843,VS0,VE2
etag: "2f29eb7562cedfb24c96a5f6ee4ff958"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 321ms
94ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1503538&asId=8f1af7cb-3e9d-ea75-1e56-575d18925b59&tv=%7Bc:hCDtTe,pingTime:-2,time:587,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:124,bdZ:236,beA:255,beZ:256,mfA:708,cmA:710,inA:710,inZ:714,prA:714,prZ:718,si:726,poA:729,poZ:746,cmZ:746,mfZ:746,loA:809,loZ:813,ltA:842,ltZ:842,mdA:257,mdZ:376%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:1600.520,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:1600,h:520,t:470%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:587,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:470,wc:0.0.1600.1200,ac:1200.2629.1600.520,am:i,cc:1200.2629.1600.520,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B130~0%5D,as:%5B130~1600.520%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tJgtWJb+11%7C12%7C13%7C14%7C15%7C16*.1503538-71719453%7C161%7C162%7C171%7C172,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:471,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/frontpage_3,google_ads_iframe_/4246/fmg.onion/frontpage_3__container__,dfp-ad-9%5D,sinceFw:113,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
server: nginx
x-server-name: dt27.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 main.19.8.425.js Show response
static.adsafeprotected.com/ Frame F7F4 203 KB
63 KB 8ms
8ms Script
application/javascript 2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.425.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d24a3646c524336d1a00d5102a4fab0629caced791ff7f05a89d12253e147d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 21:04:08 GMT
x-amz-version-id: vTMh3VsUfsPfd30Q2lhQhLoWQZlv7Ed2
content-encoding: gzip
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 85321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Jul 2023 19:42:13 GMT
server: AmazonS3
etag: W/"8325ccb86878f05b0052313c53a93437"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 5QdgF5KqjNRFFYYIMxfJz1pQzOaoukzphXDWjQAlzwuEb8HCyZyMjQ==

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 0111 978 B
901 B 24ms
24ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=170&ttfrms=7&brid=3&brver=114.0.5735.198&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETar9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&dfs=51&ddur=11&uid=1688676368622263&jsCallback=dvCallback_1688676368622416&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4122&tgjsver=4122&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.theonion.com%2F&fwc=8&fcl=1101&flt=33&fec=1546&fcifrms=8&brh=2&sdf=2&dvp_epl=238&noc=4&nav_pltfrm=Win32&ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&btreg=6314551905138437127990&btadsrv=6314551905138437127990&adsrv=104&unit=1600x520&seltag=1&sadv=72487178&ord=3212079107&litm=6314551905&scrt=138437127990&splc=152253218&adu=22405397127&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&cb=577084310&region=70dvtagver=6.1.src&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1607090588.7827308&dvp_tukv=28238705026.2321&dvp_tuid=189028103406&jurtd=945587004
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: c8390e6bb8a660485b4118b65d90f73b14128a881c918335d06b35f48e0e7ba2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 20:46:08 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 07/05/2023 20:46:08

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame D3CB 4 B
70 B 21ms
21ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-20189-48&cid=1861076189.1688676367&jid=172274551&gjid=260604179&_gid=568724064.1688676367&_u=QACAAEAAAAAAACAAI~&z=628518977

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 06 Jul 2023 20:46:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 4BDD 52 KB
21 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Jul 2023 19:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6091
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 06 Jul 2023 21:04:37 GMT

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 0BCF 91 KB
23 KB 8ms
7ms Script
application/javascript 2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 24901792
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: gvANrC2SRcZTb0N5ur3IHAHMu-Z6UOBWC039nZQsk17aZ_o1j2Wd1Q==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 42ms
41ms Image
image/gif 54.246.204.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=931294&campId=1600x520&pubId=72487178&chanId=22405397127&placementId=6314551905&pubCreative=138436347090&pubOrder=3212079107&cb=873580468&adsafe_par&impId=12d9af4b-1c3e-11ee-8ff7-02c790015d1e&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-02&adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:d06c523e-6e9c-473f-9df7-bad4db86eee7,c:hCDtU2,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6b6dfd5f7-rkfwp,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1200.2629.1600.520,am:i,cc:1200.2629.1600.520,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:390,mot:0,app:0,maw:0,fm:tJgtWN3+11%7C12%7C13%7C14%7C15%7C16*.931294%7C161%7C162%7C163%7C171%7C172%7C18,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:397,oid:221b0419-1c3e-11ee-81f0-4e5181c90002,v:19.8.425,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.204.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-204-72.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
server: nginx
x-server-name: app21.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 258ms
93ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=d06c523e-6e9c-473f-9df7-bad4db86eee7&tv=%7Bc:hCDtU3,pingTime:-8,time:398,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:398,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:397,wc:0.0.1600.1200,ac:1200.2629.1600.520,am:i,cc:1200.2629.1600.520,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B7~0%5D,as:%5B7~1600.520%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tJgtWN3+11%7C12%7C13%7C14%7C15%7C16*.931294%7C161%7C162%7C163%7C171%7C172%7C18,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:398%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 19ms
19ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8b5ec702998cef0f1ae7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 07 Jul 2023 20:46:08 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 166ms
92ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1503538&asId=8f1af7cb-3e9d-ea75-1e56-575d18925b59&tv=%7Bc:hCDtVH,pingTime:-2.1,time:740,type:a,clog:%5B%7Bpiv:0,vs:o,r:l,w:1600,h:520,t:470%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:740,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:470,wc:0.0.1600.1200,ac:1200.2629.1600.520,am:i,cc:1200.2629.1600.520,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B283~0%5D,as:%5B283~1600.520%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tJgtWJb+11%7C12%7C13%7C14%7C15%7C16*.1503538-71719453%7C161%7C162%7C171%7C172,idMap:16.d06c523e-6e9c-473f-9df7-bad4db86eee7.106_931294%7C16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:471,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/frontpage_3,google_ads_iframe_/4246/fmg.onion/frontpage_3__container__,dfp-ad-9%5D,sinceFw:113,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 ga-audiences
www.google.com/ads/ Frame D3CB 42 B
63 B 34ms
33ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20189-48&cid=1861076189.1688676367&jid=172274551&_u=QACAAEAAAAAAACAAI~&z=344821629

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame D3CB 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20189-48&cid=1861076189.1688676367&jid=172274551&_u=QACAAEAAAAAAACAAI~&z=344821629

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 8741 150 KB
53 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N3F3MXD

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04f603e628e68c7e1f4abf5d0f448614c3217e87052372b6cab58422eb68f798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54548
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 19:47:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jul 2023 20:46:08 GMT

GET
H2 200 main.19.8.425.js Show response
static.adsafeprotected.com/ Frame 8741 203 KB
63 KB 7ms
7ms Script
application/javascript 2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.425.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d24a3646c524336d1a00d5102a4fab0629caced791ff7f05a89d12253e147d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 21:04:08 GMT
x-amz-version-id: vTMh3VsUfsPfd30Q2lhQhLoWQZlv7Ed2
content-encoding: gzip
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 85321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Jul 2023 19:42:13 GMT
server: AmazonS3
etag: W/"8325ccb86878f05b0052313c53a93437"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: cbdpC_iGQ63oX-g-CepyWX3RC5tjPlK5rOFzPTkcJh1NUilLZHIQmQ==

GET
H2 200 copy.png
qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/ Frame 8741 31 KB
32 KB 11ms
10ms Image
image/png 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/copy.png
Requested by: Host: c.qz.com
URL: https://c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/index.8fdf3319.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbb17a36a5ad2233362cd6c777e9d2844b6a95fdc78b49311dd40a39a4e99fe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.qz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: MDA3N3FK39GXF3TH
age: 22
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 32206
x-amz-id-2: wedxQuUDYZwuldtGXA+1ZzEsZg9LseFyBnVVyBDHkpJOleuG0Xzehk0UEj6c23f/5+RmEd6FChA=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Tue, 20 Jun 2023 18:22:31 GMT
server: AmazonS3
x-timer: S1688676369.796881,VS0,VE0
etag: "36b3d60f3da43502b2ca3b59b6f7d57b"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 cta.png
qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/ Frame 8741 6 KB
6 KB 10ms
10ms Image
image/png 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/cta.png
Requested by: Host: c.qz.com
URL: https://c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/index.8fdf3319.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5941060954d00bf976579a0e809b4ba9d6f294705c0989fc29ea736fc214592b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.qz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: YCBBSSZH7V5A3GKQ
age: 22
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 6070
x-amz-id-2: Ewg+s4hSo/Kd+dE8ggsk2cD/KcfUBAWwlPCHQOnDzFkFBkskqYqRhKnvlHUfLhdzWThn8u+QkMs=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Tue, 20 Jun 2023 18:22:31 GMT
server: AmazonS3
x-timer: S1688676369.797030,VS0,VE0
etag: "47c74fcee0f61260bcb86db1873bff00"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 logo.png
qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/ Frame 8741 3 KB
3 KB 11ms
11ms Image
image/png 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/logo.png
Requested by: Host: c.qz.com
URL: https://c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/index.8fdf3319.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 97bc3d3b96d2655ce7fe030b0e276a2b8b4b75ccf2b07e9f926c8d4fe5e44476

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.qz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: BH27X2HHV1V696ZD
age: 22
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3023
x-amz-id-2: kxJyaQ+vTlGxRgOniAzJetbOfivpgu1CJWRdHnD6i0RHmR2DB2j6fCx/EL06imyCLuz4EkMRBlU=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Tue, 20 Jun 2023 18:22:31 GMT
server: AmazonS3
x-timer: S1688676369.798348,VS0,VE0
etag: "14e260e6b62f7909e16ed82aa5c411c7"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 play.png
qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/ Frame 8741 2 KB
2 KB 11ms
11ms Image
image/png 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/play.png
Requested by: Host: c.qz.com
URL: https://c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/index.8fdf3319.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 396bb5b08998bd1f8b02e6ecc8d08984599e1299eee87b21ae11066a4f91d30d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.qz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
via: 1.1 varnish
x-amz-request-id: MDAD825GJC1W23H1
age: 71
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2103
x-amz-id-2: boYLWX3N7uCx5Q3yE1zpen5dO0wqFzO+5Qyr8noe0OBCUc7zQH2cO6JA+sTT5cmTLuCyJP7QJjs=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Tue, 20 Jun 2023 18:22:31 GMT
server: AmazonS3
x-timer: S1688676369.798353,VS0,VE0
etag: "63e7889051cb2ace0daff98a5291718c"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
DATA 200
OK truncated
/ Frame 8741 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae478d0aa1d5dd397784708b171065a69cb63c1e6f265a013b41ee9c3c032ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 9EA0 47 KB
13 KB 35ms
35ms Script
application/javascript 54.246.204.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=931294&campId=1600x520&pubId=72487178&chanId=22405397127&placementId=6314551905&pubCreative=138437207397&pubOrder=3212079107&cb=1514643184&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-03
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.204.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-204-72.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 430d9074fa4a328f00f43623c2afee8e770814e942ba51ede5ad58455daa0572

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK dv-measurements4122.js Show response
cdn.doubleverify.com/ Frame 86FD 547 KB
104 KB 8ms
8ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4122.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6c0a263cc7f40c33f21c21323b8b0cdef80fa00a1467d58e87f6cf3de6e0e11a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 06 Jul 2023 20:46:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Jul 2023 07:43:16 GMT
Server: UploadServer
ETag: "9b4ec8c5f3573c4020d70289eee8e2d0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106219
Expires: Fri, 05 Jul 2024 07:43:19 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 4BDD
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1503538/71719453/skeleton.js?adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=abedfq&adsafe_jsinfo=,id:7471b616-e53a-25df-b54e-6fe5404bf3d5,c:hCDtWL...
https://static.adsafeprotected.com/skeleton.js

17 B
466 B

7ms
7ms

Script
application/javascript

2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 14835258
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: fjwjOZAN0CzzDFw_WYfFPiL_hcjS1wSN895KHTQDoOkyhc1KzB6DHA==

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
server: nginx
x-server-name: app13.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 685B 91 KB
23 KB 7ms
7ms Script
application/javascript 2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 24901792
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: mQFyvt_twUvBvVvT1Be6A7QR6x9tK9DIs3LwcKrTZ9LqvYNLSCu_QQ==

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 94ms
94ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=d06c523e-6e9c-473f-9df7-bad4db86eee7&tv=%7Bc:hCDtXa,pingTime:-2,time:591,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:198,beZ:199,mfA:588,cmA:589,inA:589,inZ:590,prA:590,prZ:592,si:596,poA:596,poZ:604,cmZ:604,mfZ:604,loA:699,loZ:701,ltA:789,ltZ:789,mdA:200,mdZ:216%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:1600.520,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:1600,h:520,t:397%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:591,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:397,wc:0.0.1600.1200,ac:1200.2629.1600.520,am:i,cc:1200.2629.1600.520,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B200~0%5D,as:%5B200~1600.520%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tJgtWN3+11%7C12%7C13%7C14%7C15%7C16*.931294%7C161%7C162%7C163%7C171%7C172%7C18,idMap:16*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:398,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/frontpage_3,google_ads_iframe_/4246/fmg.onion/frontpage_3__container__,dfp-ad-9%5D,sinceFw:193,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 plyr.svg Show response
cdn.plyr.io/3.6.12/ Frame 4BDD 6 KB
2 KB 26ms
25ms XHR
image/svg+xml 2606:4700:21::681b:c258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.6.12/plyr.svg
Requested by: Host: c.qz.com
URL: https://c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/index.90d57194.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Apr 2023 10:33:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 267479
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ioy2AjmxpiSLW7R%2FYOGd3wkDiBvHk30lXnPWRQ8AEJCFHTTYZ%2BJ6zp1InZJNy6h1tBsh%2BNr0WhKsxUgqlju0V33WORgYCJ8bLbMUwQDXFZojh9UOUIxPo7WVsX89nobaPyxOyl3McIKB"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 7e2ab209ad23385a-LHR
alt-svc: h3=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 4BDD 3 B
23 B 15ms
15ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1202832339&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x520&je=0&ec=Ads&ea=Impression&el=%2F&_u=QACAAEABAAAAACAAI~&jid=&gjid=&cid=1861076189.1688676367&tid=UA-20189-48&_gid=568724064.1688676367&_slc=1&gtm=45He36s0n81N3F3MXD&cd18=&cd42=72487178&cd43=3212079107&cd44=6314551905&cd45=138437127990&cd55=&cd68=AdImpression&z=1960366493

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plyr.svg Show response
cdn.plyr.io/3.6.12/ Frame 8741 6 KB
2 KB 24ms
24ms XHR
image/svg+xml 2606:4700:21::681b:c258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plyr.io/3.6.12/plyr.svg
Requested by: Host: c.qz.com
URL: https://c.qz.com/sponsors/intel/q3-2023-video-display/qzcdist/index.90d57194.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::681b:c258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Apr 2023 10:33:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 267479
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jeA1M2ajMFNrcTpYytRRB3vPw9S2ZeHHaru6iqzDGoaZyTeNRqoa%2BSRnsTGSAWjWwoaPpxHP5BzTquAFxsf5GT34KmJCQt7Km6CYRYTQQ3RyrytW09LOMQ2xcw%2BEqi0fgdl3TwFbicGo"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 7e2ab209ed85385a-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 95ms
95ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1503538&asId=7471b616-e53a-25df-b54e-6fe5404bf3d5&tv=%7Bc:hCDtZ5,pingTime:-2,time:556,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:51,bdZ:87,beA:257,beZ:258,mfA:663,cmA:664,inA:664,inZ:665,prA:665,prZ:666,si:670,poA:674,poZ:683,cmZ:683,mfZ:683,loA:708,loZ:710,ltA:813,ltZ:813,mdA:259,mdZ:270%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:1600.520,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:1600,h:520,t:412%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:556,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:412,wc:0.0.1600.1200,ac:1200.1455.1600.520,am:i,cc:1200.1455.1600.520,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B150~0%5D,as:%5B150~1600.520%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tJgtWJb+11%7C12%7C13%7C14%7C15%7C16.1503538-71719453%7C161%7C162%7C163%7C164%7C17*.1503538-71719453%7C171%7C172%7C181%7C182,idMap:17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:412,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/frontpage_2,google_ads_iframe_/4246/fmg.onion/frontpage_2__container__,dfp-ad-7%5D,sinceFw:140,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:09 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 9628 91 KB
23 KB 8ms
8ms Script
application/javascript 2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 24901792
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: dA1v13FXzX4seM3mCf3TGm1Lp5uEZuVkuCC-2mV9HY4hSGo3a8vyKg==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 45ms
45ms Image
image/gif 54.246.204.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=931294&campId=1600x520&pubId=72487178&chanId=22405397127&placementId=6314551905&pubCreative=138437127990&pubOrder=3212079107&cb=577084310&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-01&adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:a24f423f-60d1-0721-63af-2c0b23c3d4ab,c:hCDtZd,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6b6dfd5f7-mznjm,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1200.1455.1600.520,am:i,cc:1200.1455.1600.520,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:357,mot:0,app:0,maw:0,fm:tJgtWSL+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C164%7C17*.931294%7C171%7C172%7C173%7C181%7C182,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:364,oid:2254d978-1c3e-11ee-8783-3630fdfe5bb9,v:19.8.425,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.204.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-204-72.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:09 GMT
server: nginx
x-server-name: app19.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 100ms
99ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=a24f423f-60d1-0721-63af-2c0b23c3d4ab&tv=%7Bc:hCDtZd,pingTime:-8,time:364,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:364,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:364,wc:0.0.1600.1200,ac:1200.1455.1600.520,am:i,cc:1200.1455.1600.520,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~1600.520%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tJgtWSL+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C164%7C17*.931294%7C171%7C172%7C173%7C181%7C182,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:364%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:09 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C9BB 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jul 2023 20:46:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 948395
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 53ms
25ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

eb3e17c0f1b1c67c004211e61c5b1a416d53b308b9ac69b87a59c6ccbc751950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jun 2023 05:28:55 GMT
server: nginx
etag: W/"649d1697-17798"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 07 Jul 2023 20:46:09 GMT

GET
H2 200 main.19.8.425.js Show response
static.adsafeprotected.com/ Frame 9EA0 203 KB
63 KB 7ms
7ms Script
application/javascript 2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.425.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d24a3646c524336d1a00d5102a4fab0629caced791ff7f05a89d12253e147d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 21:04:08 GMT
x-amz-version-id: vTMh3VsUfsPfd30Q2lhQhLoWQZlv7Ed2
content-encoding: gzip
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 85322
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Jul 2023 19:42:13 GMT
server: AmazonS3
etag: W/"8325ccb86878f05b0052313c53a93437"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Jry91KTMh6bAzjvj4kRIGHsXz2VtaTurXG5eDzn2WPlZR4_4SXKfxA==

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 86FD 978 B
902 B 25ms
24ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=227&ttfrms=9&brid=3&brver=114.0.5735.198&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETar9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&dfs=46&ddur=10&uid=1688676369029226&jsCallback=dvCallback_1688676369029479&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4122&tgjsver=4122&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.theonion.com%2F&fwc=8&fcl=1101&flt=33&fec=1550&fcifrms=9&brh=2&sdf=2&dvp_epl=238&noc=4&nav_pltfrm=Win32&ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&btreg=6314551905138437207397&btadsrv=6314551905138437207397&adsrv=104&unit=1600x520&seltag=1&sadv=72487178&ord=3212079107&litm=6314551905&scrt=138437207397&splc=152253218&adu=22405397127&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&cb=1514643184&region=70dvtagver=6.1.src&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=524257154.7089967&dvp_tukv=123616583.15217014&dvp_tuid=800410678399&jurtd=1980597186
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: caf269b73ea27d7d8f774f763d163546148f491cd96e97aeb485f4183c5206bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 20:46:09 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 07/05/2023 20:46:09

GET
H2 206 video.mp4
qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/ Frame 4BDD 692 KB
0 13ms
13ms Media
video/mp4 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/video.mp4
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.theonion.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 06 Jul 2023 20:46:09 GMT
via: 1.1 varnish
x-amz-request-id: 0QJ807K8WRT9DC23
age: 2
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-2370371/2370372
Content-Length: 2370372
x-amz-id-2: S2Wdf5tTmq8odDWm/XYs5SPDVY2jR/pFAVTqj1wFSAwZ6zyY2mh0uKj9pALMHoNkAyrC1M0r3gA=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Tue, 20 Jun 2023 18:22:31 GMT
server: AmazonS3
x-timer: S1688676369.060179,VS0,VE1
etag: "9f044321dd2ea9a1dde82fece5b7dece"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 97ms
97ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1503538&asId=7471b616-e53a-25df-b54e-6fe5404bf3d5&tv=%7Bc:hCDu0A,pingTime:-2.1,time:649,type:a,clog:%5B%7Bpiv:0,vs:o,r:l,w:1600,h:520,t:412%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:649,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:412,wc:0.0.1600.1200,ac:1200.1455.1600.520,am:i,cc:1200.1455.1600.520,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B243~0%5D,as:%5B243~1600.520%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tJgtWJb+11%7C12%7C13%7C14%7C15%7C16.1503538-71719453%7C161%7C162%7C163%7C164%7C17*.1503538-71719453%7C171%7C172%7C181%7C182,idMap:17.a24f423f-60d1-0721-63af-2c0b23c3d4ab.89_931294%7C17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:412,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/frontpage_2,google_ads_iframe_/4246/fmg.onion/frontpage_2__container__,dfp-ad-7%5D,sinceFw:140,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:09 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 97ms
97ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1503538&asId=8f1af7cb-3e9d-ea75-1e56-575d18925b59&tv=%7Bc:hCDu0T,pingTime:-10,time:1062,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688676369079%7C%7C60a6fea43c5b9e482e0aaaed2e833da3%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7Cd4dd232a23d8ddb06f7d214beddc0e35%7C%7Cf0a1f1be7553b2ada204411e5e00c1e5%7C%7C5c921bd05cc53ec37505dc36c3d8a2d3%7C%7Ce30a4c3ad17d07823ee347abfec8413c%7C%7Cd63fde87625c18a36b37147143a3669e%7C%7C1663701684,im:%7Bimprf:%7Bttecl:877,ecd:97,tsecr:175%7D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:09 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 206 video.mp4
qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/ Frame 8741 271 KB
0 34ms
34ms Media
video/mp4 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/video.mp4
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.theonion.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 06 Jul 2023 20:46:09 GMT
via: 1.1 varnish
x-amz-request-id: 0QJ807K8WRT9DC23
age: 2
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-2370371/2370372
Content-Length: 2370372
x-amz-id-2: S2Wdf5tTmq8odDWm/XYs5SPDVY2jR/pFAVTqj1wFSAwZ6zyY2mh0uKj9pALMHoNkAyrC1M0r3gA=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Tue, 20 Jun 2023 18:22:31 GMT
server: AmazonS3
x-timer: S1688676369.090404,VS0,VE1
etag: "9f044321dd2ea9a1dde82fece5b7dece"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 8741 52 KB
21 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 06 Jul 2023 19:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6092
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 06 Jul 2023 21:04:37 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 99ms
99ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=a24f423f-60d1-0721-63af-2c0b23c3d4ab&tv=%7Bc:hCDu1j,pingTime:-2,time:494,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:173,beZ:174,mfA:530,cmA:530,inA:530,inZ:531,prA:531,prZ:533,si:537,poA:537,poZ:546,cmZ:546,mfZ:546,loA:622,loZ:625,ltA:667,ltZ:667,mdA:174,mdZ:184%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:1600.520,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:1600,h:520,t:364%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:494,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:364,wc:0.0.1600.1200,ac:1200.1455.1600.520,am:i,cc:1200.1455.1600.520,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B136~0%5D,as:%5B136~1600.520%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tJgtWSL+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C164%7C17*.931294%7C171%7C172%7C173%7C181%7C182,idMap:17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:364,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/frontpage_2,google_ads_iframe_/4246/fmg.onion/frontpage_2__container__,dfp-ad-7%5D,sinceFw:130,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:09 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

sid Show response
mug.criteo.com/ Frame C9BB
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=theonion.com&sn=ChromeSyncframe&so=3&topUrl=www.theonion.com&bundle=iInL3F9HMEhqVDVKTTJKem8lMkJ4b3VRZWlyQ2JIYzdsQzVNd0RtcTc0eUE2R29IcVk1Qm...
https://mug.criteo.com/sid?cpp=5bm0nHw0TERzNTd1T24zVnFpSkxpaWdieW5za015SVI3RXBRQTd5SSt3WmYreiszbmVOWWk3SlYrUFRyRndBQ2NPTVNxVjE4QitYdE5RdzU4eGo4TlQrRlZOUTJFUzZ2ZjVJK2NFeER2OVNLa0ZOYmltTERNQXpCYUxPN0...

431 B
654 B

27ms
26ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=5bm0nHw0TERzNTd1T24zVnFpSkxpaWdieW5za015SVI3RXBRQTd5SSt3WmYreiszbmVOWWk3SlYrUFRyRndBQ2NPTVNxVjE4QitYdE5RdzU4eGo4TlQrRlZOUTJFUzZ2ZjVJK2NFeER2OVNLa0ZOYmltTERNQXpCYUxPN0NlRmFEZWQranRDcFUyNjlMRXlIN3BrellvK2pBRE8wcElmZEJZa0tnS3hyL0w4SjQ5VnRmL1N6SjNja1R2N0phQTh2a1JXeGNhMk9VbVlVS2JxNi9KWFJ6Zm5rN3hFcjBOM2o1TUcvYWwwY1laYlVWdTlNRnV2Mmt5djAzdG53TisxY21wc0JVWm1pS2E4QitpN1B0VDgxOXQyQ09PZz09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8e46c8804e916fb578206e939418a12b067ce4d8bc425b56fbf127f8a81a92b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 845939
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=5bm0nHw0TERzNTd1T24zVnFpSkxpaWdieW5za015SVI3RXBRQTd5SSt3WmYreiszbmVOWWk3SlYrUFRyRndBQ2NPTVNxVjE4QitYdE5RdzU4eGo4TlQrRlZOUTJFUzZ2ZjVJK2NFeER2OVNLa0ZOYmltTERNQXpCYUxPN0NlRmFEZWQranRDcFUyNjlMRXlIN3BrellvK2pBRE8wcElmZEJZa0tnS3hyL0w4SjQ5VnRmL1N6SjNja1R2N0phQTh2a1JXeGNhMk9VbVlVS2JxNi9KWFJ6Zm5rN3hFcjBOM2o1TUcvYWwwY1laYlVWdTlNRnV2Mmt5djAzdG53TisxY21wc0JVWm1pS2E4QitpN1B0VDgxOXQyQ09PZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 282221
content-length: 0
expires: 0

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 8741
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1503538/71719453/skeleton.js?adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=abedfq&adsafe_jsinfo=,id:4d567336-1465-aab9-227c-38f7ca61253b,c:hCDu1H...
https://static.adsafeprotected.com/skeleton.js

17 B
464 B

18ms
18ms

Script
application/javascript

2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 14835259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 8LixzmGZUHoL8rqbeo8EDq7Pisr0bQdeqXRjivynV_29lgr4gJlgQg==

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:09 GMT
server: nginx
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame BE34 91 KB
23 KB 11ms
11ms Script
application/javascript 2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 24901793
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: JCBjGspQobEsLP8VbhW7QhbUJj4RoStSUidDQv2lGh6gG8gD8BPCig==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4BDD 0
0 56ms
55ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_NOjLFdbXn5pfYwCOIEysKldNif4G2LiCdxQ3i6IsOQXcJ9oqYz26GQtiCdbsIMfd-WXFtTox_okCrwS0-W_Hj2p0LPBr24UIWK_419Rtqw4aZ-PyS2kJuzvtMT9arsDh9kh8hP8BAtrgdv7Rn264Pn4DpQEGw0VMHDD4gRACOwo9ZeNechmpLfkQgJ2i9HKEI3JP_qChLbODtnBB-4xVxWWRHhRXyoVkCtEQiLJDYvt1hsA2uvv3Ydls9uhJfvy5u-7sqcQDNBth4Jc3ONzzySeYrm_GN1cbeDB49P1LWz2Dxao8Hv9unkjSQ19JVXldDeRxIkmiqnHlwzvTz5U&sai=AMfl-YTc-Q7iatjDHXBrOI98dCSWpyPKZBRjdXsFo938qzBeH76Iq3rMlPQ-Tu8RqoQL1eIKEbd3YcHUgB70ehfo2IlaR6Pv7D9_dS0BM60xS6iJ-M9QaiW7Ybm71BDOCmQ&sig=Cg0ArKJSzMGutlPxcm2lEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 06 Jul 2023 20:46:09 GMT

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 8D06 91 KB
23 KB 13ms
13ms Script
application/javascript 2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 24901793
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: iydhkRe_R9xmddy4WngQdNCMFRmwvRvXh2HouN9Iit5pfrEntPwf3Q==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 54ms
54ms Image
image/gif 54.246.204.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=931294&campId=1600x520&pubId=72487178&chanId=22405397127&placementId=6314551905&pubCreative=138437207397&pubOrder=3212079107&cb=1514643184&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-03&adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:cf44e06c-d076-1528-ee44-0687d55d4ea9,c:hCDu2k,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-6b6dfd5f7-hqwcj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1200.4077.1600.520,am:i,cc:1200.4077.1600.520,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:142,mot:0,app:0,maw:0,fm:tJgtWZl+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C18*.931294%7C181%7C182%7C183%7C19,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:150,oid:228a6880-1c3e-11ee-a6a4-5240af9001b5,v:19.8.425,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.204.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-204-72.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:09 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 92ms
92ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=cf44e06c-d076-1528-ee44-0687d55d4ea9&tv=%7Bc:hCDu2l,pingTime:-8,time:150,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:150,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:149,wc:0.0.1600.1200,ac:1200.4077.1600.520,am:i,cc:1200.4077.1600.520,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B8~0%5D,as:%5B8~1600.520%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tJgtWZl+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C174%7C18*.931294%7C181%7C182%7C183%7C19,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:150%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:09 GMT
server: nginx
x-server-name: dt26.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 92ms
92ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=a24f423f-60d1-0721-63af-2c0b23c3d4ab&tv=%7Bc:hCDu2z,pingTime:-10,time:572,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688676369079%7C%7C60a6fea43c5b9e482e0aaaed2e833da3%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7Cd4dd232a23d8ddb06f7d214beddc0e35%7C%7Cf0a1f1be7553b2ada204411e5e00c1e5%7C%7C5c921bd05cc53ec37505dc36c3d8a2d3%7C%7Ce30a4c3ad17d07823ee347abfec8413c%7C%7Cd63fde87625c18a36b37147143a3669e%7C%7C1663701684,sca:%7Bspg:8f1af7cb-3e9d-ea75-1e56-575d18925b59%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:09 GMT
server: nginx
x-server-name: dt27.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 8741 3 B
23 B 24ms
23ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1405768901&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x520&je=0&ec=Ads&ea=Impression&el=%2F&_u=QACAAEABAAAAACAAI~&jid=&gjid=&cid=1861076189.1688676367&tid=UA-20189-48&_gid=568724064.1688676367&_slc=1&gtm=45He36s0n81N3F3MXD&cd18=&cd42=72487178&cd43=3212079107&cd44=6314551905&cd45=138437207397&cd55=&cd68=AdImpression&z=60283957

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 video.mp4
qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/ Frame 4BDD 43 KB
43 KB 42ms
41ms Media
video/mp4 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/video.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 521a7883f6c46dc19216c050c9bebf2f289fb643266acb03c33af3e3eab0f969

Request headers

Referer: https://www.theonion.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=2326528-

Response headers

date: Thu, 06 Jul 2023 20:46:09 GMT
via: 1.1 varnish
x-amz-request-id: 0QJ807K8WRT9DC23
age: 2
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 2326528-2370371/2370372
Content-Length: 43844
x-amz-id-2: S2Wdf5tTmq8odDWm/XYs5SPDVY2jR/pFAVTqj1wFSAwZ6zyY2mh0uKj9pALMHoNkAyrC1M0r3gA=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Tue, 20 Jun 2023 18:22:31 GMT
server: AmazonS3
x-timer: S1688676369.192243,VS0,VE1
etag: "9f044321dd2ea9a1dde82fece5b7dece"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 94ms
93ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1503538&asId=4d567336-1465-aab9-227c-38f7ca61253b&tv=%7Bc:hCDu2O,pingTime:-2,time:429,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:46,bdZ:83,beA:252,beZ:253,mfA:606,cmA:606,inA:606,inZ:607,prA:607,prZ:609,si:613,poA:617,poZ:627,cmZ:627,mfZ:627,loA:660,loZ:662,ltA:681,ltZ:681,mdA:254,mdZ:265%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:1600.520,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:1600,h:520,t:360%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:429,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:360,wc:0.0.1600.1200,ac:1200.4077.1600.520,am:i,cc:1200.4077.1600.520,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B75~0%5D,as:%5B75~1600.520%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tJgtWJb+11%7C12%7C13%7C14%7C15%7C16.1503538-71719453%7C161%7C162%7C163%7C164%7C17.1503538-71719453%7C171%7C172%7C173%7C174%7C18*.1503538-71719453%7C181%7C182%7C19,idMap:18.cf44e06c-d076-1528-ee44-0687d55d4ea9.28_931294%7C18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:361,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/frontpage_4,google_ads_iframe_/4246/fmg.onion/frontpage_4__container__,dfp-ad-12%5D,sinceFw:63,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:09 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 93ms
93ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=cf44e06c-d076-1528-ee44-0687d55d4ea9&tv=%7Bc:hCDu2Q,pingTime:-2,time:181,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:231,beZ:232,mfA:372,cmA:373,inA:373,inZ:373,prA:373,prZ:376,si:380,poA:380,poZ:388,cmZ:388,mfZ:388,loA:403,loZ:405,ltA:412,ltZ:412,mdA:232,mdZ:243%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:1600.520,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:1600,h:520,t:149%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:182,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:149,wc:0.0.1600.1200,ac:1200.4077.1600.520,am:i,cc:1200.4077.1600.520,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~1600.520%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tJgtWJb+11%7C12%7C13%7C14%7C15%7C16.1503538-71719453%7C161%7C162%7C163%7C164%7C17.1503538-71719453%7C171%7C172%7C173%7C174%7C18*.931294%7C181%7C182%7C183%7C19,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:150,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/frontpage_4,google_ads_iframe_/4246/fmg.onion/frontpage_4__container__,dfp-ad-12%5D,sinceFw:31,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:09 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 206 video.mp4
qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/ Frame 8741 43 KB
43 KB 44ms
43ms Media
video/mp4 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/video.mp4
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 521a7883f6c46dc19216c050c9bebf2f289fb643266acb03c33af3e3eab0f969

Request headers

Referer: https://www.theonion.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=2326528-

Response headers

date: Thu, 06 Jul 2023 20:46:09 GMT
via: 1.1 varnish
x-amz-request-id: 0QJ807K8WRT9DC23
age: 2
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 2326528-2370371/2370372
Content-Length: 43844
x-amz-id-2: S2Wdf5tTmq8odDWm/XYs5SPDVY2jR/pFAVTqj1wFSAwZ6zyY2mh0uKj9pALMHoNkAyrC1M0r3gA=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Tue, 20 Jun 2023 18:22:31 GMT
server: AmazonS3
x-timer: S1688676369.205178,VS0,VE1
etag: "9f044321dd2ea9a1dde82fece5b7dece"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8741 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukiadZBLTHYsB9hSaOkHLE7RsZtzmyAFoHILrKrjpYh3RgcE7SoshSGFjN3bB0tdtYL7DTluIAA5KX-FpZkRxt19_v6B78KOFN0suoFwmVGsAAQrXBTB-UdWs5U-sJC8-tNd_GPeaDjI3tVabovYFp-okqn62DCXUJMBfRio7j_6neTeR6dlAgoeZxNb_23H6PFgihihoGClOWwRmNmCp6JJVK_jPsdbgreW63AW1KrXhn9Y6Z8iIJZuDDwbdPXuiZHOY9G7sMiZOPTmdSjHwN4yhvcoPb7K_zTTfrTzmDoxJM8_jJPekHA0Y0MBZt5CXn--x-GCAhKjsmlyBp5dI&sai=AMfl-YTPUgwtvrHtEYMKxpLalWi-k68TM7RSfhzr9jr8rOQsyfsbBqz6YfONgBd3jf2bVzUC6iXADGwN-pcRuZca8BW9YG343OZ4FgQPx8krSCrnu4wJisUZll__baoVvKo&sig=Cg0ArKJSzI8u1S1LUFOOEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 06 Jul 2023 20:46:09 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 91ms
91ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1503538&asId=7471b616-e53a-25df-b54e-6fe5404bf3d5&tv=%7Bc:hCDu3q,time:825,type:e,im:%7Bimprf:%7Bttecl:914,ecd:141,tsecr:150%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:825,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:412,wc:0.0.1600.1200,ac:1200.1455.1600.520,am:i,cc:1200.1455.1600.520,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B419~0%5D,as:%5B419~1600.520%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:139,fm:tJgtWJb+11%7C12%7C13%7C14%7C15%7C16.1503538-71719453%7C161%7C162%7C163%7C164%7C17*.1503538-71719453%7C171%7C172%7C18.1503538-71719453%7C181%7C182,idMap:17.a24f423f-60d1-0721-63af-2c0b23c3d4ab.89_931294%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:412,sis:707%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:09 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 collect
www.google-analytics.com/ Frame D3CB 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=212803046&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x520&je=0&ec=Ads&ea=VideoEvent&el=%2F&_u=SACAAEABAAAAACAAI~&jid=&gjid=&cid=1861076189.1688676367&tid=UA-20189-48&_gid=568724064.1688676367&gtm=45He36s0n81N3F3MXD&cd18=&cd42=72487178&cd43=3212079107&cd44=6314551905&cd45=138436347090&cd55=&cd68=AdVideoEvent&cd49=autoPlay&cd51=0&z=1127929165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 00:28:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73052
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 92ms
91ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1503538&asId=4d567336-1465-aab9-227c-38f7ca61253b&tv=%7Bc:hCDu3W,time:499,type:e,im:%7Bimprf:%7Bttecl:666,ecd:95,tsecr:0%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:499,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:360,wc:0.0.1600.1200,ac:1200.4077.1600.520,am:i,cc:1200.4077.1600.520,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B145~0%5D,as:%5B145~1600.520%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tJgtWJb+11%7C12%7C13%7C14%7C15%7C16.1503538-71719453%7C161%7C162%7C163%7C164%7C17.1503538-71719453%7C171%7C172%7C173%7C174%7C18*.1503538-71719453%7C181%7C182%7C19,idMap:18.cf44e06c-d076-1528-ee44-0687d55d4ea9.28_931294%7C18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:361,sis:460%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:09 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 118ms
118ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1503538&asId=7471b616-e53a-25df-b54e-6fe5404bf3d5&tv=%7Bc:hCDu7d,pingTime:-10,time:1060,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688676369079%7C%7C60a6fea43c5b9e482e0aaaed2e833da3%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7Cd4dd232a23d8ddb06f7d214beddc0e35%7C%7Cf0a1f1be7553b2ada204411e5e00c1e5%7C%7C5c921bd05cc53ec37505dc36c3d8a2d3%7C%7Ce30a4c3ad17d07823ee347abfec8413c%7C%7Cd63fde87625c18a36b37147143a3669e%7C%7C1663701684,sca:%7Bspg:8f1af7cb-3e9d-ea75-1e56-575d18925b59%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:09 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 collect
www.google-analytics.com/ Frame 4BDD 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1202832339&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x520&je=0&ec=Ads&ea=VideoEvent&el=%2F&_u=SACAAEABAAAAACAAI~&jid=&gjid=&cid=1861076189.1688676367&tid=UA-20189-48&_gid=568724064.1688676367&gtm=45He36s0n81N3F3MXD&cd18=&cd42=72487178&cd43=3212079107&cd44=6314551905&cd45=138437127990&cd55=&cd68=AdVideoEvent&cd49=autoPlay&cd51=0&z=1350282289

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 00:28:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73052
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 8741 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1405768901&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x520&je=0&ec=Ads&ea=VideoEvent&el=%2F&_u=SACAAEABAAAAACAAI~&jid=&gjid=&cid=1861076189.1688676367&tid=UA-20189-48&_gid=568724064.1688676367&gtm=45He36s0n81N3F3MXD&cd18=&cd42=72487178&cd43=3212079107&cd44=6314551905&cd45=138437207397&cd55=&cd68=AdVideoEvent&cd49=autoPlay&cd51=0&z=1726562621

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 00:28:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73052
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 206 video.mp4
qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/ Frame 8741 2 MB
2 MB 10ms
10ms Media
video/mp4 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/video.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 913163f65c591e2c68d2bd5dda179acde2bec3af172bc60dd837f80119b7897d

Request headers

Referer: https://www.theonion.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=262144-

Response headers

date: Thu, 06 Jul 2023 20:46:09 GMT
via: 1.1 varnish
x-amz-request-id: 0QJ807K8WRT9DC23
age: 2
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 262144-2370371/2370372
Content-Length: 2108228
x-amz-id-2: S2Wdf5tTmq8odDWm/XYs5SPDVY2jR/pFAVTqj1wFSAwZ6zyY2mh0uKj9pALMHoNkAyrC1M0r3gA=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Tue, 20 Jun 2023 18:22:31 GMT
server: AmazonS3
x-timer: S1688676370.517380,VS0,VE2
etag: "9f044321dd2ea9a1dde82fece5b7dece"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 91ms
91ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=d06c523e-6e9c-473f-9df7-bad4db86eee7&tv=%7Bc:hCDuc0,pingTime:-10,time:1511,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688676369079%7C%7C60a6fea43c5b9e482e0aaaed2e833da3%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7Cd4dd232a23d8ddb06f7d214beddc0e35%7C%7Cf0a1f1be7553b2ada204411e5e00c1e5%7C%7C5c921bd05cc53ec37505dc36c3d8a2d3%7C%7Ce30a4c3ad17d07823ee347abfec8413c%7C%7Cd63fde87625c18a36b37147143a3669e%7C%7C1663701684,sca:%7Bspg:8f1af7cb-3e9d-ea75-1e56-575d18925b59%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:09 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 action_links.json Show response
fr-actions.trackonomics.net/prod/www.theonion.com/ 4 B
442 B 749ms
672ms Fetch
application/json 13.249.9.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fr-actions.trackonomics.net/prod/www.theonion.com/action_links.json
Requested by: Host: cdn-magiclinks.trackonomics.net
URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.9.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-9-70.cdg53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5c24f7ca1c946fa4dfd44407409c8e11ec6e41f0e1c7c45bf8381b42afb31f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:11 GMT
via: 1.1 d3c8e64039dcd16cd7cc4074aaecf75c.cloudfront.net (CloudFront)
last-modified: Sun, 19 Dec 2021 11:43:11 GMT
server: AmazonS3
x-amz-cf-pop: CDG53-C1
etag: "5ad5cc4d26869082efd29c436b57384a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Error from cloudfront
accept-ranges: bytes
content-length: 4
x-amz-cf-id: TWSbRXzNslXr8u3fAiYLeLT2ACeaC5MbqwkpG5Jb-XGZaS6oAfOvrg==

GET
H2 200 i.png
trx-hub.com/i/m/ 128 B
447 B 71ms
8ms Image
image/png 18.66.147.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0iiLS3A48kAV2gA2AZ2Y9IMWGAAOU6jgyiKUsHmqwYYAMbUiAbVBDE-bURAALKFKGEA9DZQOAdBDPVEOLO8ebElGyApoanhqaCDoUwDwKDgkVHRsfFESAF0KTV4hCF9YGjpFEE0BLDkIdXYdQhAAJgAGaoBmAFpagHYWgDYAFTrCABYOwgBGWschgE5WgC0o5VVyiAFKkC7XAAIAeQ93NYAfNYBBGmgsTTAAciE1gDFcaiy1gDlqFCuAZSNobUcorCwFKp-DBDDoADlBHVaHQarVqE1aGDwTAo1AAbqV1ABPWSmdhSIJCISeHBRDJZXyhWD-Ux4CnYMCwOEAVjATPUrlg7mJpP+UiGNLpWAZzNZ7J06V51VMXPcIBIQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-6.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 05:42:51 GMT
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 04:40:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 54199
etag: "90eb1bf3b49429bde87a3b5f0b53e6a5"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 128
x-amz-cf-id: R_7k_fQo38rldPeJU49vkf0di3wTUwH0IC2TiSXQtnxhMDqLO9XMCw==

GET
H2 200 sync
eb2.3lift.com/ 37 B
140 B 47ms
10ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=161204
https://image8.pubmatic.com/AdServer/ImgSync?p=161204&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDk0Nzc3NjYtMTgyQy00NTc0LUFENkUtNTA0N0FFQTFBQTZC&gdpr=-1&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
216 B

19ms
18ms

Image
text/plain

185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:46:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Thu, 06 Jul 2023 20:46:10 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 usersync
match.adsrvr.org/track/ 70 B
260 B 35ms
34ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 06 Jul 2023 20:46:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6852412375541553958&gdpr=0

43 B
632 B

26ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6852412375541553958&gdpr=0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Jul 2023 20:46:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:10 GMT
an-x-request-uuid: 919cfaf6-b93c-4acf-8437-d5871dd204dc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6852412375541553958&gdpr=0
x-proxy-origin: 80.255.10.200; 80.255.10.200; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 93ms
93ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1503538&asId=4d567336-1465-aab9-227c-38f7ca61253b&tv=%7Bc:hCDuox,pingTime:-10,time:1776,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688676369079%7C%7C60a6fea43c5b9e482e0aaaed2e833da3%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7Cd4dd232a23d8ddb06f7d214beddc0e35%7C%7Cf0a1f1be7553b2ada204411e5e00c1e5%7C%7C5c921bd05cc53ec37505dc36c3d8a2d3%7C%7Ce30a4c3ad17d07823ee347abfec8413c%7C%7Cd63fde87625c18a36b37147143a3669e%7C%7C1663701684,sca:%7Bspg:8f1af7cb-3e9d-ea75-1e56-575d18925b59%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:10 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 206 video.mp4
qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/ Frame 4BDD 2 MB
0 10ms
9ms Media
video/mp4 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://qzc-assets.qz.com/clients/intel/q3-2023-video-display/assets/video.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.theonion.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=688128-

Response headers

date: Thu, 06 Jul 2023 20:46:10 GMT
via: 1.1 varnish
x-amz-request-id: 0QJ807K8WRT9DC23
age: 3
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 688128-2370371/2370372
Content-Length: 1682244
x-amz-id-2: S2Wdf5tTmq8odDWm/XYs5SPDVY2jR/pFAVTqj1wFSAwZ6zyY2mh0uKj9pALMHoNkAyrC1M0r3gA=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Tue, 20 Jun 2023 18:22:31 GMT
server: AmazonS3
x-timer: S1688676371.932899,VS0,VE2
etag: "9f044321dd2ea9a1dde82fece5b7dece"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 93ms
92ms Image
image/gif 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=cf44e06c-d076-1528-ee44-0687d55d4ea9&tv=%7Bc:hCDuwS,pingTime:-10,time:2043,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688676369079%7C%7C60a6fea43c5b9e482e0aaaed2e833da3%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7Cd4dd232a23d8ddb06f7d214beddc0e35%7C%7Cf0a1f1be7553b2ada204411e5e00c1e5%7C%7C5c921bd05cc53ec37505dc36c3d8a2d3%7C%7Ce30a4c3ad17d07823ee347abfec8413c%7C%7Cd63fde87625c18a36b37147143a3669e%7C%7C1663701684,sca:%7Bspg:8f1af7cb-3e9d-ea75-1e56-575d18925b59%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:11 GMT
server: nginx
x-server-name: dt27.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H/1.1 204
No Content event.png
tpsc-ew1.doubleverify.com/ Frame E075 0
234 B 34ms
16ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ew1.doubleverify.com/event.png?impid=43875a4a567e40839261bbdc3751766e&flavor=0&gdpr=&gdpr_consent=&ee_dp_lngtks=1&ee_dp_lngtka=1&ee_dp_lngtkd=59&vdur=109&eoid=15&ee_dp_teex=0&msrjs=4122&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=51&tetms=8&msltms=31&vltms=109&sei=289&vetms=194&tuviims=227&tuviems=530&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=8520&msrcannum=3&ee_dp_tmads=3156&ismms=46&isumms=46&nvr=2&isgmmims=47&isgmv4mims=46&elmtp=2&isbxdms=3147&b0=3295&adhgt=520&adwdth=1600&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1.0&lftb=3295&sftb=3295&msrdp=0&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=520&cwdth=1600&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isgmpims=46&engalms=44&dvp_hdnAd=0&dvp_dpr=1&vstsz=911&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3335&cbust=1688676371595399
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4122.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 06 Jul 2023 20:46:11 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 07/05/2023 20:46:11

POST
H/1.1 204
No Content event.png
tpsc-ew1.doubleverify.com/ Frame 0111 0
234 B 16ms
16ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ew1.doubleverify.com/event.png?impid=f147424231734cfc87cbf66bccea7763&flavor=0&gdpr=&gdpr_consent=&ee_dp_lngtks=1&ee_dp_seltagmals=1&vdur=25&eoid=16&ee_dp_teex=0&msrjs=4122&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=11&tetms=8&msltms=22&vltms=25&sei=289&vetms=278&tuviims=177&tuviems=480&engms=1&engisel=1&ee_dp_noalsu=1&dvp_dtcov=2&msrcanlm=8512&msrcannum=2&ee_dp_tmads=3115&ismms=14&isumms=14&nvr=2&isgmmims=15&isgmv4mims=14&elmtp=2&isbxdms=3115&b0=3275&adhgt=520&adwdth=1600&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1.0&lftb=3275&sftb=3275&msrdp=0&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=520&cwdth=1600&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isgmpims=14&engalms=14&dvp_hdnAd=0&dvp_dpr=1&vstsz=907&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3309&cbust=1688676371926789
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4122.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 06 Jul 2023 20:46:11 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 07/05/2023 20:46:11

POST
H/1.1 204
No Content event.png
tpsc-ew1.doubleverify.com/ Frame 86FD 0
234 B 16ms
16ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ew1.doubleverify.com/event.png?impid=f39153af595945aca789ae1b4a1cdd8e&flavor=0&gdpr=&gdpr_consent=&ee_dp_lngtks=1&vdur=25&eoid=15&ee_dp_teex=0&msrjs=4122&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=10&tetms=9&msltms=15&vltms=25&sei=289&vetms=98&tuviims=236&tuviems=359&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=8520&msrcannum=3&ee_dp_tmads=3126&ismms=18&isumms=18&nvr=2&isgmmims=19&isgmv4mims=18&elmtp=2&isbxdms=3119&b0=3239&adhgt=520&adwdth=1600&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1.0&lftb=3239&sftb=3239&msrdp=0&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=520&cwdth=1600&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isgmpims=18&engalms=17&dvp_hdnAd=0&dvp_dpr=1&vstsz=908&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3131&cbust=1688676372156741
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4122.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 06 Jul 2023 20:46:12 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 07/05/2023 20:46:12

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FBJXBGD4M8&gtm=45je36s0&_p=1026140388&cid=1861076189.1688676367&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1688676367&sct=1&seg=0&dl=https%3A%2F%2Fwww.theonion.com%2F&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&en=page_load_time&epn.loading_time_sec=0.25&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 20:46:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 video.mp4
qzc-assets.qz.com/clients/intel/q2-2023-video-display/assets/ Frame D3CB 1 MB
0 9ms
9ms Media
video/mp4 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://qzc-assets.qz.com/clients/intel/q2-2023-video-display/assets/video.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.theonion.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=1048576-

Response headers

date: Thu, 06 Jul 2023 20:46:12 GMT
via: 1.1 varnish
x-amz-request-id: Y050YJ8G9K49MFSM
age: 14
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 1048576-2163331/2163332
Content-Length: 1114756
x-amz-id-2: qdKFp+rGLuGNWNegM3gSZeCVkoCd5ki75Q5wxIhKtbJXb6XuCbUxYFBl8wMfaENGxgHvAomUCfM=
x-served-by: cache-fra-etou8220020-FRA
last-modified: Fri, 09 Jun 2023 18:40:19 GMT
server: AmazonS3
x-timer: S1688676373.922211,VS0,VE1
etag: "2f29eb7562cedfb24c96a5f6ee4ff958"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 collect
www.google-analytics.com/ Frame D3CB 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Jul 2023 00:28:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73055
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: no.kinja-img.com
URL: https://no.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_542,pg_1,q_60,w_965/197xrjaz7466rpng.png

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.theonion.com/	1969-12-31 23:59:59	Name: geocc Value: DE
.theonion.com/	1970-01-20 21:50:12	Name: KinjaBucket Value: 2
www.theonion.com/	1970-01-20 13:04:36	Name: KinjaSetBucket Value: 2\|1688676300\|SBhjkHQn9Xy28SMvhzyaoRlDIAJSZvfTih1BBO0XL0U=
www.theonion.com/	1970-01-20 13:04:38	Name: lux_uid Value: 168867636614553462
kinja.com/	1970-01-20 13:14:41	Name: KinjaSession Value: 741b5912-a2c6-40f6-bb67-64e82927b67f
.kinja.com/	1970-01-20 21:50:12	Name: KinjaBucket Value: 2
kinja.com/	1970-01-20 13:04:36	Name: KinjaSetBucket Value: 2\|1688676300\|SBhjkHQn9Xy28SMvhzyaoRlDIAJSZvfTih1BBO0XL0U=
www.theonion.com/	1970-01-20 13:47:48	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.theonion.com/	1970-01-20 13:06:02	Name: pageDepth Value: 1
.theonion.com/	1970-01-20 13:04:39	Name: AMP_TOKEN Value: %24NOT_FOUND
.theonion.com/	1970-01-20 13:06:02	Name: _gid Value: GA1.2.568724064.1688676367
.liadm.com/	1970-01-20 22:40:36	Name: lidid Value: c636f377-8441-47c3-8e96-1a6744fc79f4
.theonion.com/	1970-01-20 13:04:36	Name: _gat_unique Value: 1
.theonion.com/	1970-01-20 13:04:36	Name: _gat Value: 1
.theonion.com/	1970-01-20 22:33:24	Name: _cb Value: C2vEUqCbjnhsBh0bv
.theonion.com/	1970-01-20 22:33:24	Name: _chartbeat2 Value: .1688676366793.1688676366793.1.CI8mdjDpSm_eCPNlQBnAtz_Df1fIZ.1
.theonion.com/	1970-01-20 13:04:38	Name: _cb_svref Value: null
.kargo.com/	1970-01-20 21:50:12	Name: ktcid Value: b6b4c1e9-dd25-053b-1a64-296d30f67311
.theonion.com/	1970-01-20 22:40:36	Name: _ga_FBJXBGD4M8 Value: GS1.1.1688676367.1.0.1688676367.0.0.0
.theonion.com/	1970-01-20 22:26:12	Name: __gads Value: ID=ff134c99f95a02e4:T=1688676367:RT=1688676367:S=ALNI_MYTpbx9n_Xzv7RVje68MKBzj-SYaw
.theonion.com/	1970-01-20 22:26:12	Name: __gpi Value: UID=00000c63adf95d49:T=1688676367:RT=1688676367:S=ALNI_MYrXe28hn_uCkxufPg_g83ybw31pA
.criteo.com/	1970-01-20 22:26:12	Name: uid Value: 64773ce7-8504-4668-a935-5ab27fd2c550
.rubiconproject.com/	1970-01-20 21:50:12	Name: khaos Value: LJRMB41W-Z-17NR
.rubiconproject.com/	1970-01-20 21:50:12	Name: audit Value: 1\|naVuGyos1qrJnfDDEUO0FOQFbWGgM44fR/rFJVNr6iL9XLxB7G63vesJeI6o6CLe7rZKjN0Z2OPk0mG4eFehuuBxGCOXoSK1FOEX4J5Aa3W+xUA9sgf/4b7FQD2yB//h
www.theonion.com/	1970-01-20 13:06:02	Name: _lr_geo_location Value: DE
.adnxs.com/	1970-01-20 15:14:12	Name: icu Value: ChgI64dgEAoYASABKAEwj9CcpQY4AUABSAEQj9CcpQYYAA..
www.theonion.com/	1970-01-20 13:47:48	Name: vtas_f Value: 29a59fac7a1474db343f29561756f76dc3685aa2
www.theonion.com/	1970-01-20 13:47:48	Name: vtas_version Value: 1.1.2
www.theonion.com/	1970-01-20 13:47:48	Name: vtas_kv Value: {"veritas-segments":"12, 14, 2, 7, 6, 1","veritas-iab":"12, 19, 15, 9-30, 1-4, 1-6, 1-7, 1-5, 11-4"}
.adnxs.com/	1970-01-20 15:14:12	Name: uuid2 Value: 6852412375541553958
.doubleclick.net/	1970-01-20 22:26:12	Name: IDE Value: AHWqTUn450Ao9Q4hgcDP3lOATxa7janbt43Z5fQox2GEar2dEx3BtZErnSeO1bqTUus
.theonion.com/	1970-01-20 22:40:36	Name: _ga Value: GA1.2.1861076189.1688676367
.theonion.com/	1970-01-20 13:04:36	Name: _gat_UA-20189-48 Value: 1
.theonion.com/	1970-01-20 22:26:12	Name: cto_bundle Value: skFdxF9HMEhqVDVKTTJKem8lMkJ4b3VRZWlyQ1hWJTJCUEhqaFFEME1US0xycFgxSjZ4bERaWDU5NGlwZ1JGSnFIV2RYd1RQVUE0TGtTV1VWMmRsOFFqdyUyQlNyU2Y1WXJFM1hMUzY4U1ZrQk8yMEdsejFFcDVyZ0lFU3A0RiUyRlgwSzYxZlBwNlFYbXlyb2ZXS0IxcEhZSUxHRUgweG80ZyUzRCUzRA
.pubmatic.com/	1970-01-20 13:06:02	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 15:14:12	Name: SyncRTB3 Value: 1689811200%3A220
.pubmatic.com/	1970-01-20 21:50:12	Name: KADUSERCOOKIE Value: 09477766-182C-4574-AD6E-5047AEA1AA6B
.casalemedia.com/	1970-01-20 21:50:12	Name: CMID Value: ZKcoEp2.ikUPYxBSVzPBPQAA
.casalemedia.com/	1970-01-20 15:14:12	Name: CMPS Value: 5225
.casalemedia.com/	1970-01-20 15:14:12	Name: CMPRO Value: 5225
.pubmatic.com/	1970-01-20 13:06:02	Name: pi Value: 161204:3
.pubmatic.com/	1970-01-20 15:14:12	Name: chkChromeAb67Sec Value: 2

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
security	warning	URL: https://tagan.adlightning.com/gomedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/gomedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/gomedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/gomedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

56f3afd73e0a2f73f7d1fdf206b8f59d.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
adservice.google.com
ampcid.google.com
ampcid.google.de
api.btloader.com
api.rlcdn.com
as-sec.casalemedia.com
ats.rlcdn.com
bidder.criteo.com
btloader.com
c.amazon-adsystem.com
c.qz.com
cdn-magiclinks.trackonomics.net
cdn.doubleverify.com
cdn.plyr.io
cdn.speedcurve.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
direct.adsrvr.org
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
f.kinja-static.com
fastlane.rubiconproject.com
fr-actions.trackonomics.net
geo.privacymanager.io
grid.bidswitch.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.kinja-img.com
ib.adnxs.com
id.sv.rkdms.com
idx.liadm.com
image2.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
insight.adsrvr.org
js-sec.indexww.com
kinja-com.videoplayerhub.com
kinja.com
krk.kargo.com
match.adsrvr.org
ml314.com
mug.criteo.com
no.kinja-img.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
qzc-assets.qz.com
region1.google-analytics.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
tagan.adlightning.com
tlx.3lift.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
trx-hub.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.theonion.com
x.kinja-static.com
no.kinja-img.com
104.18.10.47
104.18.25.185
13.224.192.181
13.248.245.213
13.249.9.70
13.32.121.21
130.211.23.194
130.211.44.5
142.250.186.162
142.250.186.166
15.197.193.217
151.101.2.114
151.101.2.166
151.101.66.166
151.101.66.217
178.250.7.13
18.155.122.7
18.66.147.6
185.64.189.112
185.64.190.79
185.64.190.80
185.80.39.216
2001:4860:4802:34::36
2600:1f18:1aca:4282:7bf7:7d8d:4bbf:c529
2600:9000:2057:c00:18:1fcd:353:c61
2600:9000:223f:1e00:8:48e:53c0:93a1
2600:9000:2240:5000:1d:8c8c:47c0:93a1
2602:803:c003:200::51
2606:4700:20::681a:346
2606:4700:20::681a:68b
2606:4700:20::681a:932
2606:4700:21::681b:c258
2606:4700::6811:180e
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::200e
2a00:1450:400c:c07::9c
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::a
2a02:26f0:480:9::210:ee0e
3.33.220.150
3.75.37.27
34.111.234.236
34.120.133.55
34.202.96.43
35.153.244.124
35.71.161.21
37.252.171.21
52.213.55.169
52.222.139.109
52.57.42.51
52.59.41.160
52.84.174.45
54.237.67.213
54.246.204.72
99.86.91.43
007a8bb9a74d663de7e5e1aa6528ee396b8a7ebd4f774f4868ed9cc9a0998fd7
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02e7535563110e913669c43b9233db020deb9a4b0eaff84ab9de1b55b8ad21c4
04f603e628e68c7e1f4abf5d0f448614c3217e87052372b6cab58422eb68f798
04f7fc334ffcac91f5dd2acbb1a6b73bbf059d98f34ed048c81e645a6f064083
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05f099e06f27c794191092c46d51fc6452210bb7207dc7f86d94b58b9173c9cc
06a4f350efd2f7070d82b804276d816dee436bc13c2d5cdd33960892090dbd17
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0843b297cca33177426f54e971999aa8a607e40d80a625831eda4b72aae9aab8
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b6702af1b9a51b3cea18c0224eb1368acd3fc1d54cd4f0b8a59455fc8ea6f15
0ca578004c17a038ab0b78306e6bf07a05fd2f4617cd4d2c9b774ef09b796a1e
115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388
13b7b03fcc0adfe09c66efb7b34a00d17280c1feaf09d482dfb130e1f24fd230
14255747a68e1c07d017bde2cb3bcc8203d35353c980f99e13bdf61a8ca5dafe
15eb1d1a29b666daa6f19ee44a5e49cdf8a9cd48b57ddbe9ef76c6a02f572d76
19e037946f24c1a75cf4dd5ce89242a943a9e199c97998512aa059fe2b591406
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f297ca895bee5b30265c620eaada3bdd3834bd59c2c4300c952106f09784b8c
1f2db95e84c8d236a15663beeb17fd4d6366b57861ad84e83aceca122e614fda
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
207e27a470eb1b6b1055a1397b6d01fdf7d8420d1de9bc78259401dfb4f1b159
20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
27c34838fc15b0dc50afa567fa40141800169900bfaa90ecdb048c9dc5e40456
2b60df7f81a6d23eb48cb6085f8229dfaf06c32058b51bc4455686b6c1fe2692
2bf958c032ce083c26ae980ed92d0360c971e87c183d6bd988e770fc172786c7
2e31be4a80b256fd94789e75c0d4a51737c03190e8d9967246d81429bcd6da6d
2f87a67144f45a9ed3f19f2d86d6eb202eac85e7334c1c96bb23912d8368d096
301be8128b5a0ecfb0b6eef6f5b9b4c67d5395c1b7f24927612f58d4cc465501
323c876527719654731597972ddbef7186f072ad4aa829e27328035b6c17ac6e
3377e1a113eeca45f93cc42019d38537b17ef0ff6355580ba5d0e1c5e771eec5
3606128e5a967d8c1a65a3fb8c7ccd31c4e33e7202785b6fb08bc40d0d58a333
37d5c170f17dac2a503164b457766e1cfdc3bae3c93fb1a06f1f8e685d67632a
39399d443a3ab24886d829aae4ac8b33492ab78b193aeadda64586f0467b5ef5
396bb5b08998bd1f8b02e6ecc8d08984599e1299eee87b21ae11066a4f91d30d
3982f6173b3f8bfe9a4d10f956fe9d207e073db035d1d7b2e6b97362d78c9ca0
3a01c26208e2c52b9e6ed8133826b5a81d490e8a79ca6210e4e149115b9f9041
3aa1129389e7bca9cfb0a6cda8a806c0436ef5f06fcaf31d973838afe7c90763
3ab6d5bddb52a980ebe7658cca937e1ce087c1478cbeb13715876e463b2dd7f3
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3c51c24a744e28eab7c48cd87b24b87b7b1ca0a479506c82015770235eb7fdb8
3e5d568437ccffc1e23e2d8bfeb887e81645592dffd60654a06263c432d92048
415870ff94373ce302fb6650ffeb1d77ca7e6264ef62c98dc538451f80b417f5
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
430d9074fa4a328f00f43623c2afee8e770814e942ba51ede5ad58455daa0572
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47412d8e5b2bb7d136c31809842e2da35f32f1df7cf3696bc4afcdf46fae90c0
4846018760f6e11a8a1dea7639a5c75c712f198d978eccf117840820bb8c37d7
4a8b2beb9a7ae30ed389c8722be48aae6a527358a2825a48230695e6929449b5
4d24a3646c524336d1a00d5102a4fab0629caced791ff7f05a89d12253e147d3
4e1ea7b184565df380886da792bf63c83aec7d55ebd6ba92b591d564e682caa4
50319d3b8aac5aa721caa9ad3c010ff7de9e62ce05716cfca3e829e70639fadc
51fd57f16dcbb74d648abf3fa96359945de8788de0d48c9dc6cba76ec8897c4c
521a7883f6c46dc19216c050c9bebf2f289fb643266acb03c33af3e3eab0f969
528a5bcdfe99d459ca9724e827f3ac036b5ef16ed581942fa62f947676c37af0
53911f0c933d90a5b8eb2b12cf93c60b1b1f23ac7e95c0a653b0de77be82b737
5514cf4529d67dc343c9eae581094d7047abb3a41511cf3132a379a4d54c8620
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d
574891491dd40cc9638a5ddce867c0174c82a444964a89959d5416d75188147b
585d23402652cfcdc7be363aef1ad5da2198dbe35abf449f4ae259903fc87aa2
5941060954d00bf976579a0e809b4ba9d6f294705c0989fc29ea736fc214592b
59e7af66755d7261ec32618b4bae8b13e7fe8ac97df668baf7c8894e3c0f3c5a
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a4e74ea8fca68be38b5b68d516bb18f8a80b5c37017274c60623c03e6004e58
5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc
5d50385df4d0eeacaa1052680bb97319104fd337934465e133a569999134ebe3
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e1fc7f0dc2753b94100eb0102879325412ba3f4b999b85656de2495c3403437
5e7e337e9b90ce3eae8fb267bbc624428a3d3e24b01f093176ad8790727e9e7a
5f5fae80f0c98899eeabe0f618454ca066c741eba7ed03141bb60fd47fe27fdc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622fb51880ca649d2bec903515a6ce45ceb17a8b146b38f1909f08cc96874c8f
671a212da87aaa3b5c770543f7bbe4a1499e1fb64ee38ba879b7705681d056d0
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0a263cc7f40c33f21c21323b8b0cdef80fa00a1467d58e87f6cf3de6e0e11a
6d95a4a0e34ef500228195f037935247d0264982293d1c7f36319bf9be0314fb
6f4513c897a61a5d4e316c184eb02ba011b9c7aaf1edc54d9ef4ae000787c298
71f8801d321baffde05447678811d9120a708671ce1cfc7ceab578c6908b63fd
73e0b4849267d52ad5b7ec2770d92fb24b85b127aa7ae835700f6d5d0e755c0f
7458a1054d9692f6d1b87c92271d057d6d27029b729e89420905f169365325c0
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76a9eb24800c88f860a57dca4cc55199fc51d2a8d1a023515d24c8bfbb63d007
784fef805a86ae93619c99a80a9c103a142918b35c4b4cbca279c5c84f63f780
7a894390f79df7eb2ec9080d6a2888ffb1e2e98095532620064a1e42de4085be
7d49432da6db0077a316a917633888d844897b8505660cdc0ced8a9655abc292
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
7fadb9061e6106ec5e33035504d63ab7881b5e0ca37187b061e5e69c2f99249f
816df1ff3024147ced326fe20bc870f19e5612f20426e966ba94b61299e543b6
81b45447d601b50f3396af441782bec982e4fb240f06ca30f4f421d2357de7ac
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84034df87021978ab426a7e00326c33836809681a86e6b63eebbd01040f27a63
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88e57ebd103d16c6826e928ba79e601b22b3d8be24ac95414a7b7ed08bcd5ffb
895fe95f9252951d1b3acfba50546376d3224bb5a19fa40df3be17e6571e844b
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154
8d664e89bc3f26188c99d977345b10afeb1ac0a01bdbeb12fea7bb2602481b46
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e46c8804e916fb578206e939418a12b067ce4d8bc425b56fbf127f8a81a92b7
8f3784c5bde9f3d473b778228104573143532fbf25ae50caaf5aad3d4d5c057c
90d4b39a601ca0b67746e7a60473cc89d5b3d633e9bc94bba157568ee54962ce
913163f65c591e2c68d2bd5dda179acde2bec3af172bc60dd837f80119b7897d
921d6a08298f520a4f4c7444ba3cf32d128706ad4018c6a576f915d79122a8dc
94e99199dff89e774809eaa578147853c4bb31d61beb5f0f399f1f90b8ee3afb
9525e0d948aad570c20fc40dd92c7be637d7bc196d207bb894e814b9a4f398ec
9708fbfcf504ef77c5c4170d1e9db38c159049f8ab47d04f6a452e689cf696aa
97bc3d3b96d2655ce7fe030b0e276a2b8b4b75ccf2b07e9f926c8d4fe5e44476
98555f82ad12532d426de758a88dbfe0d27a0d57f42a62cce2c700a6891ae6c0
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99b3945ee463c44d7623809fd1e888d0eaa1d8810e526ef517a114ea61c33e82
9a35d743eaa74a2f3695de99372b81b9bcdc6212dd365d91ebf65cb2d569dfa8
9b13954de4843a833408e2cf285f2bbaca8645e605bfb528572837b00a31cff7
9b9e9eb11b2a9c7a1bd75bdd3891207ad9687857729d7f5c1870fb9c6556e432
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a082679e7d0c16d2e5b89a28a7829e3d273543f7abde16df8eb00cd7a88e23da
a1bcc37432884a16b8c3a3d39f32ea9ef7d6f4330dd92571b760343e89556a42
a22a8340577296b30df7331d2357f1efa9fe97862e2fa74559fc744a01302245
a2788994c4e6f378aea4af43a4d7049786731125ac414ed69a0cf7ce3d23704a
a4383e2dc65cc69ca4372919380797d485250f350ce7a5f6972c8cd20ffcff82
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a7ebec103c04aedd9c1b8e8136c0afc3d979b46c8d1cc92f8a4a9ea62dc6f3aa
ada00969c963d3c65e6a66c9f1d212a00edfbf207003cf518d4a36d3a827d720
ae478d0aa1d5dd397784708b171065a69cb63c1e6f265a013b41ee9c3c032ef2
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa83745c17478762a0c53160daad92b8fce71e4e8f0ee8974297ab55968ce8c
b14250a35ef7d8c65b7338c1fe48333f3bbfa18fd27d5b7e2fddc3356b341be7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b262554ba29db61e894400053304c2c9f895195448dd0e4febd43eed8597c244
b2d12302eee2d4e702a095497dd20133916901be34e4f4f7748f5e87385fef5e
b580f69aa776389231af9b0c82e844cc91aee0b8d5890ff37701b33f12e49549
b7d606c62808f1b092bdc63c998820d65178bff515beda58f42328c37ce94c93
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc31b38b2e713b0af2fd35c362bda221f0691fd4627b1a99c67ff3eb713adf60
bd92594712c334e6e6a5a93562f0bcea353c61519de68582617557030606d8df
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
befa3f2d4613803528d855539bfdab8f660991240781aae6c9d077f1847485ba
bf5c64e397eda78cd4427f9d3fedc832b4d77181bc0cabbab04dc8ff1b0f004b
c24222a45fdf105c6b86f4f4d09bd8a243fb4ec2f2d8b7b5630ee0b22481ba39
c244e9ba6f97f476b3ae3f409cad884c5d845c3837bc2a4c811e7b37469800b5
c2f7899c0a8e661d6c5d3cf69a5d881a96ab41b1ca55c0345cefa2eb6c201b7a
c4e84e2c6f72182b7f9922bc1ed2ea80ea89545de51a0d61309260991296f7fb
c5c24f7ca1c946fa4dfd44407409c8e11ec6e41f0e1c7c45bf8381b42afb31f1
c637fabda58ca7067854d523264eb30cfdfc9404d1f51cce07acaa9e059bc884
c743a8b3e6450b986097e7e46a370bdbaca5666d6bc30a90995be0330787d67d
c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948
c8390e6bb8a660485b4118b65d90f73b14128a881c918335d06b35f48e0e7ba2
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caf269b73ea27d7d8f774f763d163546148f491cd96e97aeb485f4183c5206bd
cb222c75b3ffd8bcfb83f847b4e7b25fe498e45bb6a830d15f70628f93a68018
cba9b19f80c9b23b8867f1f6f2d0e8a36ba04b31fc3330d97e664e6807a34904
cd95a07d39534016d11b1c3f747b3d2a84198354c6c6eb1af5e6dbc582b01357
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3a73c7af4cd3eb08ae2f614c902a732c4ffef061b53de6059cc2382af740783
d3e6ff2649ac9a0611e35d957b3a5b693d0efb3a53c2ebe79e990f178a7e5768
d617fb46ef25d32cdfc6459393c2d7933339093ee270b951e1fdb50ab5662140
d7d8eda923854d45e87c11183868b806aff279a82906f1226d8752793a17ab67
d7fa261298e7430c764efe74a192a4bb2b3c975032be043c0402d23d800ca438
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d984bb09f5f1e47bd4fb0201a5bb60122badd75f2ecd1addfeb9fa68c92aa398
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db01aa7c558509282ea40e9bdd0e9dfb5ccf4ee861bebba3ffcbbe53ac694fb5
dbb17a36a5ad2233362cd6c777e9d2844b6a95fdc78b49311dd40a39a4e99fe5
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc
dbca21de82ba69b1bc23cd1c49721d7b763db98007a74397ad196d494e552f19
dbf8c2121d7cb6926dc9ab44ffcdd41b9a491cb85e5c34f1d6149d177193e103
dd9ca94f65a85750445212041e046457b86609a21e96ea3c8a58c70e91793a2b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deacbb4086c70eb33c713e2b9d96f71d11a043d6478fb9bd2aeb410ca3249992
e0bfcf56f669a44a6ae33bf13de405eb4ef6c457a3dbd95766646c61b8e9e4d1
e0db4555f7d3b48a9b05e3dc7cd80b28a427748df5c1dc9283a3f7f392096b53
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b4fc51822b44a84e339edd6f93a671770075c6fe52f2f47c5b32f415c24f5c
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874
e88592f5884c6cd540589a786003a9db7c8b507cb070704dc24ac56bca7f3e47
e8dd162665b0172c5538f697e6126a73826b8ab7fcdcbefcb95d41015923d399
e93597ebb047036156921ebffbea565fe5129f4bd821696e0985a3bb9abfc89e
eb26135cb44e7336f3080f3302d3f2c9a7aae5b2d9c32e145371b8674af9b09a
eb3e17c0f1b1c67c004211e61c5b1a416d53b308b9ac69b87a59c6ccbc751950
ec9d6adb252d2a480b995f335beef2161b88b504951a514518cff8b3187f71c8
ee5ad8d0cb9457a5eb1a90dc1cdadd6de8ad54025f9974de7bf0d5e0835a2636
eef1c87eeba9a64c4eedf7558c83b1e0b9604836184433cfef174f1234480670
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2b19a73e5069a088c200039373a36809766d7218500637eadbf2b5e9ef82a5
f05e86e26132efc711e22cb1e368e3b715ed62f426ad5cc7cfdc8c9018d3920c
f99e5595a10069d77e724d624731811712b1a813f8a2e11959a6fd5e84f39ef3
f9ac17e5056ae8a4164d00e94dfd41ec6ce77007750307aeac7027b5e3c1cd88
faf7b11d2e97e87484a2a2af9df8f5f9dcf59a2f7b0aa2b5c21f01c06eeb9123
fbba3e5286391b858a98b4aec88f83f571ae14571dc522bfb9e60a86365fba00
ffdae19c25b4f39b38f71be6c3806f06ae8b5083777526c1e0197ce035d9ecc1

www.theonion.com Open in urlscan Pro 151.101.66.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

333 Requests

96 %HTTPS

44 %IPv6

46 Domains

77 Subdomains

66 IPs

9 Countries

7132 kBTransfer

19450 kBSize

42 Cookies

15 Outgoing links

Page URL History

Redirected requests

333 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theonion.com Open in urlscan Pro
151.101.66.166 Public Scan

Screenshot
Live screenshot

Full Image

333
Requests

96 %
HTTPS

44 %
IPv6

46
Domains

77
Subdomains

66
IPs

9
Countries

7132 kB
Transfer

19450 kB
Size

42
Cookies

333 HTTP transactions
4 data transactions