www.theonion.com Open in urlscan Pro
151.101.194.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://theonion.com/
Effective URL:
https://www.theonion.com/
Submission: On May 25 via manual (May 25th 2023, 1:54:16 pm UTC) from US — Scanned from DE

Summary HTTP 240 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 73 IPs in 9 countries across 50 domains to perform 240 HTTP transactions. The main IP is 151.101.194.166, located in United States and belongs to FASTLY, US. The main domain is www.theonion.com. The Cisco Umbrella rank of the primary domain is 92927.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q3 on July 25th 2022. Valid for: a year.

This is the only time www.theonion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 72	151.101.194.166 151.101.194.166	54113 (FASTLY) (FASTLY)
13	151.101.66.166 151.101.66.166	54113 (FASTLY) (FASTLY)
2	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
3	13.224.192.181 13.224.192.181	16509 (AMAZON-02) (AMAZON-02)
13	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:236... 2600:9000:236e:b400:1d:8c8c:47c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 6	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	143.204.98.71 143.204.98.71	16509 (AMAZON-02) (AMAZON-02)
2	54.159.254.249 54.159.254.249	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.99.89 13.32.99.89	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	18.66.147.69 18.66.147.69	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
4	54.229.39.212 54.229.39.212	16509 (AMAZON-02) (AMAZON-02)
3	52.222.209.4 52.222.209.4	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	3.64.171.66 3.64.171.66	16509 (AMAZON-02) (AMAZON-02)
3	3.124.127.106 3.124.127.106	16509 (AMAZON-02) (AMAZON-02)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	138.197.55.50 138.197.55.50	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	34.252.134.81 34.252.134.81	16509 (AMAZON-02) (AMAZON-02)
3	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
3	18.195.189.38 18.195.189.38	16509 (AMAZON-02) (AMAZON-02)
3	52.57.115.121 52.57.115.121	16509 (AMAZON-02) (AMAZON-02)
1	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.223.4.62 52.223.4.62	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	104.18.11.47 104.18.11.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.208.211.92 3.208.211.92	14618 (AMAZON-AES) (AMAZON-AES)
1	34.192.8.210 34.192.8.210	14618 (AMAZON-AES) (AMAZON-AES)
4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::681a:932	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:205... 2600:9000:2057:8000:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.229.72.78 3.229.72.78	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
2	2a05:d018:d29... 2a05:d018:d29:3602:d19f:1de7:e73f:73f7	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	3.72.30.19 3.72.30.19	16509 (AMAZON-02) (AMAZON-02)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.122.86 18.66.122.86	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.6 18.66.147.6	16509 (AMAZON-02) (AMAZON-02)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
240	73

72 151.101.194.166 (United States) 2 redirects

ASN54113 (FASTLY, US)

theonion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.theonion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.kinja-img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kinja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.66.166 (United States)

ASN54113 (FASTLY, US)

f.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
no.kinja-img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.theonion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:b400:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-magiclinks.trackonomics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:d::d (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-71.fra50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.159.254.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-254-249.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-89.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-69.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.229.39.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-39-212.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.209.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-4.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b6f7b9554bcec69ba68993f256e2026a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.64.171.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-171-66.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.124.127.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-127-106.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.197.55.50 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

ads.resetsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

fusion-media-group-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.252.134.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-134-81.eu-west-1.compute.amazonaws.com

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.132 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.189.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-189-38.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.115.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-115-121.eu-central-1.compute.amazonaws.com

krk.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.4.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac9557e2e67bd8033.awsglobalaccelerator.com

direct.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.211.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-211-92.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.8.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-8-210.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:932 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kinja-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:8000:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.72.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-72-78.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:d19f:1de7:e73f:73f7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.72.30.19 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-30-19.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-86.fra60.r.cloudfront.net

fr-actions.trackonomics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-6.fra60.r.cloudfront.net

trx-hub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	theonion.com 2 redirects theonion.com — Cisco Umbrella Rank: 89273 www.theonion.com — Cisco Umbrella Rank: 92927	556 KB
26	kinja-static.com f.kinja-static.com — Cisco Umbrella Rank: 29247 x.kinja-static.com — Cisco Umbrella Rank: 27782	337 KB
25	kinja-img.com i.kinja-img.com — Cisco Umbrella Rank: 22805 no.kinja-img.com — Cisco Umbrella Rank: 62502	197 KB
18	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 899 trc.taboola.com — Cisco Umbrella Rank: 635 vidstat.taboola.com — Cisco Umbrella Rank: 2666 am-trc-events.taboola.com — Cisco Umbrella Rank: 14016 imprammp.taboola.com — Cisco Umbrella Rank: 14039 am-match.taboola.com — Cisco Umbrella Rank: 14084 am-vid-events.taboola.com — Cisco Umbrella Rank: 13207	268 KB
11	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 ad.doubleclick.net — Cisco Umbrella Rank: 165 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	152 KB
11	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 413 bidder.criteo.com — Cisco Umbrella Rank: 723 mug.criteo.com — Cisco Umbrella Rank: 2837	17 KB
8	adsrvr.org direct.adsrvr.org — Cisco Umbrella Rank: 3243 match.adsrvr.org — Cisco Umbrella Rank: 306 insight.adsrvr.org — Cisco Umbrella Rank: 522	3 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 b6f7b9554bcec69ba68993f256e2026a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 132	41 KB
7	pubmatic.com 3 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 477 image8.pubmatic.com — Cisco Umbrella Rank: 641 image2.pubmatic.com — Cisco Umbrella Rank: 820	1 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2 ampcid.google.com — Cisco Umbrella Rank: 2221	3 KB
6	google.de adservice.google.de — Cisco Umbrella Rank: 9037 ampcid.google.de — Cisco Umbrella Rank: 61764 www.google.de — Cisco Umbrella Rank: 6080	2 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 286 aax.amazon-adsystem.com — Cisco Umbrella Rank: 387	62 KB
5	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 500 as-sec.casalemedia.com — Cisco Umbrella Rank: 1710 dsum.casalemedia.com — Cisco Umbrella Rank: 1199 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	3 KB
4	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 834 x.bidswitch.net — Cisco Umbrella Rank: 290	867 B
4	openx.net fusion-media-group-d.openx.net — Cisco Umbrella Rank: 39516 u.openx.net — Cisco Umbrella Rank: 619	757 B
4	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 508 eb2.3lift.com — Cisco Umbrella Rank: 358	2 KB
4	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 685	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2230	21 KB
3	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423 ups.analytics.yahoo.com — Cisco Umbrella Rank: 272	976 B
3	btloader.com btloader.com — Cisco Umbrella Rank: 814 api.btloader.com — Cisco Umbrella Rank: 906	7 KB
3	media.net prebid.media.net — Cisco Umbrella Rank: 1346 cs.media.net — Cisco Umbrella Rank: 1383	1 KB
3	kargo.com krk.kargo.com — Cisco Umbrella Rank: 2222	2 KB
3	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 214	3 KB
3	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 3182	1 KB
3	resetsrv.com ads.resetsrv.com — Cisco Umbrella Rank: 14826	1 KB
3	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 928	475 B
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 639	73 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 1826	72 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	189 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 886	1 KB
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 437	347 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 677	452 B
2	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 1777 api.rlcdn.com — Cisco Umbrella Rank: 922	36 KB
2	trackonomics.net cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 5628 fr-actions.trackonomics.net — Cisco Umbrella Rank: 10357	28 KB
2	ml314.com ml314.com — Cisco Umbrella Rank: 1672	11 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 155	3 KB
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 728	759 B
1	trx-hub.com trx-hub.com — Cisco Umbrella Rank: 6279	463 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1280	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1564	15 KB
1	videoplayerhub.com 1 redirects kinja-com.videoplayerhub.com — Cisco Umbrella Rank: 33585	453 B
1	liadm.com idx.liadm.com — Cisco Umbrella Rank: 3930	475 B
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 5187	168 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 620	16 KB
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 469	940 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	17 KB
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1698	610 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 885	46 KB
1	kinja.com kinja.com — Cisco Umbrella Rank: 27689	1 KB
1	speedcurve.com cdn.speedcurve.com — Cisco Umbrella Rank: 5518	8 KB
240	50

	Domain	Requested by
32	www.theonion.com	1 redirects www.theonion.com tagan.adlightning.com
24	i.kinja-img.com	www.theonion.com
18	x.kinja-static.com	www.theonion.com tagan.adlightning.com
9	cdn.taboola.com	www.theonion.com cdn.taboola.com
8	f.kinja-static.com	www.theonion.com
7	securepubads.g.doubleclick.net	www.theonion.com tagan.adlightning.com securepubads.g.doubleclick.net
6	gum.criteo.com	2 redirects cdn.taboola.com tagan.adlightning.com
4	match.adsrvr.org	js-sec.indexww.com imprammp.taboola.com am-match.taboola.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	adservice.google.com	tagan.adlightning.com
4	adservice.google.de	tagan.adlightning.com
4	pixel.adsafeprotected.com	x.kinja-static.com
3	image8.pubmatic.com	2 redirects
3	am-trc-events.taboola.com	cdn.taboola.com
3	tpc.googlesyndication.com	tagan.adlightning.com
3	direct.adsrvr.org	x.kinja-static.com
3	krk.kargo.com	x.kinja-static.com
3	grid.bidswitch.net	x.kinja-static.com
3	ib.adnxs.com	x.kinja-static.com
3	hb.yellowblue.io	x.kinja-static.com
3	fusion-media-group-d.openx.net	x.kinja-static.com
3	bidder.criteo.com	x.kinja-static.com
3	ads.resetsrv.com	x.kinja-static.com
3	hbopenbid.pubmatic.com	x.kinja-static.com
3	btlr.sharethrough.com	x.kinja-static.com
3	tlx.3lift.com	x.kinja-static.com
3	static.criteo.net	tagan.adlightning.com x.kinja-static.com static.criteo.net
3	aax.amazon-adsystem.com	c.amazon-adsystem.com
3	tagan.adlightning.com	www.theonion.com tagan.adlightning.com
3	c.amazon-adsystem.com	www.theonion.com c.amazon-adsystem.com
3	www.googletagmanager.com	www.theonion.com www.googletagmanager.com
3	www.google-analytics.com	www.theonion.com www.google-analytics.com
2	dsum.casalemedia.com	2 redirects
2	api.btloader.com	kinja-com.videoplayerhub.com
2	pr-bh.ybp.yahoo.com	imprammp.taboola.com am-match.taboola.com
2	ad-delivery.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.google.com	tagan.adlightning.com
2	mug.criteo.com
2	prebid.media.net	x.kinja-static.com
2	trc.taboola.com	cdn.taboola.com
2	imasdk.googleapis.com	www.theonion.com tagan.adlightning.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	ml314.com	www.theonion.com ml314.com
2	sb.scorecardresearch.com	www.theonion.com
1	image2.pubmatic.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	eb2.3lift.com
1	u.openx.net
1	dsum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	cs.media.net
1	trx-hub.com
1	fr-actions.trackonomics.net	cdn-magiclinks.trackonomics.net
1	www.google.de
1	x.bidswitch.net	am-match.taboola.com
1	ups.analytics.yahoo.com	imprammp.taboola.com
1	am-vid-events.taboola.com
1	am-match.taboola.com	tagan.adlightning.com
1	imprammp.taboola.com	tagan.adlightning.com
1	ad.doubleclick.net
1	ping.chartbeat.net
1	as-sec.casalemedia.com	js-sec.indexww.com
1	ampcid.google.de	www.google-analytics.com
1	insight.adsrvr.org
1	static.chartbeat.com	tagan.adlightning.com
1	btloader.com
1	kinja-com.videoplayerhub.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	ampcid.google.com	www.google-analytics.com
1	idx.liadm.com	js-sec.indexww.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	vidstat.taboola.com	tagan.adlightning.com
1	js-sec.indexww.com	tagan.adlightning.com
1	htlb.casalemedia.com	x.kinja-static.com
1	fastlane.rubiconproject.com	x.kinja-static.com
1	b6f7b9554bcec69ba68993f256e2026a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	s0.2mdn.net	imasdk.googleapis.com
1	geo.privacymanager.io	ats.rlcdn.com
1	ats.rlcdn.com	www.theonion.com
1	cdn-magiclinks.trackonomics.net	www.theonion.com
1	www.googleoptimize.com	www.googletagmanager.com
1	kinja.com	www.theonion.com
1	no.kinja-img.com	www.theonion.com
1	cdn.speedcurve.com	www.theonion.com
1	theonion.com	1 redirects
240	87

This site contains links to these domains. Also see Links.

Domain
theonion.com
avclub.com
deadspin.com
gizmodo.com
jalopnik.com
jezebel.com
kotaku.com
qz.com
theroot.com
thetakeout.com
theinventory.com
store.theonion.com
facebook.com
twitter.com
www.reddit.com
fragebogen.geers.de
popup.taboola.com
das-immo-portal.de
trc.taboola.com
www.aroundhome.de
info.geers.de
www.hausfrage.de

Subject Issuer	Validity	Valid
*.avclub.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-07-25` - `2023-08-26`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-19` - `2024-05-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
ml314.com GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.trackonomics.net Sectigo RSA Domain Validation Secure Server CA	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M02	`2023-02-22` - `2023-09-24`	7 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-07`	4 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
resetsrv.com E1	`2023-05-16` - `2023-08-14`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-19` - `2024-05-17`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.dev.kargo.com Amazon RSA 2048 M01	`2023-02-13` - `2024-03-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-22` - `2024-05-21`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
prebid.media.net GTS CA 1D4	`2023-05-09` - `2023-08-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
securedvisit.com Amazon RSA 2048 M01	`2023-03-01` - `2023-11-26`	9 months	crt.sh
*.liadm.com Amazon RSA 2048 M01	`2023-02-21` - `2023-10-29`	8 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-04-14` - `2023-07-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.trx-hub.com Amazon RSA 2048 M02	`2023-01-21` - `2024-02-19`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.theonion.com/
Frame ID: 5BF1F51E21358E6B1EC4E0941D403471
Requests: 221 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Frame ID: 8A4E03CBB30F70B330970DAAD91A88BE
Requests: 1 HTTP requests in this frame

Frame: https://b6f7b9554bcec69ba68993f256e2026a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BC1F7FA9D1AA7529AB2D85CB162E8F8B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.theonion.com
Frame ID: 332A00D2D2DF620A4836AEC6BB1353D8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 909EE2725DD95A544BF3E988DCA64DE7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2632108F37F0B80CE152C4CB27407BD4
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Oh0CLAYAu0NBPJhBuBAAdoeCeDCDcCkAAABgYID-AMnNjMvZYmJxSywzz1q0cMzcwplltBYtFibnxOLxOBeTISC5mXE5W0wsboll5lmLFo6ZWzizjNaixcLknFg8HudiMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQwH6j3eUPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzhfSFNjxHnTSZSMFmEEQAAAABJo7qjI5N0gopFlf___34rAFcAAAIQp2B8CLPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QlPBjmiAGFHs1v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLTgCsTkDMDgAAAMCd____fzx4GfJVStSGqXpAymOzDQcrj8O3G85MnoVvYlzYhrvlzDGb2UwW4_bYc7LyJT6Wz_UREZbZ7zsI-W6X4eFzGURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsdgM0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoHVYLkYLhZrxcg2WouWs91audjN3CrXxmEzLAYTh823Fr0-pottuHIZJlskGGCyF8nTIp0oN6ORc7CZuTYr42Li8U0sI9NyNxpMFhPDaLkaTMQSzckincgu-5bHZhsOVh6HbzecmTwL38S4sA13y5ljNrOZLMZ9YTVYLoaLxVoxso3WouVst1YudjO3yrVx2AyLwcRh861Fr4_pYhuuXIbJvjEbrgaTyXA12Ddmw9VgMhmuBvsOk-mZ-pyN1pj48tEpv92VbWNzGhQug8X7k5gW0-7sYDr5jk6XV5gs6ox-v9_v9_v9fr_fb9B6DmaDwre6Lnvem_JxTXmdB7HBoIglgot0ovO7XSanw7EWHV1-u9Nvt4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jhhjN5rrBXLHYzXWLVQIAAAAAAAAAsATTTDcBAAAAcDKo4XKxmK3TwUyGs8VotlwAF55kun54D0z7jMozd8k0JpBdCMkYF2vssYjzu10mp8OxFh1dfrvTb7cygAtPK2abfUYQa7Va1gAAAASwAQAACHDTjTcB51Xc_____zgAAAAycugBAADQ7wOisjMzMzMz40eQw9lo_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1685022851614&uv=3284&tms=1685022851614&abt=dfrc_vB!nonrv_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=7f8961bb-b2f3-4a1f-8f24-41ad9bbcc912&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: D204049094FA4E3F2CF29F49B406CF1D
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8Oh0CLAYAu0NBPJhBuBAAdoeCeDCDcCkAAABgYID-AMnNjMvZYmJxSywzz1q0cMzcwplltBYtFibnxOLxOBeTISC5mXE5W0wsboll5lmLFo6ZWzizjNaixcLknFg8HudiMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQwH6j3eUPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzhfSFNjxHnTSZSMFmEEQAAAABJo7qjI5N0gopFlf___34rAFcAAAIQp2B8CLPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QlPBjmiAGFHs1v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLTgCsTkDMDgAAAMCd____fzx4GfJVStSGqXpAymOzDQcrj8O3G85MnoVvYlzYhrvlzDGb2UwW4_bYc7LyJT6Wz_UREZbZ7zsI-W6X4eFzGURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsdgM0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoHVYLkYLhZrxcg2WouWs91audjN3CrXxmEzLAYTh823Fr0-pottuHIZJlskGGCyF8nTIp0oN6ORc7CZuTYr42Li8U0sI9NyNxpMFhPDaLkaTMQSzckincgu-5bHZhsOVh6HbzecmTwL38S4sA13y5ljNrOZLMZ9YTVYLoaLxVoxso3WouVst1YudjO3yrVx2AyLwcRh861Fr4_pYhuuXIbJvjEbrgaTyXA12Ddmw9VgMhmuBvsOk-mZ-pyN1pj48tEpv92VbWNzGhQug8X7k5gW0-7sYDr5jk6XV5gs6ox-v9_v9_v9fr_fb9B6DmaDwre6Lnvem_JxTXmdB7HBoIglgot0ovO7XSanw7EWHV1-u9Nvt4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jhhjN5rrBXLHYzXWLVQIAAAAAAAAAsATTTDcBAAAAcDKo4XKxmK3TwUyGs8VotlwAF55kun54D0z7jMozd8k0JpBdCMkYF2vssYjzu10mp8OxFh1dfrvTb7cygAtPK2abfUYQa7Va1gAAAASwAQAACHDTjTcB51Xc_____zgAAAAycugBAADQ7wOisjMzMzMz40eQw9lo_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 3E88C3A3A920B05447152E2DADD3D648
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com
Frame ID: DCB3E02D07F063C370B041EF85C18C25
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Onion | America's Finest News Source.

Page URL History Show full URLs

http://theonion.com/ HTTP 307
https://theonion.com/ HTTP 301
https://www.theonion.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

240
Requests

98 %
HTTPS

37 %
IPv6

50
Domains

87
Subdomains

73
IPs

9
Countries

2544 kB
Transfer

7109 kB
Size

47
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://theonion.com/
Title: The Onion

Search URL Search Domain Scan URL

URL: https://avclub.com/
Title: The A.V. Club

Search URL Search Domain Scan URL

URL: https://deadspin.com/
Title: Deadspin

Search URL Search Domain Scan URL

URL: https://gizmodo.com/
Title: Gizmodo

Search URL Search Domain Scan URL

URL: https://jalopnik.com/
Title: Jalopnik

Search URL Search Domain Scan URL

URL: https://jezebel.com/
Title: Jezebel

Search URL Search Domain Scan URL

URL: https://kotaku.com/
Title: Kotaku

Search URL Search Domain Scan URL

URL: https://qz.com/
Title: Quartz

Search URL Search Domain Scan URL

URL: https://theroot.com/
Title: The Root

Search URL Search Domain Scan URL

URL: https://thetakeout.com/
Title: The Takeout

Search URL Search Domain Scan URL

URL: https://theinventory.com/
Title: The Inventory

Search URL Search Domain Scan URL

URL: https://store.theonion.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer.php?u=https%3A%2F%2Fwww.theonion.com%2Fquiz-could-you-pass-a-police-officer-entrance-exam-1850469722%3Futm_medium%3Dsharefromsite%26utm_source%3Dfacebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.theonion.com%2Fquiz-could-you-pass-a-police-officer-entrance-exam-1850469722%3Futm_medium%3Dsharefromsite%26utm_source%3Dtwitter&text=Quiz%3A%20Could%20You%20Pass%20A%20Police%20Officer%20Entrance%20Exam%3F
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fwww.theonion.com%2Fquiz-could-you-pass-a-police-officer-entrance-exam-1850469722%3Futm_medium%3Dsharefromsite%26utm_source%3Dreddit&title=Quiz%3A%20Could%20You%20Pass%20A%20Police%20Officer%20Entrance%20Exam%3F
Title: Reddit

Search URL Search Domain Scan URL

URL: https://fragebogen.geers.de/hoergeraete-testen-sta
Title: GEERS

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=gomedia1-theonion&utm_medium=referral&utm_content=thumbs-feed-01-b-delta:Below%20Homepage%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://das-immo-portal.de/rente-plus-immobilien-teilverkauf/
Title: Immo-Portal

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/gomedia1-theonion/log/3/click?pi=%2F&ri=934d903f53e81bc7b2d4974021b04950&sd=v2_ecf680eca778fd3a7b8a6879f16ffdb8_05091811-1d64-4967-917f-e5caf010baf7-tuctb68ee02_1685022850_1685022850_CIi3jgYQ5LxeGNr7wJmFMSABKAEwODib4wlAiIoQSKW02QNQ____________AVgAYABoju2OwMrc5JWsAXAA&ui=05091811-1d64-4967-917f-e5caf010baf7-tuctb68ee02&it=text&ii=~~V1~~-4256372460804588163~~1GfZQ89YJ-KSnKGZsUZ6zXAAKsd2UCWYL2ro85HhzTT6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2l6ruDtQ3ELzqUr8Btjr3nV90ficnW-ayzJ_RXAcTJl5qIO9m7cAlFIy3SpeCztU81_fEXVLS-SaaSEJRKV4fWcCWrmcdwkZyWIISdiXNNCINqoZs8Cv6Vas6SBD3xNXUCjE-P8W5zZBRe-zPGNe88Q&pt=home&li=rbox-h2v&sig=d7aae302af11e88af4deca989a969e9732ce997368c7&redir=https%3A%2F%2Fdas-immo-portal.de%2Frente-plus-immobilien-teilverkauf%2F%3Fs2%3DGiAmjmRmPHDXRDoJlK3FX3_l3RyVipwcNeMXE-aZGVLHtiDt7Foo4O3cvc3VsqdT%26tblci%3DGiAmjmRmPHDXRDoJlK3FX3_l3RyVipwcNeMXE-aZGVLHtiDt7Foo4O3cvc3VsqdT%23tblciGiAmjmRmPHDXRDoJlK3FX3_l3RyVipwcNeMXE-aZGVLHtiDt7Foo4O3cvc3VsqdT&vi=1685022850522&p=coopergrowthsweepstakes-teilverkauf1-sc&r=22&lti=deflated&ppb=CCU&cpb=EhIyMDIzMDUyNC00LVJFTEVBU0UYASAAKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE2ODiA6pmSCUCb4wlIiIoQUKW02QNY____________AWMI0DcQn08YMGRjCKo1EIhNGDJkYwjd__________8BEN3__________wEYI2RjCNwKEPsaGBZkYwjSAxDgBhgIZGMIlhQQmBwYGGRjCMf__________wEQx___________ARg5ZGMIgy8Qk0YYCWRjCOskEIQyGB1kYwiFQhCqVxgPZGMI9BQQnh0YH2RjCKQnEIo1GC9keAGAAf___________wGIAf___________wGYAZD8wJmFMQ&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://www.aroundhome.de/treppenlift/angebotsvergleich/
Title: Treppenlift-Vergleich

Search URL Search Domain Scan URL

URL: https://info.geers.de/besser-hoeren-zum-nulltarif/
Title: GEERS

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=gomedia1-theonion&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Homepage%20Thumbnails%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.hausfrage.de/artikel/maximalkosten-23
Title: Hausfrage.de

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://theonion.com/ HTTP 307
https://theonion.com/ HTTP 301
https://www.theonion.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://www.theonion.com/undefined HTTP 301
https://www.theonion.com/

Request Chain 134

https://gum.criteo.com/sid/json?origin=publishertagids&domain=theonion.com&sn=ChromeSyncframe&so=0&topUrl=www.theonion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=IgqTEnxqU3h1Z2tkcHJmZjRwR1hnOVdGYXpPcjJ5RHV6MkhsTXZ3dEN1T083Z2huc0ZuQUZ0V1ZBdm8wT3VPWGJ5bWtwL3Z1MEtHN1NxM2tERFZjOXZhcXdvM2J3TjBaNWJjbHNKcmFPRFNJZDh2a3Zta1FmQzJHd2hZdkdhdmpkbHVvREVtSDV3cDhLemdkRWtxbWk4U21qUnRaQjk2Y3JwMm9YNHdFcTJJbmxWUEZKdEN5VTNsY2l3Q1Z2YlM1V0hoU3o1ZDVMZ1h1RisycW1vVDdhT3pjOUZKYk4xaElnUEhwU0o4NmUzK0lvYzlsUHA4VWdJdWpFb1FoSXEyM2xjWnAwd1UvZXZGYmQrSUtwd2V1SFFuT2VYZz09fA&cppv=2

Request Chain 189

https://kinja-com.videoplayerhub.com/gallery.js HTTP 301
https://btloader.com/tag?h=kinja-com&upapi=true

Request Chain 229

https://gum.criteo.com/sid/json?origin=publishertag&domain=theonion.com&sn=ChromeSyncframe&so=3&topUrl=www.theonion.com&bundle=jj2rZV95T1FMa083UURBeUc2cyUyRmRBcldmejJGTllyWUduVmZUUGZreFd2UFQ3NVElMkJZJTJCR05BVGZTRUV6dnppdkhNMHNxWWxTdk9NU284RHhLaDhMU2tMNiUyRjYlMkIwNWVtdkd2TGRXVHJHQ3p1d1ZFSHVpQWdCcTdmejNSMTZQeTY2T3dzRWwlMkJ6WlZ0NnViMTNJNXdycHdzM3haWXclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Yvhxx3wvWDZUL3hsZHEvZjFQV2JaWkQ4Y3BTdDhhSSs3Vm81djFLdWtPNGs3MmtOOWpXOExKc3VqVkEzUkdYdTNHK2RnMlZhTmN6RlQyWVFzbWY3VkN0R2ZRVHJsUzJienE2czdlekhZWFpPL3g2ZXBoQUFUMWxjOXZQZWlLOGg4UTdhTDVsRXBCZ0RtUDVleHpaSVNJU25jV3YyOXdFVXZ6K0hBRGl6WmJqSGp5OW5ITWVSTi9NMDhNU3dlWlVhUDE1WjhvZ3cxNndDbHVqSEgwQmlldDBla1dZTE1ZR2FKdTdkNWt0ancvVWFvQUJTaWdHNGx6NllzaFNJT0RLZzhpaFhBNHVjUXpNUHEvRW9obzJocGFyNE9CMTFGRVRpK09LL2RMOENXb2xHbXdiYz18&cppv=2

Request Chain 236

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
https://p.rfihub.com/cm?in=1&pub=2079&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455419347951259

Request Chain 239

https://image8.pubmatic.com/AdServer/ImgSync?p=161204 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=161204&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REM3QUMyRDctMkUyRi00QUZGLTlGOTctRjBBRDY4QzA3QTA3&gdpr=-1&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

240 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.theonion.com/
Redirect Chain

http://theonion.com/
https://theonion.com/
https://www.theonion.com/

392 KB
62 KB

32ms
22ms

Document
text/html

151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

5039183655944787adb113695a648f2aaf397867a6072b2ce97c7b572fe3fc20

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4
cache-control: stale-if-error=86400, stale-while-revalidate=300
content-encoding: gzip
content-length: 63288
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Thu, 25 May 2023 13:54:09 GMT
etag: W/"621d4-2leFJnfkNJJiQnl9Rvz5vCklCVw"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Authorization
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 4, 1
x-cdn-fetch: mantle-default
x-content-type-options: nosniff
x-googlenews-bot: false
x-kinja: kinja-magma-kube01-745948d8d6-fgzgl #4131
x-kinja-build: 4131
x-kinja-gdpr: true
x-kinja-revision: b5aaaf53a1801213237c1e82ed4514407cedfce4
x-kinja-server: kinja-magma-kube01-745948d8d6-fgzgl
x-kinja-superheroloaded: true
x-powered-by: Express
x-served-by: cache-iad-kiad7000116-IAD, cache-iad-kiad7000116-IAD, cache-fra-eddf8230108-FRA
x-timer: S1685022849.218552,VS0,VE14
x-ua-device: desktop
x-xss-protection: 1; mode=block

Redirect headers

accept-ranges: bytes
age: 0
cache-control: stale-if-error=86400, stale-while-revalidate=300
content-length: 106
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Thu, 25 May 2023 13:54:09 GMT
location: https://www.theonion.com/
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Accept, Authorization
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT, MISS
x-cache-hits: 0, 1, 0
x-cdn-fetch: mantle-default
x-content-type-options: nosniff
x-googlenews-bot: false
x-kinja: kinja-magma-kube03-5558bfc4db-zs4rl #4131
x-kinja-build: 4131
x-kinja-gdpr: true
x-kinja-revision: b5aaaf53a1801213237c1e82ed4514407cedfce4
x-kinja-server: kinja-magma-kube03-5558bfc4db-zs4rl
x-kinja-superheroloaded: true
x-powered-by: Express
x-served-by: cache-iad-kcgs7200106-IAD, cache-iad-kiad7000083-IAD, cache-fra-eddf8230108-FRA
x-timer: S1685022849.104529,VS0,VE95
x-ua-device: desktop
x-xss-protection: 1; mode=block

GET
H2 200 roboto_condensed_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 15 KB
16 KB 72ms
15ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_reg-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 563YCJKW05V1F2RY
age: 80
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 15700
x-amz-id-2: AOKxzz7KSbFSOyL3zNGyVkWEUqPiBupH3OftBYWSJZHKHUSOjz1C4hDPF5kql0C5GChjPyVv8j21pmB3FP+uCktlL1r9aUcS
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Fri, 13 Jan 2023 15:40:59 GMT
server: AmazonS3
x-timer: S1685022849.316858,VS0,VE0
etag: "3d7f7413fca69bff4d231ebdc50aaab0"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 roboto_condensed_reg_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 17 KB
17 KB 66ms
10ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_reg_it-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ab6d5bddb52a980ebe7658cca937e1ce087c1478cbeb13715876e463b2dd7f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 8GHTYNXVE2RRBXQQ
age: 105
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17376
x-amz-id-2: SGztQ9AUQgEgIqBR2BPMuChKgxT0vVpXn9Gsu13lu0MsNUWrkCn9gzil+iUJaoAqlIx6Y2Zy5zw=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Fri, 13 Jan 2023 15:40:59 GMT
server: AmazonS3
x-timer: S1685022849.316525,VS0,VE0
etag: "8e134f1169d65556e833a4f33fd78242"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 roboto_condensed_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 15 KB
15 KB 66ms
11ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_bold-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: GCSMRVJXDDS48WB9
age: 16
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 15660
x-amz-id-2: MFymAouKCPN+z67dmwLx9HJmPb6P+cZz7LizC5BV5onV/uwT7hXQTqWDuwHNVnaxDUaQ46p4tZ8=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Fri, 13 Jan 2023 15:40:57 GMT
server: AmazonS3
x-timer: S1685022849.316488,VS0,VE0
etag: "d7b0b953a50fddaa88089b5b787cf719"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 roboto_condensed_bold_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 17 KB
17 KB 72ms
16ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_bold_it-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

921d6a08298f520a4f4c7444ba3cf32d128706ad4018c6a576f915d79122a8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: VDXDSTHSRT7P02PA
age: 116
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17080
x-amz-id-2: fuXpV/ZN1oa9xO2+Bx8DBOcTLwXPABK8PlJWBmycpaxyuFQxMttlyu5fj/CtdKONeNjCvaUU3OQ=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Fri, 13 Jan 2023 15:40:56 GMT
server: AmazonS3
x-timer: S1685022849.316799,VS0,VE0
etag: "e43aefe2f0b22276ca8ade3f8040749b"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/ 18 KB
18 KB 82ms
26ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: RH7Z9QBPZWY74SJ8
age: 70
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17984
x-amz-id-2: eAmZTngXZqKd7eCKSQLSNd4IPWfqZcPz7aUqtmmS1NSy6XX6aMfMfC0toSsVdi6PPyWM38Aiq7M=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Tue, 16 May 2023 21:52:45 GMT
server: AmazonS3
x-timer: S1685022849.316479,VS0,VE16
etag: "0518781cd45a71291d17ea1febfcc5fe"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 70ms
12ms Script
application/javascript 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 04:25:45 GMT
content-encoding: gzip
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 34105
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: NamwLWvnYNW7OXR8wpBiXVox4Tbzsl2ADEsk_-npodrjZHEjVSftkw==

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 21 KB
8 KB 43ms
8ms Script
application/javascript 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=527761496
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: f373d92a45770f2bb384d7804bd74839c9c9895a9223fabe02fbcbedafcb6382

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 25 May 2023 13:54:09 GMT
via: 1.1 vegur, 1.1 varnish
content-encoding: gzip
age: 197
x-cache: HIT
content-length: 8008
x-served-by: cache-fra-eddf8230133-FRA
last-modified: Thu, 25 May 2023 13:50:52 GMT
server: Apache
x-timer: S1685022849.312993,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 13:50:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 39ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 25 May 2023 13:04:54 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2955
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 25 May 2023 15:04:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 105 KB
41 KB 41ms
15ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a3e870a66fa16194df4cbf1052e81e983338cca245f4a72e152121b48ca2e2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41853
x-xss-protection: 0
last-modified: Thu, 25 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 May 2023 13:54:09 GMT

GET
H2 200 f0df23858d67c7756b40486e516e2aa4.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,q_60,w_645/ 17 KB
18 KB 40ms
13ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,q_60,w_645/f0df23858d67c7756b40486e516e2aa4.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2e4cbf774066dd66eee9b3d9a38f1062f7f3686ae0001228540691c92671c95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: AqSdeR_090iS1UGEudyWK8sFZBmDQm.6
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: NN0AK802S9PRJDCP
age: 61682
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=1357228 idim=2000x1125 ifmt=jpeg ofsz=17546 odim=645x362 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 17546
x-amz-id-2: SDfaSBrel8P1dpqua0j2neIS0inDYanBxzDf3e+lcM5YZbdBHSgud0ivZoluIon1QQoaMLuQC54=
x-served-by: cache-iad-kiad7000146-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.314192,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=362&quality=60&width=645
etag: "u+7KmIiSlPuQ56VMlsh+y0MFmwaGV0Ead0ggRh+qZRE"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 31, 1

GET
H2 200 60227de3b0878ada874dffb6ca469aca.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 10 KB
10 KB 37ms
11ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/60227de3b0878ada874dffb6ca469aca.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32879eba9b2433c53f34f9e1e3ed09e6fa564fca84252541b75526a2148ddcd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: Ijy2C8d1xS1zU55fczZbyjYpXTxq7CEa
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: 2VQPZ3KESHTEC645
age: 99507
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=3239790 idim=2000x1125 ifmt=png ofsz=10014 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 10014
x-amz-id-2: RFqQ9bBe/dCjCEafc5yGZ4O8daIrq2oAqoRlXSeQs39Gai3eZx+yrL/FWF0+J5oseiaUaEmRm/c=
x-served-by: cache-iad-kcgs7200148-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.314109,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "MNRnLg8THId6sbUV9zXU1IBaTk+dOSjvCYoukAwvur4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 2, 1

GET
H2 200 19bee41963d84deea18ba7943e386c6b.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 6 KB
6 KB 38ms
11ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/19bee41963d84deea18ba7943e386c6b.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10c43c456f1a248aca9249779b5e61f1b0bf9431d38b59f552c34e0c14b0fd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: 1FeN.pukRWOJRGFvXxUPpxGTRQTnOdoC
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: M9EET4ET0Y8FSNGA
age: 61754
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=2784331 idim=2366x1331 ifmt=jpeg ofsz=5996 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 5996
x-amz-id-2: EE672Kj8YMjNqzIusvessoGLK06Bnibumi+rNXYsFmac3tFFo9O1Ps5QJ8GZCfJSK5XdYp54Fkk=
x-served-by: cache-iad-kjyo7100052-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.314068,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "0iTIsNRSY2Zd178bNcqXroW86as4gDemle0ELA7M8mA"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 57, 1

GET
H2 200 53ace7a4dba353dd2d5e0dbec34a5e22.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 7 KB
8 KB 44ms
18ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/53ace7a4dba353dd2d5e0dbec34a5e22.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e18a7608db1209ce0f30b908f72d64307bd9d6285c620b6350d4982c49d73322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: HAvfyEvTTsiZcfV_2wf2aneIM92aGtJy
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: W9KZK8TN1XZAJ3ZD
age: 80932
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=1175290 idim=2000x1125 ifmt=jpeg ofsz=7334 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 7334
x-amz-id-2: /TAUaU3qg/6jxNKSPHj1BZLEDQOHLkYbXwqjFK2x86jRovIsdyLFciS7THQMjHQ3UcgguFqxEi8=
x-served-by: cache-iad-kjyo7100173-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.313528,VS0,VE3
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "DkRv1Pswr5cW5EaNu/Q3p15eWcQnQ0C6Vwl9bzKUIXw"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 45, 1

GET
H2 200 78224b74fbca37a94a807f03a5a5d3be.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 7 KB
7 KB 40ms
14ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/78224b74fbca37a94a807f03a5a5d3be.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 817f08350b5707a1aa5d0593cfb7fa8c588e4393479db8c211252f42a01d36a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: QqBhVHg3itJ2PlW5.Yon65Gt16y52JRm
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: 78RN2KN12S1VKABS
age: 244011
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=562205 idim=2000x1125 ifmt=jpeg ofsz=6948 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 6948
x-amz-id-2: x7SOpqUUAhJOOdr036MdbqOytN12BrdYmUN67m5j+M61uDv09MFfNwHygk7vsTS+c1PuxRPYyOL0MUA4HvLgMyx6lDNQS2McAyDri9xe9wM=
x-served-by: cache-iad-kcgs7200054-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.314524,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "hlhzvg4+noWLKTRSCj7F2I8+0ptvIm1RNhf7KuwOeHg"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 34, 1

GET
H2 200 197xrjaz7466rpng.png
no.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,pg_1,q_60,w_645/ 54 B
688 B 64ms
16ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://no.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,pg_1,q_60,w_645/197xrjaz7466rpng.png
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ad61602e9db9558662d5280058aee442dbf0b3676a043158ea945439e4f6346

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: original
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: NA9M5P2FC4C10ESW
age: 2589692
x-amz-meta-cld-version: 1388776355
x-cache: HIT, HIT
fastly-io-info: ifsz=95 idim=1x1 ifmt=png ofsz=54 odim=645x362 ofmt=webp
fastly-stats: io=1
content-length: 54
x-amz-id-2: iIwSsUXVMMGb4jzPwd3F8JPi0aWeiQkuc2vx4NXxRuP2vvOEHrxaGbjzDrHMJBBJ/GilhKc8HeE=
x-served-by: cache-iad-kjyo7100146-IAD, cache-fra-eddf8230085-FRA
server: AmazonS3
x-timer: S1685022849.343755,VS0,VE0
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=362&quality=60&width=645
etag: "8BXYySxyyUaE383ZNc2VVYHztHXYmxrVLdcZf6slSps"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 231, 2

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 01d57a4de57ebf2266c5eae71ad4f485.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 9 KB
9 KB 12ms
12ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/01d57a4de57ebf2266c5eae71ad4f485.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d617fb46ef25d32cdfc6459393c2d7933339093ee270b951e1fdb50ab5662140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: NwZu3wWEv9m8p0lAy6OfzRs5.isDdDsp
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: B21HZ85WBZZJY5NM
age: 150007
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=3275455 idim=2000x1125 ifmt=png ofsz=8888 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 8888
x-amz-id-2: VhYV49GIGxp7AJA7MzebF9OxAHF8FuYXHBj2sgoPQBUflozvFrEdfRBRRV7sT+t9LZbRidZ2w2Y=
x-served-by: cache-iad-kiad7000162-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.321186,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "iJWLJZZChrOfWUTPoJVowbWY5BuAfpp3e2GaHCRELic"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 40, 1

GET
H2 200 2d62c4cfdff08efd5206bb9b5cb7e637.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 3 KB
3 KB 17ms
12ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/2d62c4cfdff08efd5206bb9b5cb7e637.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0ea7b348b212b71ea78f15f8785a15cc2357f499b63bd51d63c15d126ca59a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: vY.QY0Gl9i7YCjuUY9TB1IecTFn13vHx
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: 79FP0N2820XPG1K4
age: 156852
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=279181 idim=2000x1125 ifmt=jpeg ofsz=3036 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 3036
x-amz-id-2: C7b9S1t0Sc6SFVuXOuBEhS8rXiHfBLa0F9eFkW2I9/8szuNX286vWW6fkpkTk0TFsybmBRtPCfJCnWTsabyQ6nXznCocg2ym
x-served-by: cache-iad-kcgs7200105-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.337232,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "ZjoTb4cpMuMj0JYqGRGqWunDsvdvD9XyVk+x7hFrglE"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 779, 1

GET
H2 200 1c17b3c554fbd8e1e14f82b4230da700.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 7 KB
7 KB 17ms
12ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/1c17b3c554fbd8e1e14f82b4230da700.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a323d4626bd1d87ea98075d2d577463700bfd82f733fede6c174ace4c1a62e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: SUl7i5ybo0Dv1VB9A.tb_uqd7DiPMRpm
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: AQ81H9KZ2TN6GDQN
age: 156710
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=442918 idim=2000x1125 ifmt=jpeg ofsz=7046 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 7046
x-amz-id-2: LJYhUR2JxUzLGznE6Fx50fDNce2zg9dXSK6TCrbjxX/O3BT87AIqtcjuqGuvblT9XnMXdCZof2Y=
x-served-by: cache-iad-kjyo7100159-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.337615,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "t9mDhmhBLZcWXgKOdMo/IkoKCVEf5LCioTnyV5dLXJE"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 31, 1

GET
H2 200 185866c5d73ab79cbe2e10965c50c11b.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 7 KB
8 KB 20ms
16ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/185866c5d73ab79cbe2e10965c50c11b.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8037d94c463c2b78f9206e8e46a541c97ae534397b764750f2e0eb3c3d9440b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: 8GRTdSBvm5NR6Ib7rlvpSMhH9cd1mY6_
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: 6FYQKEJAETHGWC8N
age: 159439
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=944234 idim=2000x1125 ifmt=jpeg ofsz=7468 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 7468
x-amz-id-2: A0nsvtfoJqTWZxw1G7DOIyXE45CNl7ZDBs+/BZT7BrGhLuGA5EZacnrZ4x76/uO1M+VSuwSqJaQ=
x-served-by: cache-iad-kjyo7100088-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.338261,VS0,VE7
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "zoJb8afBYsk+IJo+PJv4z6GraePHEkQtrRQH7o3lTSE"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 17, 1

GET
H2 200 9043c0f707b6ff2da4da05b705115035.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 7 KB
7 KB 17ms
15ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/9043c0f707b6ff2da4da05b705115035.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd43a8c80d6f726429cd331765faf88e44a8a2bbb1da20d33c5925c027d4cc6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: xfm9VkY6kLgElJE9YhNJRrNGqx90zdYw
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: J4E4K60Z524XRZK1
age: 1788029
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=391845 idim=2000x1125 ifmt=jpeg ofsz=6986 odim=340x191 ofmt=webp
x-amz-storage-class: STANDARD_IA
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 6986
x-amz-id-2: xCQZAuRn0SP62/ftweq9TOCy3q5iUAiVvPAB0UD55NP4xP8Y2XFDH643A6zeovLXx5Kmu7EBme/Cwwqo+lLHvuZ9QtJC6VYP
x-served-by: cache-iad-kcgs7200153-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.340694,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "RmmmQWYV9FrP8YMfesd/VAMVBjjGpgHdJjhVCjJcdaA"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 19, 1

GET
H2 200 ba9715c58847c8a56c7735bf86935082.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 6 KB
6 KB 18ms
15ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ba9715c58847c8a56c7735bf86935082.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d25d1da39b0a6736291fa1f130be3360c9e063a287c2ab92f13a665215cfd07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: f0Fong4uZXG1jvfh27lRrUo7_ajG.3ic
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: BCWNKT42D4WR5045
age: 857530
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=479960 idim=2000x1125 ifmt=jpeg ofsz=5782 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 5782
x-amz-id-2: obxnfwKS97/chx2JW2Ps+WR0mbrE95gbs1bVIFudZCqQ21tSTLdokl+n98Xlwo87JRHxDI1xvnI=
x-served-by: cache-iad-kiad7000151-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.339837,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "7wA0Y+ONrhmC2o0h/mLQOnDF1MEjYozv1eLs4MkvL8o"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 2382, 1

GET
H2 200 41d5e64e43557f105797d74f82375305.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 20 KB
20 KB 16ms
13ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/41d5e64e43557f105797d74f82375305.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 466ec679712d74fc59ddb8a10193696b87f17e2a2d0aae8fc14037e68669161f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: HDnhnygv75gZQpfi1wo2mW9l53xVy0ZM
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: V2N9MNK71A2MV60Z
age: 1288524
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=1102345 idim=2000x1125 ifmt=jpeg ofsz=20344 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 20344
x-amz-id-2: H7jamkd4QSbasqig0xAUcap8Ro5XjRVzpWv0JU3/2f/HxfrAf1ey89Fv3X23WPj+tIlCba6ErUg=
x-served-by: cache-iad-kcgs7200163-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.339349,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "0kr0u320MqpIIgX0d11MzBO/Q29sffkJLOR2xUBv2i8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 8, 1

GET
H2 200 b7a84773288e1c4b2ef90058367201c2.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 8 KB
8 KB 9ms
9ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/b7a84773288e1c4b2ef90058367201c2.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa2fd69109467c1dcbf65856c4e4fcafe0ea616b822f1a0a584c4bf17233711a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: AUKIcsU1_dsv1Oa3DfVhU6BQwT6di0yo
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: C8H7M80S2X78MG19
age: 1475801
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=653776 idim=2000x1125 ifmt=jpeg ofsz=8178 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 8178
x-amz-id-2: nDFLmv2Xw7faTAk2ABeiW/spTG+VE0PAbZ3WjqFFNUnIr8u/YKmi5vLF1tr8eCxmELyhiIrI2s4=
x-served-by: cache-iad-kjyo7100042-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.350509,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "2S7Ulf6K/yTIXWedNDPfIuj/sU65ceU/4+Hvq/lGLn8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 8505, 1

GET
H2 200 76e97d09a75e6e1b6d18631081731627.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 9 KB
9 KB 10ms
10ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/76e97d09a75e6e1b6d18631081731627.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db374d1d9520f48c692f6dacf6296b043839251ec1f08caa5507b10c2cc9f80e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: UG28puIqGPxfdkMO1uyK_44OTYtzFbml
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: TV48E6F83XPZ0SSW
age: 761716
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=570195 idim=2000x1125 ifmt=jpeg ofsz=8712 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 8712
x-amz-id-2: MM9oPOhYmz43AUdEpXVMvgYmCOQIAjEQlo1FifbSUTDiINOqe9QeC7c6Ixdd10lkSRuUAn4h/BQ=
x-served-by: cache-iad-kiad7000131-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.350616,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "gNEc8dnjkBDJ/n4C5sZP7SZjacaGjXdXcAkBQxrYVW4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 5828, 1

GET
H2 200 abwm6w3prjmdcyvoqfxn.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 9 KB
10 KB 10ms
10ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/abwm6w3prjmdcyvoqfxn.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b630399dc87169c912b553c7dc294e6a7af0ca96a3186f27086566d7dd87ca41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: AmericanVoice_OG_FINAL_2
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-meta-cld-interesting: {"eyedea":[[719,0,433,578],[440,57,358,477],[28,96,351,468]]}
x-amz-meta-cld-transformation-id: 10000011314925
x-amz-request-id: 7JN462E85K0P7P76
age: 1384968
x-amz-meta-cld-version: 1513026540
x-cache: HIT, HIT
fastly-io-info: ifsz=837776 idim=1200x627 ifmt=jpeg ofsz=9144 odim=340x191 ofmt=webp
x-amz-storage-class: STANDARD_IA
x-amz-meta-cld-surrogate-key: 388542581494185918882418185766411367189
fastly-stats: io=1
content-length: 9144
x-amz-id-2: 4JgX1JSERUGknDZi3C5jXNddr8gb/fa114d0sdVm4tV5vxzBDRuyEa7zqCThR1SzHYx5axQo9/YmW1TKGlMKzCKJyp2MQaMZ
x-served-by: cache-iad-kjyo7100157-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.350718,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "y7SPZ2SgZOpy1XS+3sgmR1gOf2pXElDkczkCG+3fIU0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-meta-cld-original-extension: jpg
x-cache-hits: 9234, 1

GET
H2 200 4ff920aa9e58754f91004c0b043e28a7.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 5 KB
5 KB 15ms
13ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/4ff920aa9e58754f91004c0b043e28a7.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f349f377771088db1f569fef15694e14010735cc5123eed49275d24278b3e1dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: l7ZdsEiYnbPKfDK1AnIizkNe.FJc__0P
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: TJTWT042H02P6XP6
age: 273210
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=2578410 idim=2000x1125 ifmt=png ofsz=4686 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 4686
x-amz-id-2: euXUJgCyV6+FveqYupIhOQC5ke30GdqWK42XiKVQz1Au+ky3+0wMtg6TyDq1l11+H72TshBnjaI=
x-served-by: cache-iad-kjyo7100149-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.353059,VS0,VE6
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "pS4wzkFSoVz71R6NeGBbV9GHe4VKV6i8g+JYeZO9OJ4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 18, 1

GET
H2 200 f4ade02f219b76fc138e09dfb64d4ee9.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 4 KB
5 KB 9ms
8ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/f4ade02f219b76fc138e09dfb64d4ee9.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb8cd9865e08dd1d2ac286d755bc886cdbfd0a1811ba364eafc33846d4fd4bd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: vvWfFxqnHNGkWS5ZiUdAS_oLwkleMdeS
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: CMZRNER8BYGSWYE9
age: 584116
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=1717098 idim=1500x1500 ifmt=jpeg ofsz=4504 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 4504
x-amz-id-2: IWwoGOAydp38auSI2Teq2H0rkPHKMzoZ8UGYoFgDs956fYy9k9DlVECjkn4d71dtzMbbxwQphVY=
x-served-by: cache-iad-kjyo7100101-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.353024,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "BnhAFXyumuwz+tzZEhWi6fdOfuFfnebYPrZxqw2pxIE"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 51, 1

GET
H2 200 ee0252a9095aaa99a30665a64a2802be.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 8 KB
8 KB 9ms
9ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ee0252a9095aaa99a30665a64a2802be.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63bf2e4b1ebce527755d68e4e86701006ce1d9d1c83fdaa29b4b3c36dacc2743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: hjyzZt5uSbyy6q1AmLG_pQpaX5vWfgSz
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: C1ZF1QAQ0PB4WVJW
age: 61495
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=2973524 idim=2000x2553 ifmt=jpeg ofsz=7824 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 7824
x-amz-id-2: 4DzrLEbjRCx0quNb36+KyQJ/oMlQEdHr8NHYSeARdPpVSKA/k2RPu+hLuFvfB3r6o9rnSjMHkBxBQujUB1jY4Bfj3f2TNlOV2nUKiHTAD1c=
x-served-by: cache-iad-kcgs7200083-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.353535,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "RGzw9L/kKYT8MNfiKCNsGmLjRFftsr8oD5MonP86FEQ"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 18, 1

GET
H2 200 8a7ca2acc616a9ec27e4a3df146f0656.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 5 KB
5 KB 15ms
14ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/8a7ca2acc616a9ec27e4a3df146f0656.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11bd6d902ca26d8866e22eb04feb7ea8c754ad25b40f37fc15d784857cc7d248

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: vrMiCWPjhiKSQRhKMyw6Sai99jPj15nx
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: DZTW3TFTM5F44029
age: 80738
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=169932 idim=1600x900 ifmt=jpeg ofsz=5156 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 5156
x-amz-id-2: qW6vYUd+zNW0g5ZKnY/OIZ+Ffg5Vt8T8oUeBrIw8S3c7C5ooqfLcwQ7ZRWs/GU+DA4s4xPmiZMP3tl/ObDbqAmXd7osv09/H0IQM7qv5xm0=
x-served-by: cache-iad-kjyo7100023-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.362731,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "OmRuVw/YM/wzmcnHLKN9h29XROh1bUrt02egVK/oK3I"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 16, 1

GET
H2 200 101a776e3883f85602095a1e010ba42b.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 5 KB
5 KB 12ms
12ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/101a776e3883f85602095a1e010ba42b.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36e179bd926d341411fc49f8aae4b1dfab44d919521add8bbd251a0c06f1c7da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: 2uWnPS5jjBd3k7dD7NZ3g20cULfdq72U
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: 391WMWVMFX59P1SR
age: 153716
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=902811 idim=2000x1125 ifmt=jpeg ofsz=4630 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 4630
x-amz-id-2: tIg5DiZTtIXoDwf+i6JLM6vpmsF1B8daYmjugnfQhedwG73wvUGBR1pfK7xH/uU3EGvWrkdwu/klP+9j8q2KfA==
x-served-by: cache-iad-kjyo7100127-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.362566,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "/mRH9De8j56jE07BENKcjcDhj4nkhVz3wXS8CXoktyU"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 28, 1

GET
H2 200 306410a4faaa91cd97d1213831d7517c.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 6 KB
7 KB 21ms
21ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/306410a4faaa91cd97d1213831d7517c.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 528a5bcdfe99d459ca9724e827f3ac036b5ef16ed581942fa62f947676c37af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: djMDEqN9CMUt.nCZqjVl2eGMsUCBjnr_
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: TPW1T003PM5Q6HXK
age: 524837
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=3283571 idim=2000x1125 ifmt=png ofsz=6244 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 6244
x-amz-id-2: VnoBZfYlL1R+U9miWVM23ijO/x2cvtL+2Li2CcaBGA1woD4JV6ErkPrX/jt17nS/aI4/HBCW6sg=
x-served-by: cache-iad-kiad7000153-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.362578,VS0,VE7
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "o9Torqo81fPuC6Hko5YgXTtYcJoCpr92eYJdrK4KLY0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 42, 1

GET
H2 200 5f3d655b41dff4a340ce7ce0b3ff2083.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 5 KB
5 KB 15ms
15ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/5f3d655b41dff4a340ce7ce0b3ff2083.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2d12302eee2d4e702a095497dd20133916901be34e4f4f7748f5e87385fef5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: fGyZ1SPl_kwUftco9cMVOeadw6GT_xlv
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: WDSZZKGQ31J42D21
age: 766740
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=347964 idim=2000x1125 ifmt=jpeg ofsz=4836 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 4836
x-amz-id-2: Ze4pn5uo1gXTgS3tkQ2FHIUOpfkg8PAT46o1exVN6C/G1G+8nQx2p3it4Z0G7GTA/zpU/II1ZI4=
x-served-by: cache-iad-kcgs7200158-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.362542,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "D/50CCA6OIhwOSD1LdxXcMNjXRTCdrWBqsoXmwo4DGc"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 3636, 1

GET
H2 200 24a2fb1ad1b2b58f9fc6dea435552c14.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 6 KB
7 KB 15ms
15ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/24a2fb1ad1b2b58f9fc6dea435552c14.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1bcc37432884a16b8c3a3d39f32ea9ef7d6f4330dd92571b760343e89556a42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: U5jObEI6FuavFiYGrYiJh33k2aPVYdLv
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: JD7PVWGZQW6E6GT6
age: 1396434
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=1562125 idim=2000x1125 ifmt=jpeg ofsz=6600 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 6600
x-amz-id-2: mJ51swWlFIJV6fXeyO9TQe5icpTfiY5H23HQumTIYwYTGDkkM6DnKx0F2CzzxmmVHnbDcSa+KKQ=
x-served-by: cache-iad-kiad7000020-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.362521,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "MRi68yjN38yvPckvCY39Z9SQtJ7XYB4rOHv0hn7wOek"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 48, 1

GET
H2 200 d666e25419ce54b6222dd32681dcb1c3.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 13 KB
13 KB 18ms
18ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/d666e25419ce54b6222dd32681dcb1c3.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09c15760538f80160b462c438428e831f22d42f5f27f32eb364f15fd62e6accd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: AnH_Dlu5gRClTEmI6AM2y5q4Urn5zJwu
via: 1.1 varnish, 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: K8TR7X2PVKS6KNNB
age: 1713653
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=425219 idim=2000x1125 ifmt=jpeg ofsz=12896 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 12896
x-amz-id-2: 82X0fvfLeV+AyenlhZ3rgbjs2OGSh+6cgtn1bjFA+XNMAtXK6PWvYvG1gy9Zjas3D3MvBlBncy4=
x-served-by: cache-iad-kjyo7100175-IAD, cache-fra-eddf8230108-FRA
server: AmazonS3
x-timer: S1685022849.372134,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "T4dW3XnzlgZXKHx6EXgrReq0hxrUKQHQ7TbiUB0Smng"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 31, 1

GET
H2 200 runtime~adManager.f40e8be31482317aa16e.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
2 KB 11ms
6ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.f40e8be31482317aa16e.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ec7436e7646b56061b17b8c5c256c629e6fd0986168714d3ff1d9bf869bc1226

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 52CHTAQWWTP4Q1F7
age: 33569
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2003
x-amz-id-2: pZYyNZEql6CgX9plVLROCiI1d7MgjQhTfjRVSra8MDMMHy/uvIKqfhmPtCx07Gke0C+G9H3pbZ8=
x-served-by: cache-fra-eddf8230036-FRA, cache-fra-eddf8230108-FRA
last-modified: Thu, 25 May 2023 04:15:20 GMT
server: AmazonS3
x-timer: S1685022849.296648,VS0,VE0
etag: "0f07b361da2494216d71bc9c1d04d557"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 adManager~video-html5-playlist~videoHtml5.2b2422de03ece058fd53.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
2 KB 14ms
10ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adManager~video-html5-playlist~videoHtml5.2b2422de03ece058fd53.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8413176dd89287beafbd21e4fa5586f3d5db9aefa37b1350b34bc7533ca5ef34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: 4VWP9BE4T1PBDMQN
age: 741918
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2234
x-amz-id-2: RZnpv1siAny1NsQDQnADiBGWCpWtatMtnULj9e/R6JzZly/Z7KoJJPoyFQgtw6z5eJnearYEY7TH3YQtQRO4kw==
x-served-by: cache-fra-etou8220104-FRA, cache-fra-eddf8230108-FRA
last-modified: Tue, 16 May 2023 21:57:01 GMT
server: AmazonS3
x-timer: S1685022849.299326,VS0,VE0
etag: "16aa057b72959400f9902e832edd0648"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 2

GET
H2 200 adManager.6a9d9d91d693ed1f30bb.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 26 KB
9 KB 16ms
12ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adManager.6a9d9d91d693ed1f30bb.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1063c185d2ba098c3c38deeaa02f320ce4850364758330aa5a511441bd313d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: AVZR6MXR7T4837NF
age: 1948180
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 8801
x-amz-id-2: WyIEYoJPLtm71TJuAkwAycvdpLLotL/PG2lBrSCISBZJOXrV27oGcgWFgr4n9DBae8AyddBTzLw=
x-served-by: cache-fra-eddf8230036-FRA, cache-fra-eddf8230108-FRA
last-modified: Tue, 02 May 2023 18:50:52 GMT
server: AmazonS3
x-timer: S1685022849.299364,VS0,VE0
etag: "af67733e6ec5929b31f5e219919c2b1a"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 2

GET
H2 200 adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~6b32d66e.ed6234f1c36e167fd42a.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
3 KB 13ms
9ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~6b32d66e.ed6234f1c36e167fd42a.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0ed375278b06c36ab8b2da5f18e09677565b827177abdffe343b8b274a70c08b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 185V7KTN9FWGW405
age: 213009
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2360
x-amz-id-2: 1T2wNHmM4ZdlFc+qs5lyiG/C8WFFKYx8DskHviz8thK7pEv6w/vcAYou9E6+JTXXB24xz7OgObA=
x-served-by: cache-fra-etou8220094-FRA, cache-fra-eddf8230108-FRA
last-modified: Tue, 23 May 2023 01:32:09 GMT
server: AmazonS3
x-timer: S1685022849.298890,VS0,VE0
etag: "31c8c11625e3f5d8c0f7975061fb849a"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 runtime~taboolaLoader.8539e99055799d7f071f.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
886 B 51ms
16ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/runtime~taboolaLoader.8539e99055799d7f071f.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9975431ab3558981df8a558a765319f7268c3d8acfe26b973a5963657f24ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: GP8X5S1M4JYP8J80
age: 68
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 688
x-amz-id-2: tLLiyLqfQByLg4kQrOvN2F4hGQCuM3bGW+1q3iCu8zWBUNCM2cdUzbPoxn0ExfUvfGAcKzGUnt4=
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Tue, 23 May 2023 05:18:28 GMT
server: AmazonS3
x-timer: S1685022849.329235,VS0,VE1
etag: "27f043f95ae2764c07794196a83ca0bc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 taboolaLoader.7324a95969deed2c15f4.js Show response
x.kinja-static.com/assets/new-client/ 10 KB
3 KB 50ms
16ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/taboolaLoader.7324a95969deed2c15f4.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d29eafa9d9e1188ebfffd7b7915d07a290be935b0f6ee1520013f535fe1ccfcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: AZ9DVKQKRPZG993B
age: 78
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3027
x-amz-id-2: 5Gbmky30RM7K9QDfPhOoSTR0nUvapPNMSYl/ybCLgUFHyAQhiWzPzfZkE8NtKWSp/ezRlCbuTwM=
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Thu, 25 May 2023 11:53:06 GMT
server: AmazonS3
x-timer: S1685022849.329338,VS0,VE2
etag: "f9669baed3598beda120473917b073df"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 runtime~videoMediaQuerySupport.87053d08d5634a107c35.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
1 KB 11ms
9ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoMediaQuerySupport.87053d08d5634a107c35.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: DHP11Q9N1VX8E56B
age: 739933
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 774
x-amz-id-2: TwN4iYxHe+Te96SUhEALd0zzR7EdPfDcG5qMb84Ouf9Q3gn03mlPAsGeGJ/PXqT41eWcxZ/cKDE/nmfKNsrKXakhblNXQjCUsSVtj5B4jek=
x-served-by: cache-fra-eddf8230083-FRA, cache-fra-eddf8230108-FRA
last-modified: Tue, 16 May 2023 21:57:05 GMT
server: AmazonS3
x-timer: S1685022849.298851,VS0,VE0
etag: "df042ee2742c71b59300a1b35069e3aa"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 videoMediaQuerySupport.b68e2424feab32dd0c91.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 1 KB
979 B 10ms
8ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/videoMediaQuerySupport.b68e2424feab32dd0c91.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: 4VWX6HES1WZJ9P15
age: 741918
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 683
x-amz-id-2: r+tnufO/Gngr3p7nsoU47GYhKmjVG3DaRJcKe99mWLOrd3Z3aaYhtqqfb0V+PFW9RsHEhczumPM=
x-served-by: cache-fra-etou8220112-FRA, cache-fra-eddf8230108-FRA
last-modified: Tue, 16 May 2023 21:57:07 GMT
server: AmazonS3
x-timer: S1685022849.298849,VS0,VE0
etag: "cd8a0c9965106e2f8e59fd060ddad4f1"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 2

GET
H2 200 accountwithtoken Show response
kinja.com/api/profile/ 243 B
1 KB 132ms
119ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja.com/api/profile/accountwithtoken?jsonp=_fasttoken&newFollows=true

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

be61dbb08493a8447831037a6e9f8d4759d08b61206f62d5674bf140470aa643

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 25 May 2023 13:54:09 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: master-only
x-kinja-gdpr: true
x-cache: MISS, MISS, MISS
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja-continent: EU
x-cdn-fetch: mantle-setcookie
content-length: 221
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000053-IAD, cache-iad-kiad7000053-IAD, cache-fra-eddf8230108-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1685022849.337813,VS0,VE107
x-frame-options: DENY
vary: Accept-Encoding,Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, private
accept-ranges: bytes
x-kinja-country: DE
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 ad-units-default.55de892b51749b41a0ec.js Show response
x.kinja-static.com/assets/new-client/ 14 KB
3 KB 10ms
9ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/ad-units-default.55de892b51749b41a0ec.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.f40e8be31482317aa16e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1a31861a53fec5e0e1135ff6fa3563ceb096a0fd0b5356004dcbc6931101d47a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 7WQQAG2QNDBR4FXE
age: 24
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3035
x-amz-id-2: vUdxVXnEPNfjNKZhSixhVrvYDlmMSUDYv6BRgfr+5dMHIW4ROebNXEqlXn2gWNKfyvRwKG4WLn8=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Thu, 25 May 2023 04:15:16 GMT
server: AmazonS3
x-timer: S1685022849.442186,VS0,VE1
etag: "a2b58fcd26dd23c07362a288cf2ebe23"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 display-theonion-desktop-config.5ab5847a5280d85ddbab.js Show response
x.kinja-static.com/assets/new-client/ 15 KB
2 KB 10ms
10ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/display-theonion-desktop-config.5ab5847a5280d85ddbab.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.f40e8be31482317aa16e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a66a45787e47ab5de0d1ed07d185f9ce9aa0907b60070c2e5af7f321eb11208f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: C28CNQJ1FEX6RRPD
age: 87
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1457
x-amz-id-2: 0LtUaIk4MhNZWrK22u8j5i1RN6hJAg/uVOhshsGDmvgpml+fwSxmNWUvQ2418cDs6bqhckpBrFgls4qvKLNBXGtXWow5zU5D+75qsxY7QZc=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Mon, 08 May 2023 20:29:08 GMT
server: AmazonS3
x-timer: S1685022849.442401,VS0,VE1
etag: "b4734303f497736db5de02d20c759ef0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 228 KB
56 KB 87ms
16ms Script
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/adManager.6a9d9d91d693ed1f30bb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:42:36 GMT
content-encoding: gzip
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 19:17:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 694
x-amz-server-side-encryption: AES256
etag: W/"d18b57a80b57082ffb531a2e077b3016"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: PNnIEWjb68Mf6XdcqOeZYR9fz3LwS7Zk5FdQqH86S_7Wf6ZBzq_9yw==

GET
H2 200 prebid-js-prod.71664cf4fdde6f76a812.js Show response
x.kinja-static.com/assets/new-client/ 433 KB
109 KB 10ms
10ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.f40e8be31482317aa16e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3f5f3be3dcd8039c166b39b0ebbf825484c57373c781f5fb67f29b70e91eea89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 649SFMJ0K6EXR2JA
age: 103
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 111685
x-amz-id-2: mLGNjCoSpNOqffIWVz3N2V6lmOwznOFaF76Ac/johUJgFP3+6dJqv1cufP85Wl3N2GJ6Cpp/6qU=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Mon, 08 May 2023 20:29:09 GMT
server: AmazonS3
x-timer: S1685022849.442988,VS0,VE2
etag: "1923b924651c8f275c430a10f8b695ed"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

/
www.theonion.com/
Redirect Chain

https://www.theonion.com/undefined
https://www.theonion.com/

232 KB
232 KB

9ms
8ms

Image
text/html

151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theonion.com/

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-kinja-server: kinja-magma-kube01-745948d8d6-fgzgl
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
content-encoding: gzip
date: Thu, 25 May 2023 13:54:09 GMT
age: 4
x-kinja-build: 4131
x-powered-by: Express
x-cache: MISS, HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja: kinja-magma-kube01-745948d8d6-fgzgl #4131
x-kinja-gdpr: true
x-cdn-fetch: mantle-default
content-length: 63288
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000116-IAD, cache-iad-kiad7000116-IAD, cache-fra-eddf8230108-FRA
x-googlenews-bot: false
x-timer: S1685022849.475426,VS0,VE0
etag: W/"621d4-2leFJnfkNJJiQnl9Rvz5vCklCVw"
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Authorization
content-type: text/html; charset=utf-8
cache-control: stale-if-error=86400, stale-while-revalidate=300
accept-ranges: bytes
x-kinja-revision: b5aaaf53a1801213237c1e82ed4514407cedfce4
x-cache-hits: 0, 4, 2

Redirect headers

x-kinja-server: kinja-magma-kube01-745948d8d6-4wzld
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
date: Thu, 25 May 2023 13:54:09 GMT
age: 70
x-kinja-build: 4131
x-powered-by: Express
x-cache: MISS, HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja: kinja-magma-kube01-745948d8d6-4wzld #4131
x-kinja-gdpr: true
x-cdn-fetch: mantle-default
content-length: 35
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000128-IAD, cache-iad-kiad7000150-IAD, cache-fra-eddf8230108-FRA
x-googlenews-bot: false
x-timer: S1685022849.463206,VS0,VE2
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Accept, Authorization
content-type: text/plain; charset=utf-8
location: /
cache-control: stale-if-error=86400, stale-while-revalidate=300
accept-ranges: bytes
x-kinja-revision: b5aaaf53a1801213237c1e82ed4514407cedfce4
x-cache-hits: 0, 2, 1

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 10ms
10ms Image
text/plain 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6770184&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1685022849455&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2F&c8=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&c9=
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: ojwbSWPhZFDNlqa_pa2yIBHXGN2t-8yyb5Xi1c6ErE6DmdFyb5Dflw==
x-cache: Miss from cloudfront

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 187 KB
62 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18265d4feb13c9e02c2f2d4d12de0e51d24500c23f2f68b5536f9e35e05e9097

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63710
x-xss-protection: 0
last-modified: Thu, 25 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 May 2023 13:54:09 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/gomedia1-network/ 158 KB
41 KB 36ms
10ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd41b4096ddcd496972e59aa37bfbaba103150498da855d96a9c7a3e5cabb2d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: zCtRJ0myHYr4gVY1P_xgdl2M5WmVSS7v
content-encoding: gzip
via: 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: 0Y2FJHAFEP98KFAW
age: 78
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 41439
x-amz-id-2: QABefJmSyiAoXUIOJl9elaTMPA1prAd1Kn5Z8yYI6LHK7nn6HH9+t/Fe3W2tCPqCNocmJGOpSVQ=
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Wed, 24 May 2023 09:55:10 GMT
server: AmazonS3
x-timer: S1685022849.499412,VS0,VE0
etag: "ded72c1c99249e8a0c6b6581745ac0ab"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 57
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 117 KB
46 KB 53ms
15ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-W523ND3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8facfa89433ed07dcc25f817b3b9992b7e359b1ea38c672869f69ba41bdf6ac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46811
x-xss-protection: 0
last-modified: Thu, 25 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 May 2023 13:54:09 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
11 KB 43ms
6ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?254
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:00:14 GMT
content-encoding: br
age: 3235
x-guploader-uploadid: ADPycdtYf7Wyp3wLHYb-rnAmth_poaJhS8JeFmT6QIrF5H3AM-xR84UPnbuf1qGzlCL408dWy9HCveOPlJX0TKDsLWJuQt0LTGTa
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10518
last-modified: Mon, 10 Apr 2023 17:13:24 GMT
server: UploadServer
etag: W/"b0965f051977c0dd95ffe2c736cac352"
vary: Accept-Encoding
x-goog-generation: 1681146804366265
x-goog-hash: crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type: application/javascript
cache-id: FRA-fa985ced
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: none

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
85 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ed8d3a8d867f80b40133bd8d869461487c8a8305a93d32d97dd237ae813dbf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87013
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 May 2023 13:54:09 GMT

GET
H2 200 gomedia_015a5_the_onion.js Show response
cdn-magiclinks.trackonomics.net/client/static/v2/ 95 KB
28 KB 213ms
8ms Script
text/javascript 2600:9000:236e:b400:1d:8c8c:47c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:b400:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash: 5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 00:53:24 GMT
content-encoding: gzip
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jun 2022 11:07:33 GMT
server: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
x-amz-cf-pop: FRA60-P1
age: 46844
etag: W/"17c61-5e21b75e9e639"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-id: eM81WklB43a8J2gVRzPcY2jF1pCxRmHV03M7wN9O-qtGmWyNWM4L0Q==

GET
H2 200 impl.20230524-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 765 KB
159 KB 16ms
9ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 60bff1f3d1652febff5190c494944d027b4239d3d030d189763a8e923d8d40a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: 9gF_vixk790PMrr6ZSiAuMXTJYSYOnzt
content-encoding: br
via: 1.1 varnish
date: Thu, 25 May 2023 13:54:09 GMT
x-amz-request-id: 10RGAEGWGYDV2QM9
age: 16073
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 162878
x-amz-id-2: TukxW3wMEa6clYOX8JTRJNM0GoO8JnYmpZ8ofsrkmy1cJZlOCcUcBQCvfDz1Tc4yl2VLxAo0nrI=
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Wed, 24 May 2023 09:26:16 GMT
server: AmazonS3-br
x-timer: S1685022850.582283,VS0,VE0
etag: "8207c55f07b51b46234d18f87fca31ce"
vary: Accept-Encoding
content-type: application/javascript
abp: 42
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 45549

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 937 B
1 KB 11ms
10ms XHR
application/json 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3076&u=https%3A%2F%2Fwww.theonion.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: Server /
Resource Hash: d7d8eda923854d45e87c11183868b806aff279a82906f1226d8752793a17ab67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 09:36:40 GMT
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 15448
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 937
x-amz-cf-id: LOFU0AkBqMh0rWiwTCE1u_mQJhLj1Z1MM-dtIpU5P4FfScDDoV3T6w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 34ms
9ms XHR
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding: gzip
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
date: Thu, 25 May 2023 03:01:00 GMT
x-amz-cf-pop: FRA2-C1
age: 39270
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 11 May 2023 21:16:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: rPhdcYi9nvkDslIRZibj_exzthpYyehGSfIbNKnYZzHBsvFI1nkAfA==

GET
H2 200 utsync.ashx Show response
ml314.com/ 62 B
310 B 83ms
81ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=90810&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.theonion.com%2F&pv=1685022849603_9ssq02c13&bl=en-us&cb=5665263&return=&ht=&d=&dc=&si=1685022849603_9ssq02c13&cid=&s=1600x1200&rp=&v=2.5.3.49
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?254
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:09 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 110ms
19ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 351568
expires: 60

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
35 KB 50ms
10ms Script
application/x-javascript 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dd295f1b8047318855e74e81dbeb02d463452670f2997dd64764a6ad88f3884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: FdZQKnEndO3mqmnRp7XQ3uMfeJERmMlw
content-encoding: br
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
date: Thu, 25 May 2023 06:06:19 GMT
x-amz-cf-pop: FRA50-C1
age: 28071
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:96f94076-69de-4a4b-8bd0-6fb739c06860
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: e16bd58aa55fcc98af3b10870aad5974
last-modified: Thu, 19 Jan 2023 10:03:36 GMT
server: AmazonS3
etag: W/"0820c3a8da5dbe428619a7328c53b95f"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 3efbae2e7f7f574316dfc685479946d213531c0b483ab4a61e653a0088f0cae8
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-id: KZqrwjj6Qn1oBf0C4moMI62MbY2YDykR5hMhUeLrSQKtAOcQnn3QSw==

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
452 B 104ms
103ms XHR
text/plain 54.159.254.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.254.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-254-249.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 25 May 2023 13:54:10 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 310ms
102ms Preflight 54.159.254.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.254.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-254-249.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theonion.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Thu, 25 May 2023 13:54:10 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
610 B 37ms
6ms Fetch
application/json 13.32.99.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-89.fra60.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 05:27:48 GMT
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront), 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 30381
x-amzn-requestid: 39b4b307-81b3-4567-aad2-1f0dcf2ab1a9
x-amzn-trace-id: Root=1-646ef1d4-09efeb2e400ae1302a980688;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: Fdq5NEEQjoEFrTw=
content-length: 30
x-amz-cf-id: 7paf3b5rjh4ykyQUHTXInFlk4Ln1F6NfSKksxS26OvQ7onDEEQ1zqw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 169ms
69ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5e38141216616f8afb1d4615524bc9437e25dbd47435765754da1d2278da3f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25176
x-xss-protection: 0
server: cafe
etag: 382 / 19502 / 31074846 / config-hash: 17486322505759701994
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 25 May 2023 13:54:10 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/gomedia/ 41 KB
17 KB 39ms
10ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/op.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb8868fc32945760add8b3a5b3cdbfe45a57ea6e509484152fe8bf003b37fc50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: U5eMmyay38ihHM0L.U.iQicu82wp4FGb
content-encoding: gzip
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
date: Thu, 25 May 2023 13:47:54 GMT
x-amz-cf-pop: FRA60-P4
age: 376
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 16426
x-amz-meta-git_commit: 8db6969
last-modified: Thu, 18 May 2023 17:27:24 GMT
server: AmazonS3
etag: "f506c262898985026e5cf22c0fc77d0e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: XZ24IKpyxMcQbv1rY7mmowuVU4fq_SeVwVOnxFtH4KIlfS5QmG32Pw==

GET
H2 200 vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~05df41a3.363d300fb78faf229ed7.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 13 KB
5 KB 20ms
18ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~05df41a3.363d300fb78faf229ed7.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

582fd9b394fd8aacd37da7ff532062c5b1d274b20441e35601f1ae44f6b9d340

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: SARN2A8PE41HR9J5
age: 216155
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 4324
x-amz-id-2: 3B1YFywcEo4S5tKT+KkV692lcu9bbMhMLTfPApCU/2S6tkIjJT4/5efkk7nm9ZYp3rl8EuCw0U4=
x-served-by: cache-fra-eddf8230126-FRA, cache-fra-eddf8230108-FRA
last-modified: Tue, 23 May 2023 01:32:15 GMT
server: AmazonS3
x-timer: S1685022850.926555,VS0,VE0
etag: "24a9498d1213a702146f438367e2d1c0"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 runtime~videoHtml5.e14dce3a08fafa56c5bb.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 7 KB
3 KB 20ms
18ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoHtml5.e14dce3a08fafa56c5bb.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

690d140c84dff4981749a656ec4f6f14200f3caabbdae6ea3fb8f6877f8b798b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: KKZAZ3FH09Q8CSF8
age: 34767
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2291
x-amz-id-2: uOEwDfpAFC+JgmXk4kUkRMcPn/d8RNMqWhKsITtEerMDJyExvCT2CiuQueKamvuDITEj4qTDxsM=
x-served-by: cache-fra-etou8220068-FRA, cache-fra-eddf8230108-FRA
last-modified: Thu, 25 May 2023 04:08:07 GMT
server: AmazonS3
x-timer: S1685022850.926077,VS0,VE0
etag: "02c31e4e1346f9f4e1ff4d147678bad5"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 2

GET
H2 200 vendor~video-html5-playlist~videoHtml5.3404bd78c2138beb1abe.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 5 KB
3 KB 20ms
18ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~video-html5-playlist~videoHtml5.3404bd78c2138beb1abe.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f8390791fab3a4f38a41db5a1965adb8979102262b3ffbfb12d504b262b6f823

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: V002TQK5V7P8W6RJ
age: 656891
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2219
x-amz-id-2: 6s/RwSiUWjyVkVh+YVoezfdmWgoPZX1swQV8PmoulzklcATCXvv3Dg4qkQ64uRN3IZIoA9YKmIbtOiQiyMRhk6rxGUXRQ7VxzKotS1wEGTU=
x-served-by: cache-fra-etou8220091-FRA, cache-fra-eddf8230108-FRA
last-modified: Wed, 17 May 2023 23:22:53 GMT
server: AmazonS3
x-timer: S1685022850.926084,VS0,VE0
etag: "eb3014d73b920f7615361db363eba89c"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 video-html5-playlist~videoHtml5.f00fb8f446bd9abc1269.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 48 KB
14 KB 20ms
19ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.f00fb8f446bd9abc1269.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4d0de41b596f1c37d0cf111f5678e895cbb61068a7978f9d9afd342285522a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: A98BE9H0Q2PJERPD
age: 246321
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 13382
x-amz-id-2: 886qAbmcOFPBBBCLTg4oKaXSswP4GwbEEmcNJ5Fxp0Nvouw+65v+3kuugDajGatsBp7QxJE8gC9IA1350Og80k5HAUvcMrqbxqhQKJJlllc=
x-served-by: cache-fra-eddf8230028-FRA, cache-fra-eddf8230108-FRA
last-modified: Mon, 22 May 2023 17:23:17 GMT
server: AmazonS3
x-timer: S1685022850.925942,VS0,VE0
etag: "294d0f6bc48aefbe4c091d2345c7104a"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 0, 2

GET
H2 200 videoHtml5.e757d5ad26575b2fd5f4.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 12 KB
5 KB 20ms
19ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/videoHtml5.e757d5ad26575b2fd5f4.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

638cb175b6c9d489fd461421a80dd74569f0873de513aec695e34aa1d2b75304

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 1RHFG92Q6Q7K9E0J
age: 213009
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 4377
x-amz-id-2: ji5UPEGkUsiewgVCkmaYQNl5fQjlPxFqCxYtkv0GKL3hk2NAxnkAM2AEX0RxUXJT23/Iu6HtGy0=
x-served-by: cache-fra-etou8220094-FRA, cache-fra-eddf8230108-FRA
last-modified: Tue, 23 May 2023 01:32:16 GMT
server: AmazonS3
x-timer: S1685022850.925923,VS0,VE0
etag: "0aa96367538d47c90a966deefe23e9f2"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
121 KB 108ms
20ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.f00fb8f446bd9abc1269.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123025
x-xss-protection: 0
expires: Thu, 25 May 2023 13:54:10 GMT

GET
H2 200 b-8db6969-11fd6bfd.js Show response
tagan.adlightning.com/gomedia/ 90 KB
33 KB 13ms
12ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30d6dfd42b9a5f0be38020e3fe03042fe88b4931993c6c63c0b8061e934d727f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 19:33:08 GMT
content-encoding: gzip
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-amz-version-id: HQt7ZtDt1P5TOrLzwiKvyGrv1Hhamfho
x-amz-cf-pop: FRA60-P4
age: 3003663
x-cache: Hit from cloudfront
content-length: 33634
x-amz-meta-git_commit: 8db6969
last-modified: Mon, 31 Oct 2022 20:36:51 GMT
server: AmazonS3
etag: "e4052d126a40ba70c16eb758095d1d13"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 4f4WibgsMUYgu1Wm9yYjrsgjf88fmgQ7rQ_DJ247WuJ0YS1g4ygk6A==

GET
H2 200 bl-e09f10f-0d1cecf0.js Show response
tagan.adlightning.com/gomedia/ 50 KB
22 KB 17ms
16ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/bl-e09f10f-0d1cecf0.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 125e539173a50a3dea5c5fdf369e3823754d7bab90fb9107a0088854f676d9b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 17:45:55 GMT
content-encoding: gzip
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-amz-version-id: Hp7s15JqMPjjWdVanor5jo_ZdS7QA.e.
x-amz-cf-pop: FRA60-P4
age: 590896
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 21784
x-amz-meta-git_commit: e09f10f
last-modified: Thu, 18 May 2023 17:26:50 GMT
server: AmazonS3
etag: "cec4bab0149bb18cab5154697d21d74f"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: bWLTd47ugjy4ywlAWtLi7rbIshW7U1oyzMNoAazAlf236J1n4XXGmQ==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/ 404 KB
125 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js?cb=31074846

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af07705eb7e434ddc33426eb84d9ba31bba2b5cc9d022239df1c1376e437f1d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 12:36:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4662
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127485
x-xss-protection: 0
server: cafe
etag: 17275677167730277524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 24 May 2024 12:36:28 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 219 B
165 B 64ms
43ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.theonion.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fae5e1f0ad241683e0138a7442b5cab53b0cbad0687c5fc5933aacfb961e12c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140
x-xss-protection: 0
expires: Thu, 25 May 2023 13:54:10 GMT

GET
H2 200 bridge3.575.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8A4E 707 KB
226 KB 11ms
10ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f19114fc66ef2ca455dc1b7e93be045b3698a3f291312e951b163473fbf6980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 293777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231096
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 04:17:53 GMT
expires: Tue, 21 May 2024 04:17:53 GMT
last-modified: Mon, 22 May 2023 04:15:41 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 87ms
36ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 May 2023 13:54:10 GMT

GET
H2 200 ad-manager-bulbs.9314c5be0fc977aeb462.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
1 KB 9ms
9ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/ad-manager-bulbs.9314c5be0fc977aeb462.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

adcaa82dccaaa3cecdc503fc6531653947d6204a997edcbd4d796033fe49751d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: JSFV3VCTCDS52EF7
age: 104
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 890
x-amz-id-2: BvN3IGiyiUzp7MxRdNQjmJ/CckdG7ixkO3HP/vfD95MnEV5pnOOe/Z9xZYn4iYbCkV/2+ElfWyg=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Wed, 17 May 2023 16:02:17 GMT
server: AmazonS3
x-timer: S1685022850.300018,VS0,VE1
etag: "60cc980aa15c3a25170f779267f90ea6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 301 B
536 B 132ms
54ms XHR
application/json 54.229.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-1,ss:%5B1280.720,970.252,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.39.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-39-212.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c0742372439397bd0ea6186aba86699f7f2e2fc3f50bf291e79ea7e91f3afad0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
server: nginx
x-server-name: app16.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 210ms
51ms XHR
text/javascript 52.222.209.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=TuCqonSGxbEZs&cb=0&ws=1600x1200&v=23.517.1921&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-2%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_top-banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.209.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-209-4.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: AFW4N1AS03RCFD9Y9Z1R
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 9B_63xn7j0V8rpj-CBSvTomLIg76TRt0Pg_tAARx0WMFRZu2UVMsCg==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 282 B
516 B 130ms
59ms XHR
application/json 54.229.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-2,ss:%5B970.250,970.251,970.90,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.39.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-39-212.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4a0ad8029e7a1e5f04247b07e3be19768196ce8e66128b9dffe58240b5cc2de0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
server: nginx
x-server-name: app13.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 71ms
34ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d27d3ce9124909a5ff44640d1a1556822d10db85c40fd45c9c574d52ff30fb1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 May 2023 13:54:10 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 40ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 39ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 674 B
378 B 57ms
57ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js?cb=31074846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dd16b949e171070e7bcfcf697274c0df2e8539fb1dbe7e6de696040e82d7c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 348
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 85ms
60ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305220101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js?cb=31074846

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30605821fb656678741a59f72d704f6faf52172c1745adb3927e3a5802a10ae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11234
x-xss-protection: 0

GET
H2 200 container.html Show response
b6f7b9554bcec69ba68993f256e2026a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BC1F 6 KB
3 KB 100ms
44ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b6f7b9554bcec69ba68993f256e2026a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js?cb=31074846

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 May 2023 13:54:10 GMT
expires: Fri, 24 May 2024 13:54:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
508 B 76ms
51ms XHR
application/json 3.64.171.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.44.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.171.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-171-66.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:10 GMT
accept-ch: sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
159 B 118ms
31ms XHR
text/plain 3.124.127.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.127.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-127-106.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 25 May 2023 13:54:10 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 111ms
51ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 25 May 2023 13:54:09 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content / Show response
ads.resetsrv.com/ 0
382 B 399ms
179ms XHR
text/html 138.197.55.50
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.resetsrv.com/
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.55.50 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 25 May 2023 13:54:10 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-methods: GET, POST
content-type: text/html

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
195 B 90ms
32ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=6578505339&lsavail=0

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 25 May 2023 13:54:10 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 379 B
940 B 152ms
61ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=392270&zone_id=2189722&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww.theonion.com%2F&kw=TheOnion&tg_v.iab_segments=1-4&tg_i.domain=theonion.com&tg_i.page=https%3A%2F%2Fwww.theonion.com%2F&tg_i.pbadslot=%2F4246%2Ffmg.onion%2Ffrontpage%2F2%2Ftop&tk_flint=pbjs_lite_v7.44.0&x_source.tid=1a5184b2-b06d-4f7e-a9c9-14387b9728f6&l_pb_bid_id=1271bec3d1a8bbb&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1a5184b2-b06d-4f7e-a9c9-14387b9728f6&rp_maxbids=1&p_gpid=%2F4246%2Ffmg.onion%2Ffrontpage%2F2%2Ftop&slots=1&rand=0.9940115182678544
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b3e99914a00d9c5183225436f894d820998137017c6e50afdd840c918df78cd6

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:10 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theonion.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 379
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
fusion-media-group-d.openx.net/w/1.0/ 73 B
379 B 68ms
31ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theonion.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1a5184b2-b06d-4f7e-a9c9-14387b9728f6&nocache=1685022850403&aus=970x250%2C970x251%2C970x90%2C728x90%2C1600x520&divids=dfp-ad-2&aucs=%252F4246%252Ffmg.onion%252Ffrontpage%252F2%252Ftop&auid=545727625
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e9b433e9788dcda52ba157d0162fabfdbb3233975262a4226c04dfef3ff6b18f

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.theonion.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 105 B
453 B 122ms
40ms XHR
application/json 34.252.134.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.252.134.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-134-81.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 8776a8ad91c217fa4d327ff5d7dbf975bbfc3585e5aaf22d68fa4ae7d2888a45

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
947 B 202ms
153ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5a49cf74a234b01650f208a787578e011c050bc3056ffb33dd35a5ec73db8b8a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 May 2023 13:54:10 GMT
AN-X-Request-Uuid: 02230b81-8b17-420a-a796-2e621ddabaf2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 146.70.117.71; 146.70.117.71; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
240 B 365ms
140ms XHR
application/json 18.195.189.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.189.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-189-38.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3f5fce94ad605982255f98a7ff3d67f71858622afaf9a14859a06b9e028eda8c

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 25 May 2023 13:54:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
access-control-allow-credentials: true
content-length: 49
content-type: application/json

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
801 B 48ms
12ms XHR
application/json 52.57.115.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%221a1e75ca-a2c5-4a60-a227-18e017c66d73%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1685022850410%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2222fdfc2baa6526f%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%2222fdfc2baa6526f%22%3A%5B%5B970%2C250%5D%2C%5B970%2C251%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%221a5184b2-b06d-4f7e-a9c9-14387b9728f6%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F2%2Ftop%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F2%2Ftop%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C251%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-2%22%2C%22transactionId%22%3A%221a5184b2-b06d-4f7e-a9c9-14387b9728f6%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C251%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%2222fdfc2baa6526f%22%2C%22bidderRequestId%22%3A%22216d263a036438e%22%2C%22auctionId%22%3A%22b1e77c16-ef81-4398-881a-3bcc4b37e9d0%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B0.7999992370605469%5D%2C%22userId.mods.uid2.init%22%3A%5B0.7999992370605469%5D%2C%22userId.init.modules%22%3A%5B2.9000015258789062%5D%2C%22requestBids.usp%22%3A0.10000228881835938%2C%22requestBids.userId%22%3A0.09999847412109375%2C%22requestBids.rtd%22%3A69%2C%22requestBids.validate%22%3A0.6999969482421875%2C%22requestBids.makeRequests%22%3A3.5%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D%7D%5D%2C%22prebidVersion%22%3A%227.44.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.115.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-115-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 May 2023 13:54:10 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Accept-Ch: Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
Nbr: 508
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
566 B 118ms
90ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=727144
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5daee2974fa584e4ada3a944750121f8ee7500c8dbda3fe304dbf2d01856ad21

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xkK6791bRjmOKA8BGxx42dC%2BQlbNCKdWgWwcYvwzkQeRKftmkwJG93poHUrOpQSeXDnQeBCQAwCHNl5yLYtlWb%2FYosziQGSYxBOsGzBl0KHYUGiWrSnnUE6S0ZmIIEqMA4GQtIt"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7cce44cf4c5392b3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 160ms
61ms XHR
application/json 52.223.4.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.223.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
287 B 20ms
20ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 354185
expires: 60

GET
H2 200 json Show response
trc.taboola.com/gomedia1-theonion/trc/3/ 59 KB
17 KB 467ms
460ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/gomedia1-theonion/trc/3/json?tim=13%3A54%3A10.525&lti=deflated&data=%7B%22id%22%3A618%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1684922103457%2C%22vi%22%3A1685022850522%2C%22cv%22%3A%2220230524-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5929%2C%22nsid%22%3A%22gomedia1-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dgomedia1-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A5929.125%2C%22mw%22%3A1300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Dgomedia1-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ea9eb65ccb26ccce2f8c8cf4781fbff8221c570961b71e4dc16de803bed8233

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 446
date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230041-FRA
server: nginx
x-timer: S1685022851.538541,VS0,VE446
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.theonion.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 38ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 May 2023 13:54:10 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 332A 15 KB
6 KB 21ms
21ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 May 2023 13:54:10 GMT
server: Kestrel
server-processing-duration-in-ticks: 372665
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 52ms
52ms XHR
text/javascript 52.222.209.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=TuCqonSGxbEZs&cb=1&ws=1600x1200&v=23.517.1921&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-9%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.209.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-209-4.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: ERC7BTRG6Z1TXC301RJN
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: f4576wngkS_DKg0ZIgJLuwNd6jERzC_VbgY26Lgwr7rnXc6ZAN0j9Q==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 301 B
535 B 66ms
65ms XHR
application/json 54.229.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-9,ss:%5B970.250,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.39.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-39-212.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 735c404d5eb5ac2d0ce08d5463e0d2400b2d6470adac2cd58e56cdb3876410d5

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
server: nginx
x-server-name: app14.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
461 B 50ms
50ms XHR
text/javascript 52.222.209.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=TuCqonSGxbEZs&cb=2&ws=1600x1200&v=23.517.1921&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-7%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.209.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-209-4.fra56.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: RKR6K4JFMEWHY0E52V4C
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: iw_0MAtSk0sDpvwjshCoA7ZziS60lmc2u9sQ3_kNiN8_Vn2vNXQ6yw==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 301 B
535 B 54ms
53ms XHR
application/json 54.229.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-7,ss:%5B970.250,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.39.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-39-212.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 564a2d5a494c5ad18cc8ab626fd34b94ebaf23afe884bfc8cd7fb4cf4f1d5edf

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
server: nginx
x-server-name: app09.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
507 B 118ms
114ms XHR
application/json 3.64.171.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.44.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.171.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-171-66.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:10 GMT
accept-ch: sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 arj Show response
fusion-media-group-d.openx.net/w/1.0/ 73 B
145 B 29ms
25ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theonion.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=965ac992-f376-4b96-a448-55804a61fde2&nocache=1685022850572&aus=970x250%2C728x90%2C1600x520&divids=dfp-ad-9&aucs=%252F4246%252Ffmg.onion%252Ffrontpage%252F9%252Fmid_banner&auid=545727615
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 514ee176d2081129cc97b2a18a6aeac1b2ef555721a265b03f81e228255f3fbb

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.theonion.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 35ms
32ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=7145364186&lsavail=0

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 25 May 2023 13:54:09 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
801 B 18ms
17ms XHR
application/json 52.57.115.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%221a1e75ca-a2c5-4a60-a227-18e017c66d73%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1685022850574%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22369951be5058557%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%22369951be5058557%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22965ac992-f376-4b96-a448-55804a61fde2%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F9%2Fmid_banner%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F9%2Fmid_banner%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-9%22%2C%22transactionId%22%3A%22965ac992-f376-4b96-a448-55804a61fde2%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%22369951be5058557%22%2C%22bidderRequestId%22%3A%22357c54359b21365%22%2C%22auctionId%22%3A%22cb5b5921-594a-4207-b764-d7aa7324a240%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B0.7999992370605469%5D%2C%22userId.mods.uid2.init%22%3A%5B0.7999992370605469%5D%2C%22userId.init.modules%22%3A%5B2.9000015258789062%5D%2C%22requestBids.usp%22%3A0.20000076293945312%2C%22requestBids.userId%22%3A0%2C%22requestBids.rtd%22%3A13.099998474121094%2C%22requestBids.validate%22%3A0%2C%22requestBids.makeRequests%22%3A1.5%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D%7D%5D%2C%22prebidVersion%22%3A%227.44.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.115.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-115-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 May 2023 13:54:10 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Accept-Ch: Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
Nbr: 508
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 277ms
240ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

212c6c3d608079d600a89f8141de3ca4fb381b1aca8e12a5e669815749315793

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 May 2023 13:54:10 GMT
AN-X-Request-Uuid: 067200fe-f7dc-49ab-b587-99d04c4108fc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 146.70.117.71; 146.70.117.71; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
241 B 90ms
31ms XHR
application/json 18.195.189.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.189.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-189-38.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1c8ca7b6a077da2f5e0c1d79c074684b93c9ad901ebdba3a19c0319347076575

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate
content-length: 49
content-type: application/json

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 105 B
452 B 37ms
37ms XHR
application/json 34.252.134.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.252.134.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-134-81.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 89ecfb858ac8a33f5e99389189e952333fdf09b4b7f081ea4bd09acdbffaf5ac

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
635 B 41ms
18ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU74RYRS
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7d9108d5fe7c8fa650fad1d89dffab5f622d9533a23e39c6192bcb8569709817

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 May 2023 13:54:10 GMT

POST
H/1.1 204
No Content / Show response
ads.resetsrv.com/ 0
382 B 347ms
160ms XHR
text/html 138.197.55.50
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.resetsrv.com/
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.55.50 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 25 May 2023 13:54:10 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-methods: GET, POST
content-type: text/html

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 37ms
37ms XHR
application/json 52.223.4.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.223.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
62 B 42ms
42ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 25 May 2023 13:54:09 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 73ms
72ms XHR
text/plain 3.124.127.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.127.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-127-106.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 25 May 2023 13:54:10 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 67ms
67ms XHR
text/plain 3.124.127.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.127.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-127-106.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 25 May 2023 13:54:10 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
523 B 8ms
8ms XHR
application/json 3.64.171.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.44.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.64.171.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-64-171-66.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:10 GMT
accept-ch: sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
240 B 90ms
44ms XHR
application/json 18.195.189.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.189.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-189-38.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 014f235236af831dc18bebba5bf8ca9a0d2ad0fb04c98064790a3f4c77444457

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 25 May 2023 13:54:10 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-length: 49
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
947 B 54ms
16ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

7941a6f509b7760cef9ae2c1e13e076530a5b08f9c05ea1e9ac2561e0ed9bd4f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 May 2023 13:54:10 GMT
AN-X-Request-Uuid: cc5331c1-97bf-48e5-b72d-64d8edcfe626
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 146.70.117.71; 146.70.117.71; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
fusion-media-group-d.openx.net/w/1.0/ 73 B
101 B 29ms
28ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theonion.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cafe7db8-ae67-4e01-948b-732ac00e3e59&nocache=1685022850589&aus=970x250%2C728x90%2C1600x520&divids=dfp-ad-7&aucs=%252F4246%252Ffmg.onion%252Ffrontpage%252F7%252Fmid_banner&auid=545727615
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 41ed70da9d1f49cc976b234dd0c093e326b4626de463d26b3f5d05c054730f5b

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.theonion.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 105 B
452 B 36ms
35ms XHR
application/json 34.252.134.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.252.134.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-134-81.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 752e5fd378491d1b3164d0c45a0703ebd4e31a2337701fb441e7b7e3258a3775

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
801 B 21ms
17ms XHR
application/json 52.57.115.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%221a1e75ca-a2c5-4a60-a227-18e017c66d73%22%2C%22requestCount%22%3A2%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1685022850590%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%226681c3fb91d8ccc%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%226681c3fb91d8ccc%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22cafe7db8-ae67-4e01-948b-732ac00e3e59%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F7%2Fmid_banner%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F7%2Fmid_banner%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-7%22%2C%22transactionId%22%3A%22cafe7db8-ae67-4e01-948b-732ac00e3e59%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%226681c3fb91d8ccc%22%2C%22bidderRequestId%22%3A%22659f858dad00a2b%22%2C%22auctionId%22%3A%22a5bb3a07-a683-4d6b-ab51-a8e9756da440%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B0.7999992370605469%5D%2C%22userId.mods.uid2.init%22%3A%5B0.7999992370605469%5D%2C%22userId.init.modules%22%3A%5B2.9000015258789062%5D%2C%22requestBids.usp%22%3A0%2C%22requestBids.userId%22%3A0.20000076293945312%2C%22requestBids.rtd%22%3A22.89999771118164%2C%22requestBids.validate%22%3A0.1999969482421875%2C%22requestBids.makeRequests%22%3A1.7999992370605469%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D%7D%5D%2C%22prebidVersion%22%3A%227.44.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.115.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-115-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 May 2023 13:54:10 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Accept-Ch: Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
Nbr: 508
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 69ms
42ms XHR
application/json 52.223.4.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.223.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

POST
H/1.1 204
No Content / Show response
ads.resetsrv.com/ 0
382 B 399ms
204ms XHR
text/html 138.197.55.50
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.resetsrv.com/
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.55.50 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 25 May 2023 13:54:10 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-methods: GET, POST
content-type: text/html

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
62 B 45ms
43ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 25 May 2023 13:54:09 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ 2 KB
2 KB 51ms
50ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=98609142361&lsavail=0

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

393e670b043757b273bfa3f071439061cfa03327dc538ba6ca730b7d182de1ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
318 B 26ms
19ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU74RYRS
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 46a76bf1ff1716d3a87dade6460b4b3c7971a42dddd38a109877d4531a0e7e73

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 May 2023 13:54:10 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 332A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=theonion.com&sn=ChromeSyncframe&so=0&topUrl=www.theonion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=IgqTEnxqU3h1Z2tkcHJmZjRwR1hnOVdGYXpPcjJ5RHV6MkhsTXZ3dEN1T083Z2huc0ZuQUZ0V1ZBdm8wT3VPWGJ5bWtwL3Z1MEtHN1NxM2tERFZjOXZhcXdvM2J3TjBaNWJjbHNKcmFPRFNJZDh2a3Zta1FmQzJHd2hZdk...

441 B
655 B

59ms
21ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=IgqTEnxqU3h1Z2tkcHJmZjRwR1hnOVdGYXpPcjJ5RHV6MkhsTXZ3dEN1T083Z2huc0ZuQUZ0V1ZBdm8wT3VPWGJ5bWtwL3Z1MEtHN1NxM2tERFZjOXZhcXdvM2J3TjBaNWJjbHNKcmFPRFNJZDh2a3Zta1FmQzJHd2hZdkdhdmpkbHVvREVtSDV3cDhLemdkRWtxbWk4U21qUnRaQjk2Y3JwMm9YNHdFcTJJbmxWUEZKdEN5VTNsY2l3Q1Z2YlM1V0hoU3o1ZDVMZ1h1RisycW1vVDdhT3pjOUZKYk4xaElnUEhwU0o4NmUzK0lvYzlsUHA4VWdJdWpFb1FoSXEyM2xjWnAwd1UvZXZGYmQrSUtwd2V1SFFuT2VYZz09fA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b1d67346f32ba6a331321f8f3e2b0112e80e41db809959974d308120aeda29da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4434507
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=IgqTEnxqU3h1Z2tkcHJmZjRwR1hnOVdGYXpPcjJ5RHV6MkhsTXZ3dEN1T083Z2huc0ZuQUZ0V1ZBdm8wT3VPWGJ5bWtwL3Z1MEtHN1NxM2tERFZjOXZhcXdvM2J3TjBaNWJjbHNKcmFPRFNJZDh2a3Zta1FmQzJHd2hZdkdhdmpkbHVvREVtSDV3cDhLemdkRWtxbWk4U21qUnRaQjk2Y3JwMm9YNHdFcTJJbmxWUEZKdEN5VTNsY2l3Q1Z2YlM1V0hoU3o1ZDVMZ1h1RisycW1vVDdhT3pjOUZKYk4xaElnUEhwU0o4NmUzK0lvYzlsUHA4VWdJdWpFb1FoSXEyM2xjWnAwd1UvZXZGYmQrSUtwd2V1SFFuT2VYZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 339414
content-length: 0
expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 909E 13 KB
5 KB 13ms
8ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 May 2023 13:35:48 GMT
expires: Fri, 24 May 2024 13:35:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2632 783 B
1 KB 70ms
45ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

46bcdeff7e0fe6ae7050dc9d2e5edd5e74d3c78e6f322dc7df3c1a73a40ffb40

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pReq04AtZhUE1JFN3OYjNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-pReq04AtZhUE1JFN3OYjNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 May 2023 13:54:10 GMT
expires: Thu, 25 May 2023 13:54:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js Show response
pagead2.googlesyndication.com/bg/ Frame 909E 37 KB
14 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 20:55:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14738
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 May 2024 20:55:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2632 0
0 44ms
43ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305220101&jk=3440710234520848&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 909E 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ykv_iA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 381 B
166 B 602ms
601ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3440710234520848&correlator=4180894562124297&eid=31074846&output=ldjh&gdfp_req=1&vrg=202305220101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x251%7C970x90%7C728x90%7C1600x520&ifi=2&adks=2283483005&sfv=1-0-40&prev_scp=article_position%3Dnone%26pos%3Dtop%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dtop-01%26amznbid%3D2%26amznp%3D2%26fr%3Dfalse%26ias-kw%3DIAS_1509460_PG%2CIAS_1500902_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow&eri=1&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&sc=1&cookie=ID%3D6435e921a52aef89%3AT%3D1685022850%3AS%3DALNI_MYAAKk20znGevJT9vZMXXMx0kGbNg&gpic=UID%3D00000c1bfef4de77%3AT%3D1685022850%3ART%3D1685022850%3AS%3DALNI_MaendXm_-IMH9Z7hrXHclsj9akzrA&abxe=1&dt=1685022850814&lmt=1685022850&dlt=1685022849242&idt=1036&adxs=315&adys=303&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&psz=1600x290&msz=1600x290&fws=4&ohw=1600&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1286725370.1685022850&ga_sid=1685022850&ga_hid=608437533&ga_fc=false&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGJb6wJmFMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js?cb=31074846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e988192ae58551ea32719b8dd14415ad06e94360a96c4fc67e3f32384085bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 183957-47751755686051.js Show response
js-sec.indexww.com/ht/p/ 47 KB
16 KB 74ms
27ms Script
text/javascript 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 25 May 2023 13:30:57 GMT
server: cloudflare
age: 1105
etag: W/"764eb3-bde7-5fc84a16a2a54"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 7cce44d29cc11951-FRA
expires: Thu, 25 May 2023 17:54:10 GMT

GET
H2 200 runtime~trackers.72ff5fb7f8166ed35204.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
2 KB 29ms
28ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~trackers.72ff5fb7f8166ed35204.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d7fa261298e7430c764efe74a192a4bb2b3c975032be043c0402d23d800ca438

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: Z5FNT9F98BPQ9J12
age: 562118
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1240
x-amz-id-2: duSgu1TQyN+5uXZz8y9GKrGSem2eZUw3TgmHd4pSbQldmqp72k4Q7bVIQjdookbJz45/2VJFByE=
x-served-by: cache-fra-eddf8230061-FRA, cache-fra-eddf8230108-FRA
last-modified: Thu, 18 May 2023 18:28:03 GMT
server: AmazonS3
x-timer: S1685022851.933638,VS0,VE0
etag: "28ce9e853d973730f3213e688dbbab3d"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 2

GET
H2 200 vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~f03f75f6.85d1e73595bfdd5ac1fb.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 39 KB
15 KB 29ms
28ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~f03f75f6.85d1e73595bfdd5ac1fb.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2b14301c6e55453137555d78d96f03fbfe06dfd5f7b648228770384f9d05b257

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: PGEAQDJ0R4HZJZ0X
age: 1836121
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 14556
x-amz-id-2: Q1qSTk3NrYsdrkeDxd20GSs4Ar3CW54WgdoM76Kf+KIcRKsVHfROihwKEhK9KyfNbgA6CDiXUL44sOnvcpw8Ug==
x-served-by: cache-fra-eddf8230120-FRA, cache-fra-eddf8230108-FRA
last-modified: Thu, 04 May 2023 07:48:47 GMT
server: AmazonS3
x-timer: S1685022851.933449,VS0,VE0
etag: "75f3ef47af5ef4469b4a4fc23ab3c921"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~f45c433b.4f60635980d0538e6e73.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 99 KB
31 KB 27ms
26ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~f45c433b.4f60635980d0538e6e73.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d998c7ddc798f324ab6863a89d6900a05201ccc351d8a69dffc3e0820d37a590

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 6777DZMCJWDERWS4
age: 818277
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 30788
x-amz-id-2: 82QT6nBrbxD8sEyw9SdpsXgVpouwMfm5hx+9JxoRpJVBg7weXz+R/KjLUQEduDdUqjGBaIVN51X5ow7AXpGW8RoSdTVSjBdhsBYjn7/wHxg=
x-served-by: cache-fra-etou8220059-FRA, cache-fra-eddf8230108-FRA
last-modified: Mon, 15 May 2023 22:07:17 GMT
server: AmazonS3
x-timer: S1685022851.934771,VS0,VE0
etag: "e9283107ac6f50052c7505cb86ab7de5"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 2

GET
H2 200 vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~f904d832.b047e35293b44330410c.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 82 KB
29 KB 27ms
26ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~f904d832.b047e35293b44330410c.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2c51a9f78fdccbfbd0c6bf58c7146bf7ea7a6e9c0e27795f07f1247c4c682dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 3EANDHSKKE8F5ZP2
age: 192928
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 29208
x-amz-id-2: J26vglgXymGjzGS/hOObO3Q2GxOrSz4oOxhU1ZtBof/TkHItaVYTMnFEQScsh+5ffHUlmTeq2dY=
x-served-by: cache-fra-eddf8230130-FRA, cache-fra-eddf8230108-FRA
last-modified: Tue, 23 May 2023 04:48:16 GMT
server: AmazonS3
x-timer: S1685022851.934146,VS0,VE0
etag: "156025c8b74f9f7dea90404359cb5d0a"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 0, 2

GET
H2 200 vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~70ca869d.d5d5e9de972cca1476c3.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 4 KB
2 KB 27ms
26ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~70ca869d.d5d5e9de972cca1476c3.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

98c115c8f099e933183fb18adb4c9f7c5d2b552d1d025d9f90a6a21d2e00dc63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 3YSZ1S901P03AATG
age: 737725
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1521
x-amz-id-2: 3ZVQIlJt/h6BRqvNOhWwGb6lSRCNLHWGW8eC+MbsNy/w99igNZ59AwJYZDrs+DEi6y0NekL76CgJrcH+owH8TQ==
x-served-by: cache-fra-eddf8230103-FRA, cache-fra-eddf8230108-FRA
last-modified: Tue, 16 May 2023 21:57:06 GMT
server: AmazonS3
x-timer: S1685022851.934124,VS0,VE0
etag: "f8f5ee04824fbd9edad156ea80bf6720"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 2

GET
H2 200 vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~040a7305.4a2115a7136db1a38532.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 3 KB
1 KB 28ms
27ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~040a7305.4a2115a7136db1a38532.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a198440fa540fd8de0dfe887ae1bf7890e4c17b2c99989ff42e6efba7b06361f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: HZHDC4KEJRHZ7S3X
age: 812643
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1045
x-amz-id-2: V6dg5ADcQ3TM9u3LwYzvhuS3o6j0q7redxWQu+IrPDOgTEkTxOrKES6D45isAhojryYK4zh3+snbGzdrMi5lNac0WWx1EVhtdRSJLdyLU8Y=
x-served-by: cache-fra-eddf8230091-FRA, cache-fra-eddf8230108-FRA
last-modified: Mon, 15 May 2023 22:07:17 GMT
server: AmazonS3
x-timer: S1685022851.933474,VS0,VE0
etag: "9e1ebe7611aa4f191b5498ff28184112"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 vendor~curatedHomepage~featureSwitchPageClient~frontPage~modify-commerce-links~renderThumbsModal~sea~f37cf8a0.88978f37716afab12513.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 22 KB
7 KB 25ms
25ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~curatedHomepage~featureSwitchPageClient~frontPage~modify-commerce-links~renderThumbsModal~sea~f37cf8a0.88978f37716afab12513.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9708fbfcf504ef77c5c4170d1e9db38c159049f8ab47d04f6a452e689cf696aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: DN9SA24MKRFXZKFQ
age: 209634
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 7001
x-amz-id-2: YMXhOjUhg7Mn1Uk49cecD/A7naZS1D4URrHCjXIn3QTjXnddpgsXl3Fn0A9t2BEWsTwFrbVE2x4=
x-served-by: cache-fra-eddf8230106-FRA, cache-fra-eddf8230108-FRA
last-modified: Tue, 23 May 2023 01:32:15 GMT
server: AmazonS3
x-timer: S1685022851.954202,VS0,VE0
etag: "01f64ef2b8592ef8b13bd1f3bfeba967"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 vendor~trackers.9fb1351ec6bf73140995.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 112 KB
40 KB 25ms
25ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.9fb1351ec6bf73140995.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4227e7808bb153943a5c2f8fbb6e877dc2ebea70934f7b223ee112124f8f8d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: PGEEZVQ9VCCW4Z98
age: 1836121
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 40218
x-amz-id-2: 5jifpsZjtZv0rrOi/akEG4E0D7MZjKxR5YPm5um5YpK9BLw2lGscx8SJOa3BVjPYudSjY/Hif+8=
x-served-by: cache-fra-eddf8230116-FRA, cache-fra-eddf8230108-FRA
last-modified: Thu, 04 May 2023 07:48:48 GMT
server: AmazonS3
x-timer: S1685022851.954151,VS0,VE0
etag: "d23e3dc6ce53d9a54501bb981fe30a5b"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~c95cfa11.e37af1917240467a37fa.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 13 KB
4 KB 40ms
38ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~c95cfa11.e37af1917240467a37fa.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ea2884cc810612616bee4d3ce0ee4123102e85eee5ee05053d184d8551f79b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 9HTGMWXK5TH0YDH4
age: 855750
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 4163
x-amz-id-2: 4sUfFbTAl8BhNE4Xj/56YGWjIPc6KsDhSfJrSqy3D07hxzfBSG6WAC53ot8JSORpxC1m8u2RMdY=
x-served-by: cache-fra-eddf8230124-FRA, cache-fra-eddf8230108-FRA
last-modified: Mon, 15 May 2023 16:08:23 GMT
server: AmazonS3
x-timer: S1685022851.958294,VS0,VE0
etag: "1ae06c9ce0636b959907228c65b34bce"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 2

GET
H2 200 adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~476ce8d4.e0038f1cc792e3e1f599.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 22 KB
6 KB 39ms
37ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~476ce8d4.e0038f1cc792e3e1f599.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3a59fb3b16429d5ba9bb966f4b60761352a52a95a8874138001559296c687bc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: GX8Q0NMCPD975YCD
age: 185636
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 5931
x-amz-id-2: tXiNOuw/vEQTLSNPAqXmm4XY3nzWL0zlcNjQOm9otvSq1SWewxzn2kXqwSj6iVLm3YBQXd0GcYs=
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230108-FRA
last-modified: Tue, 23 May 2023 04:48:09 GMT
server: AmazonS3
x-timer: S1685022851.958012,VS0,VE0
etag: "77164b69386d17b0784417c76adcbcee"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~0306840d.2da1d88e0efdd61fee24.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 35 KB
9 KB 38ms
38ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~0306840d.2da1d88e0efdd61fee24.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8cfbb185b57de51b612c207ebaad5d9f8e49a4103d6c94cb5259281f66e7ebc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: WVMGT1NGCZMKANC9
age: 141659
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 9014
x-amz-id-2: w6LpzK2hg9CGkPkIx/ptUjrWly76EXGDhUOzsE5KBh746g2BFxzKMwC3GcJi+yMnhqSzjLTPu1+w5PZce2dK/s4YVlcJ+ptNg2OxwplBIoM=
x-served-by: cache-fra-etou8220030-FRA, cache-fra-eddf8230108-FRA
last-modified: Tue, 23 May 2023 18:41:28 GMT
server: AmazonS3
x-timer: S1685022851.967310,VS0,VE0
etag: "619e3a90a9bfc951a817ceaf1fa87609"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3, 0, 2

GET
H2 200 adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~eeddd51f.2a01509de445418880f9.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 108 KB
44 KB 38ms
38ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~eeddd51f.2a01509de445418880f9.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

acb40f0e0250a0b0b61278541a84c0fd936728dbd16316f3a4695b7cf576147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: BSW0XXQZQ7Z48PGD
age: 224796
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 45003
x-amz-id-2: JGT8J0ZWjjQ5YC09CA2RF6Tkdclje9FUNOszZad6JgiAUGE0/mWitKsmcU2Ea4/CsD/6oGQlF1U=
x-served-by: cache-fra-eddf8230030-FRA, cache-fra-eddf8230108-FRA
last-modified: Mon, 22 May 2023 20:32:34 GMT
server: AmazonS3
x-timer: S1685022851.967407,VS0,VE0
etag: "bd4f39a26d3e92dcd6cb8b2315aaeb07"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 0, 2

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~72064dd3.c7e959d79959a9ff6c7d.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 84 KB
13 KB 30ms
30ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~72064dd3.c7e959d79959a9ff6c7d.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

21f472be68e6b3100bacd2b71ccd1607e9b3145aa8324bbf6d574f6e6c3d4123

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: WBJFYYQM9V8ZR8WS
age: 6924
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 13036
x-amz-id-2: /BkYXhRLgbMTM/nYP29AAlLW6ChY3vWLNzcJWAQxvbHj2eaj1Vgkh1DE1KcgwWaDa08wl5x6c/U=
x-served-by: cache-fra-etou8220100-FRA, cache-fra-eddf8230108-FRA
last-modified: Thu, 25 May 2023 11:53:00 GMT
server: AmazonS3
x-timer: S1685022851.992001,VS0,VE0
etag: "daf7d7508f93072014c2f7794c1ef0da"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 0, 2

GET
H2 200 carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.6f6cb90bc1205838d8d0.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 14 KB
5 KB 15ms
12ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.6f6cb90bc1205838d8d0.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

01c61fa8398bb360b7a71e2e36392400568e53e0c560ac795294826134e58495

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: ZCJ3HG4B8F88RC3W
age: 830183
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 5059
x-amz-id-2: 7PDOgzzLch6UiQD/F2HKlCwPbb4chayPWqlSAFcX2vurA+J5m700opgOu53HZp8qoaYGowvkjddrdqHfA7En2vGXKRX6BQEVVyZ01FlEA6Q=
x-served-by: cache-fra-etou8220023-FRA, cache-fra-eddf8230108-FRA
last-modified: Mon, 15 May 2023 18:06:11 GMT
server: AmazonS3
x-timer: S1685022851.002130,VS0,VE0
etag: "4e950e325096c1d0a28c13eea6bcbf29"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 trackers.0eef6e830a2831703717.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 11 KB
4 KB 12ms
11ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/trackers.0eef6e830a2831703717.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f183ae165bdd51639e9d3f3d1a8f48f0cb5853af1ec99ed28854f49d06bbd88d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 7CBADV71HQSAWTZJ
age: 133996
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 3746
x-amz-id-2: JxpNU9p+t5KV7D9DKmcJzAbJNCPOaqBiYTQTUL7BxLNu/BW8HNY3yxoMY3vno75U0hz2HhiVoZk=
x-served-by: cache-fra-etou8220050-FRA, cache-fra-eddf8230108-FRA
last-modified: Tue, 23 May 2023 04:48:15 GMT
server: AmazonS3
x-timer: S1685022851.001518,VS0,VE0
etag: "f9cb40b5924fb96aca416f153777a230"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 2

GET
H2 200 runtime~curatedHomepage.d65ff67e4785012ea886.js Show response
x.kinja-static.com/assets/new-client/ 28 KB
6 KB 24ms
24ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/runtime~curatedHomepage.d65ff67e4785012ea886.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

db6e3ab6717b58968c7fee557d5e971f6cb50bb0c03ae596748208e22febd93c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 37YGV6VNMBFHHSRS
age: 3
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 5497
x-amz-id-2: hG4MfgzIUONzWGyNL7cR25S/QR5G8KHCGEjBTJM98LjRqeExGEm1vMsKRQq7qdoRkHSVDQd1XaM=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Thu, 25 May 2023 11:53:05 GMT
server: AmazonS3
x-timer: S1685022851.933155,VS0,VE2
etag: "4c0b5ba8e5b1eda5f530de85ee90e317"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~adEditor~alertsUnsubscribePage~biztoolsPage~celebrityPage~channelSectionPage~commerceDashboar~8d04fbb7.a43694a389c65fb3e763.js Show response
x.kinja-static.com/assets/new-client/ 119 KB
33 KB 25ms
25ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~celebrityPage~channelSectionPage~commerceDashboar~8d04fbb7.a43694a389c65fb3e763.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

70cf567f57e13e91d4c7b2442eb95f49764108be111f38589109249933960bb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: WH83JB69TK930YAY
age: 16
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 33702
x-amz-id-2: JAlwzjGHj37O8xb5ecVaiZSm/gJJNB7TGe88Rs8GtV6Uwpio1hE9W+77T3irqW/kmdJ78CSbO5T6XW3diBt9pQ==
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Mon, 15 May 2023 22:07:17 GMT
server: AmazonS3
x-timer: S1685022851.933179,VS0,VE1
etag: "ec60ce99ad7486d0e62544c35712308b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~PlaylistCarousels~YMALModule~adEditor~alertsUnsubscribePage~biztools~car-comparator~car-selec~1e23358a.76dcf4a78395f7e74ea6.js Show response
x.kinja-static.com/assets/new-client/ 5 KB
2 KB 18ms
17ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~PlaylistCarousels~YMALModule~adEditor~alertsUnsubscribePage~biztools~car-comparator~car-selec~1e23358a.76dcf4a78395f7e74ea6.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

221c51d6190d8c5cf2217bc17bc7ed47c99c31528fb2b8800c4c0233742a5038

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: A89G6R39VA17CA3D
age: 77
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1692
x-amz-id-2: XJRFviSDNtPUNhpFIBUnzIryf8sh+8c19tGENwPighJWXZ2Ts3VYXhUCX00lmWY0Jh5T+kPrCJQ=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Mon, 08 May 2023 20:29:11 GMT
server: AmazonS3
x-timer: S1685022851.933118,VS0,VE0
etag: "9ed40de431b082343b1a463413baf555"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~54efeee3.605ac1163a45afc6e8cb.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
1 KB 24ms
24ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~54efeee3.605ac1163a45afc6e8cb.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5db6dc59e662741fc2c7cd4961e31ab13a1afa0bc8efac1ed7fe8aab6ed242eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: K63T0MMKYM355PNS
age: 30
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 805
x-amz-id-2: 25iaKUsxddqUMmzDAaf+ZnCpeuJednv9r2Qpxc+ptJvtu3WtzPethqcQNTjbDBv4hnCjLVDUv+4=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Tue, 23 May 2023 01:32:15 GMT
server: AmazonS3
x-timer: S1685022851.933314,VS0,VE2
etag: "ac36be15eeac89620b4a85d865597139"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~curatedHomepage~frontPage~modify-commerce-links~searchPage~tagPage.77f11d3d0d583d537b53.js Show response
x.kinja-static.com/assets/new-client/ 19 KB
7 KB 41ms
41ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~curatedHomepage~frontPage~modify-commerce-links~searchPage~tagPage.77f11d3d0d583d537b53.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b3f483b4c4f941a7cc1860356329639370e23b643ba93da4be31500be0b4c1ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: XTK8G4ZERYTAA05G
age: 60
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 6518
x-amz-id-2: XOxXBflJE3Jtzoa2M1C7YIHkyXObCY+WyNN2IgC6fasaO795PMV2qjyIOfbwUwnqmDQ6AKJ47rY=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Tue, 23 May 2023 01:32:15 GMT
server: AmazonS3
x-timer: S1685022851.941618,VS0,VE0
etag: "c7097200d8bc0d095ace2acc71d445ea"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~curatedHomepage.d9da915b21ff1bbca473.js Show response
x.kinja-static.com/assets/new-client/ 4 KB
2 KB 40ms
40ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~curatedHomepage.d9da915b21ff1bbca473.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4e654dc4aa833a34b4871aa86e91240fe6b88560fdffcd9b1023d9cc31d1753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 4V86SB01TEXC81QS
age: 94
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1283
x-amz-id-2: HCAR1Lf7o5ukw4VQ43fiiZrUnIc3QBdDPZtFZMP+wzJ1wS+P2s51i5B/OH/pvjujFOkYbGW4EgM=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Mon, 15 May 2023 22:07:18 GMT
server: AmazonS3
x-timer: S1685022851.941472,VS0,VE1
etag: "63343bc59af456cf511770e8acf1469d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 PlaylistCarousels~YMALModule~alerts-form~alerts-modal~biztools~car-comparator~car-selector~car-shopp~c138c134.5300d4e7905bdd642bf7.js Show response
x.kinja-static.com/assets/new-client/ 31 KB
7 KB 41ms
41ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/PlaylistCarousels~YMALModule~alerts-form~alerts-modal~biztools~car-comparator~car-selector~car-shopp~c138c134.5300d4e7905bdd642bf7.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6e575bd6b4933326a8991eb95f551350b3cca9169b7c131313fdc0178453d77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: DPGMHMK79VNWKXFS
age: 23
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 6737
x-amz-id-2: J/pi11ItmNMXJTPx58UDQGE/nJWcbo1tMk794zWB6jdrQkaEyCLEcXcnEepaHNEV1boPKn4j07c=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Mon, 15 May 2023 18:06:11 GMT
server: AmazonS3
x-timer: S1685022851.941208,VS0,VE1
etag: "e5eff1f65b42285b52244b802701cc80"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 curatedHomepage.4d01edb6af3f72a36ed6.js Show response
x.kinja-static.com/assets/new-client/ 108 KB
22 KB 40ms
40ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/curatedHomepage.4d01edb6af3f72a36ed6.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7571dffba6f42b4f8b852eae3006e8882e89cbb3b67fbb849a0819821ae0b5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: DKPH05BQCF2QTG8Z
age: 4
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 22272
x-amz-id-2: Pevko+XOr+VVdJ8D5RaV6KfEW6Qaw+W35JCfj5LzZ3L5ls3DW5A1USb/OJBo+gyvFY/yqjEiaaU=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Thu, 25 May 2023 11:53:01 GMT
server: AmazonS3
x-timer: S1685022851.941164,VS0,VE1
etag: "22ab62593a12590c903dc3986e4b3b0d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 27ms
27ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 381 B
165 B 745ms
745ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3440710234520848&correlator=4180894562124297&eid=31074846&output=ldjh&gdfp_req=1&vrg=202305220101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x520&ifi=3&adks=3426865480&sfv=1-0-40&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-02%26amznbid%3D2%26amznp%3D2%26fr%3Dfalse%26ias-kw%3DIAS_1509460_PG%2CIAS_1500902_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow%26id%3D9ff94365-fb03-11ed-90ee-06d480085c07%26vw05%3D40%26vw%3D40%2C50%2C60&eri=1&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&sc=1&cookie=ID%3D6435e921a52aef89%3AT%3D1685022850%3AS%3DALNI_MYAAKk20znGevJT9vZMXXMx0kGbNg&gpic=UID%3D00000c1bfef4de77%3AT%3D1685022850%3ART%3D1685022850%3AS%3DALNI_MaendXm_-IMH9Z7hrXHclsj9akzrA&abxe=1&dt=1685022850937&lmt=1685022850&dlt=1685022849242&idt=1036&adxs=0&adys=1981&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1286725370.1685022850&ga_sid=1685022850&ga_hid=608437533&ga_fc=false&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGJb6wJmFMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js?cb=31074846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb36e704ef6fbe34301005c259edecfddc4a41d824e3540e436875bf14e774dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 25ms
22ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
20ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 381 B
166 B 980ms
980ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3440710234520848&correlator=4180894562124297&eid=31074846&output=ldjh&gdfp_req=1&vrg=202305220101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x520&ifi=4&adks=753366804&sfv=1-0-40&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-01%26amznbid%3D2%26amznp%3D2%26fr%3Dfalse%26ias-kw%3DIAS_1509460_PG%2CIAS_1500902_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow%26hb_format_criteo%3Dbanner%26hb_size_criteo%3D970x250%26hb_pb_criteo%3D0.10%26hb_adid_criteo%3D79f19ccf1044ceb%26hb_bidder_criteo%3Dcriteo%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.10%26hb_adid%3D79f19ccf1044ceb%26hb_bidder%3Dcriteo&eri=1&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&sc=1&cookie=ID%3D6435e921a52aef89%3AT%3D1685022850%3AS%3DALNI_MYAAKk20znGevJT9vZMXXMx0kGbNg&gpic=UID%3D00000c1bfef4de77%3AT%3D1685022850%3ART%3D1685022850%3AS%3DALNI_MaendXm_-IMH9Z7hrXHclsj9akzrA&abxe=1&dt=1685022851028&lmt=1685022851&dlt=1685022849242&idt=1036&adxs=0&adys=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1286725370.1685022850&ga_sid=1685022850&ga_hid=608437533&ga_fc=false&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGJb6wJmFMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305220101/pubads_impl.js?cb=31074846

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dda64c821b18b8b305880cd5a43d9cc95a279260c2866d1b14467024a5cce3ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.0.1/ 111 KB
31 KB 13ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 1399640
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 31023
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Tue, 09 May 2023 09:06:26 GMT
server: AmazonS3
x-timer: S1685022851.061607,VS0,VE0
etag: "f42b894e197d2128ee7d3b438e0ac56d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Vhm6dOEKajN0FRv5wq0rnJkAbon7mYzOuY27F6XguPOQ7eVWctdV0A==
x-cache-hits: 159731

GET
H2 200 feed-card-placeholder.20230524-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 8ms
8ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230524-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 330b1e9ee51be3e724fa47637a4e97cf7e2f3c8ae353f439282799f15a0f6bfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: lfyBrVDsJa7qlWsoOF.wz8w.10rCEPsF
content-encoding: gzip
via: 1.1 varnish
date: Thu, 25 May 2023 13:54:11 GMT
x-amz-request-id: CYWDF9VR1X9YZ935
age: 99299
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: xnuzLo7R+KHGVqqj1Eh3cSvLWlZ6A72ird4u/+uVOVnjG/p61AsylZcY4wGaiUGaDvTaPnfiGG8=
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Wed, 24 May 2023 10:19:13 GMT
server: AmazonS3
x-timer: S1685022851.058730,VS0,VE0
etag: "45f1858ac9ef49fde8fa2f2e55fb2751"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 42
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 182992

GET
H2 200 cta-component.20230524-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 19 KB
5 KB 11ms
10ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20230524-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bb0e261722b9b5ff76a22157a0a4d2ad2ec47248eb2ed049782bb8492199a70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: OpzNY6pY8ImElEdoHuF.7vnziA.kR7yl
content-encoding: gzip
via: 1.1 varnish
date: Thu, 25 May 2023 13:54:11 GMT
x-amz-request-id: N553KECAR5XDC19A
age: 99317
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4738
x-amz-id-2: bxSzi9q4/YEN3NfNpcqNJ5vAoSqlx9ype1ua+9oUUPSyxLNFTYzboA+WzIVIdBQh9CvqQVpqjS4=
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Wed, 24 May 2023 10:18:54 GMT
server: AmazonS3
x-timer: S1685022851.081280,VS0,VE0
etag: "95587a3e1b0f62754bed3987a3ba5f78"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 42
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 155945

GET
H2 200 userx.20230524-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 11ms
10ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230524-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 332178c76008a6c2d64d1956767df4abcba64c510ba40e92b8cbf374a8ac6ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: k1_fan7vgmB_3l9kVjDOu92GBUoHLR2m
content-encoding: gzip
via: 1.1 varnish
date: Thu, 25 May 2023 13:54:11 GMT
x-amz-request-id: SQK9T3NRN34VH21K
age: 99211
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: V0framZQA7BmcHehoaVklYbJ7XNbkvenuo10g3qWWfaCWvEl4hyeFO7XgKy2v5Vbecs0tX9KZgU=
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Wed, 24 May 2023 10:20:41 GMT
server: AmazonS3
x-timer: S1685022851.082229,VS0,VE0
etag: "6ee9fb9d16a15b75f76ac022d727fe97"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 42
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 46091

GET
H2 200 distance-from-article.20230524-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 12ms
11ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230524-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c93794353afab50509f28bb4792ed22d0e5038b15040fe3a05ba1296b5cc1193

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: mM6nF6tDgjvAkw2DzRZp5uUOH.yu_c8f
content-encoding: gzip
via: 1.1 varnish
date: Thu, 25 May 2023 13:54:11 GMT
x-amz-request-id: BAS62N94S6AZ4NKY
age: 99313
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1135
x-amz-id-2: Ultb/aMZyRDhPTE+yQxFWkKNFpdi4fNRsmBquCMsaNL/g/tBxlZpEV7mPKu8OHUUziem0UMtbF4=
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Wed, 24 May 2023 10:18:59 GMT
server: AmazonS3
x-timer: S1685022851.082572,VS0,VE0
etag: "936b35b504500dd1f56b68c34c54bdcb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 42
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 195413

GET
H2 200 article-detection.20230524-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 12ms
12ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230524-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6be2f75adb91ea6250947c3508fa1a8e76a88c8ac755061454f7cd91fcc04966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: Qwxwh709e4NMP8PyIc2WYzOBW1LF3PPw
content-encoding: gzip
via: 1.1 varnish
date: Thu, 25 May 2023 13:54:11 GMT
x-amz-request-id: KF4EYFAKYBNF8EAV
age: 99333
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1235
x-amz-id-2: 3IGkOQlSvEm0rwbC4o5CSeID9F5RpifGYri21a8Js1MgMEIdfB6mmVaqTap/H6d6G4Q9JtuG+fU=
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Wed, 24 May 2023 10:18:38 GMT
server: AmazonS3
x-timer: S1685022851.082769,VS0,VE0
etag: "f76b2117c2ef4e16f0c8ba3c4b1c37d0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 42
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 207883

POST
H2 204 abtests
am-trc-events.taboola.com/gomedia1-theonion/log/3/ 0
247 B 76ms
27ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/gomedia1-theonion/log/3/abtests?route=AM:AM:V&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1685022851084%7D&tim=13%3A54%3A11.084&id=5921&llvl=2&ri=934d903f53e81bc7b2d4974021b04950&sd=v2_ecf680eca778fd3a7b8a6879f16ffdb8_05091811-1d64-4967-917f-e5caf010baf7-tuctb68ee02_1685022850_1685022850_CIi3jgYQ5LxeGNr7wJmFMSABKAEwODib4wlAiIoQSKW02QNQ____________AVgAYABoju2OwMrc5JWsAXAA&ui=05091811-1d64-4967-917f-e5caf010baf7-tuctb68ee02&pi=/&wi=3642577999104193222&pt=home&vi=1685022850522&
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: https://www.theonion.com
pragma: no-cache
date: Thu, 25 May 2023 13:54:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/gomedia1-theonion/log/3/ 0
231 B 74ms
25ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/gomedia1-theonion/log/3/abtests?route=AM:AM:V&lti=deflated&ri=934d903f53e81bc7b2d4974021b04950&sd=v2_ecf680eca778fd3a7b8a6879f16ffdb8_05091811-1d64-4967-917f-e5caf010baf7-tuctb68ee02_1685022850_1685022850_CIi3jgYQ5LxeGNr7wJmFMSABKAEwODib4wlAiIoQSKW02QNQ____________AVgAYABoju2OwMrc5JWsAXAA&ui=05091811-1d64-4967-917f-e5caf010baf7-tuctb68ee02&pi=/&wi=3642577999104193222&pt=home&vi=1685022850522&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1685022851064%7D&tim=13%3A54%3A11.064&id=8138&llvl=2&cv=20230524-4-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 25 May 2023 13:54:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 9ms
9ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Thu, 25 May 2023 13:54:11 GMT
x-amz-request-id: AYAY8C5RV6VHFQFT
age: 33
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: uXXi/CHzx4H+k/Dav0BANeZz2+huxUaTAYSpYKv6pyAG2ehKzSWgM89aoMgNsGGv1IubO09tKIk=
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1685022851.103340,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 42
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 62

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
361 B 49ms
16ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
168 B 357ms
137ms XHR
application/json 3.208.211.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=GOMEDIA&sv_domain=www.theonion.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.211.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-211-92.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 25 May 2023 13:54:11 GMT
access-control-allow-credentials: true
server: nginx/1.22.0
content-length: 2
vary: Origin
content-type: application/json

GET
H2 451 any Show response
idx.liadm.com/idex/ie/ 121 B
475 B 324ms
104ms XHR
application/json 34.192.8.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/ie/any

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.8.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-8-210.compute-1.amazonaws.com

Software

Resource Hash

381a36dedfb411e7e88cfe6ab8f387e5773f30361b80aa61fbc4eac8bf99a9cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 0
content-type: application/json
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
trace-id: 70e7c4af6533f4f5
content-length: 121

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
391 B 261ms
47ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183957&gdpr=0
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 51f872a9c5227d921e9f8c74ba58c6cf16af4a29391d720a3c2858c0fa426c88

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 24 Jun 2023 13:54:11 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
440 B 54ms
14ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 158ms
21ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FBJXBGD4M8&gtm=45je35m0&_p=608437533&cid=1286725370.1685022850&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685022851&sct=1&seg=0&dl=https%3A%2F%2Fwww.theonion.com%2F&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&uid=none&en=page_view&_fv=1&_ss=1&ep.site_section=1636079510&ep.content_channel=none&ep.content_section=none&ep.content_subsection=none&ep.content_role=&ep.adblock=false&ep.content_type=frontpage&up.adblock=false&up.user_type=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pid Show response
www.theonion.com/api/magma/veritas/ 40 B
869 B 124ms
123ms Fetch
text/html 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/magma/veritas/pid?cb=1685022851214

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.9fb1351ec6bf73140995.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

1438700bc5c08c81bbc8eab227772b9898a6cc68a8e66a2fb8b366a663a29b74

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-kinja-server: kinja-magma-kube03-5558bfc4db-zs4rl
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
date: Thu, 25 May 2023 13:54:11 GMT
x-kinja-gdpr: true
x-kinja-build: 4131
x-powered-by: Express
x-cache: MISS, MISS, MISS
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja: kinja-magma-kube03-5558bfc4db-zs4rl #4131
x-cdn-fetch: mantle-nocache
content-length: 40
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000176-IAD, cache-iad-kiad7000055-IAD, cache-fra-eddf8230108-FRA
x-googlenews-bot: false
x-timer: S1685022851.218869,VS0,VE115
etag: W/"28-fPHMXDOQ+nKv3xsMugZz1zawKR8"
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location
content-type: text/html; charset=utf-8
cache-control: private, no-store, no-cache
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-kinja-revision: b5aaaf53a1801213237c1e82ed4514407cedfce4
x-cache-hits: 0, 0, 0

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://kinja-com.videoplayerhub.com/gallery.js
https://btloader.com/tag?h=kinja-com&upapi=true

15 KB
7 KB

83ms
32ms

Script
application/javascript

2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=kinja-com&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e38c603e1aabecdf282291958cfdfcabb2b53b5a69c13edf125ec5bedc2afee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 May 2023 13:40:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 672
etag: W/"0f0efaee1605d601c2d37f8e5a47070a"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cELUi49F3AOvo5NsXesmQTjm1QFjIgbRU6usoUGJS2Fi%2BnvS12caPfM03i2nCgvSmHgkDZchhTSp50xi%2Bfk9Q%2FZWyX3tQVZ77x5DE2FRk%2Bym%2FVf%2By10TeSqq3WennMciA2w0tEMO2XS8AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7cce44d63fc82c2e-FRA

Redirect headers

date: Thu, 25 May 2023 13:54:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFGWjfyPUzFNTjSn149RBnioRBNKC0rhmbVrnjmis8aatjOxVPthuPdxPYyi4uM4al7sbRPrvGVECiv4RcuOg5WJ2bjL5ZFeePNY21lydfIgYBJDWZ%2FkTJZnpfYUh4qBPS3jiFzRnr4pVl5yuxP8n5BtwfkFRsZ6Nfw%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=kinja-com&upapi=true
cache-control: max-age=3600
cf-ray: 7cce44d4fa5b6916-FRA
expires: Thu, 25 May 2023 14:54:11 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 144ms
14ms Script
application/x-javascript 2600:9000:2057:8000:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8000:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 00:57:29 GMT
content-encoding: gzip
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 46602
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 28fPsoJwwr061JWwY8LCmQf5BH3l28qeYZyMojUVlmqGqZ5cluIoVw==
expires: Fri, 26 May 2023 00:57:29 GMT

GET
H2 200 iframe-communication.b8862d0cd27d574861d9.js Show response
x.kinja-static.com/assets/new-client/ 3 KB
1 KB 21ms
21ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/iframe-communication.b8862d0cd27d574861d9.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dbca21de82ba69b1bc23cd1c49721d7b763db98007a74397ad196d494e552f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: CWGJ5P5Z7F9DVQBZ
age: 50
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1218
x-amz-id-2: sPgt7pWc4f5+4kHKU0wuRguPUsu0JQ2NeDjVsVujMzrjik6N9zo2bQP4g6v0OrAId0Av1BQgyzM=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Mon, 08 May 2023 20:29:09 GMT
server: AmazonS3
x-timer: S1685022851.244773,VS0,VE0
etag: "aa0ce04290e2a01380cb9b1ab0a85b3f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 next-video-loader.d46c5121ebeea651b02b.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
1008 B 20ms
19ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/next-video-loader.d46c5121ebeea651b02b.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b5499c873a87eb32edcdf9e4591b91193a980cc9ed71ae80d56466f20ac33980

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 3H952SKEDPX9RB64
age: 116
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 709
x-amz-id-2: kxCVotVfNx22SxYtUSI6tSKChn3y45xPaArinw+mQhLhppPzu4AnuSqPaTppV0Hjv5mpQPsKIanvR8rRqOiP5VP29Tkhk9IC
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Thu, 04 May 2023 07:48:45 GMT
server: AmazonS3
x-timer: S1685022851.248958,VS0,VE0
etag: "6494b5ed31d4500afb848ec5a1ef4c7d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 adEditorComponent~api-video-meta~feed-stream-load-more~getShowBrowserData~in-article-selector~render~352baa22.6071083b0d296c14c828.js Show response
x.kinja-static.com/assets/new-client/ 7 KB
2 KB 20ms
20ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/adEditorComponent~api-video-meta~feed-stream-load-more~getShowBrowserData~in-article-selector~render~352baa22.6071083b0d296c14c828.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

73e0b4849267d52ad5b7ec2770d92fb24b85b127aa7ae835700f6d5d0e755c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 4BJ6F6SWX6GRDM7D
age: 41
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1899
x-amz-id-2: qTnXRtX7ejoyyPVbUW4dA/a3QfmcX6M5i0p0K0IaVGJb6McksTvrD9Qu4yK8ijRJzANjt9ioUHw=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Tue, 09 May 2023 18:26:35 GMT
server: AmazonS3
x-timer: S1685022851.249099,VS0,VE0
etag: "5cf61bd843998ad94ef5b09e6853d38b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 api-video-meta.0f24c8b17bc45e467906.js Show response
x.kinja-static.com/assets/new-client/ 5 KB
2 KB 20ms
20ms Script
application/javascript 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/api-video-meta.0f24c8b17bc45e467906.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a7ebec103c04aedd9c1b8e8136c0afc3d979b46c8d1cc92f8a4a9ea62dc6f3aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: DRS7YD0BTC56RS4M
age: 33
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1699
x-amz-id-2: RLDdwnQLDo25cMSwxeLgF5QJ3pO+9lJLNTo9XMLabCZUxb74AoQnHZCXxAl0uroIN+5vFhnj5qs=
x-served-by: cache-fra-eddf8230108-FRA
last-modified: Tue, 16 May 2023 21:57:01 GMT
server: AmazonS3
x-timer: S1685022851.249688,VS0,VE3
etag: "7dff80ea9d7a867ec9f469e1ff8843e5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
261 B 159ms
52ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 25 May 2023 13:54:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 roboto_condensed_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 15 KB
16 KB 13ms
13ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_bold-webfont.woff2?11012022

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: GCSMRVJXDDS48WB9
age: 18
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 15660
x-amz-id-2: MFymAouKCPN+z67dmwLx9HJmPb6P+cZz7LizC5BV5onV/uwT7hXQTqWDuwHNVnaxDUaQ46p4tZ8=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Fri, 13 Jan 2023 15:40:57 GMT
server: AmazonS3
x-timer: S1685022851.257262,VS0,VE0
etag: "d7b0b953a50fddaa88089b5b787cf719"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 roboto_condensed_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 15 KB
16 KB 13ms
13ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_reg-webfont.woff2?11012022

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 563YCJKW05V1F2RY
age: 82
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 15700
x-amz-id-2: AOKxzz7KSbFSOyL3zNGyVkWEUqPiBupH3OftBYWSJZHKHUSOjz1C4hDPF5kql0C5GChjPyVv8j21pmB3FP+uCktlL1r9aUcS
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Fri, 13 Jan 2023 15:40:59 GMT
server: AmazonS3
x-timer: S1685022851.257502,VS0,VE0
etag: "3d7f7413fca69bff4d231ebdc50aaab0"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/ 18 KB
18 KB 12ms
12ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: RH7Z9QBPZWY74SJ8
age: 72
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17984
x-amz-id-2: eAmZTngXZqKd7eCKSQLSNd4IPWfqZcPz7aUqtmmS1NSy6XX6aMfMfC0toSsVdi6PPyWM38Aiq7M=
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Tue, 16 May 2023 21:52:45 GMT
server: AmazonS3
x-timer: S1685022851.257616,VS0,VE0
etag: "0518781cd45a71291d17ea1febfcc5fe"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 204 abtests
am-trc-events.taboola.com/gomedia1-theonion/log/3/ 0
230 B 17ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/gomedia1-theonion/log/3/abtests?route=AM:AM:V&lti=deflated&ri=934d903f53e81bc7b2d4974021b04950&sd=v2_ecf680eca778fd3a7b8a6879f16ffdb8_05091811-1d64-4967-917f-e5caf010baf7-tuctb68ee02_1685022850_1685022850_CIi3jgYQ5LxeGNr7wJmFMSABKAEwODib4wlAiIoQSKW02QNQ____________AVgAYABoju2OwMrc5JWsAXAA&ui=05091811-1d64-4967-917f-e5caf010baf7-tuctb68ee02&pi=/&wi=3642577999104193222&pt=home&vi=1685022850522&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%2272.125%22%2C%22eventTime%22%3A1685022851334%7D&tim=13%3A54%3A11.334&id=2833&llvl=2&cv=20230524-4-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 25 May 2023 13:54:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
369 B 78ms
25ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 25ms
25ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=608437533&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABFAQCACAAI~&jid=1955691206&gjid=1494531264&cid=1286725370.1685022850&tid=UA-223393-1&_gid=1225600693.1685022852&_r=1&_slc=1&cd34=none&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=frontpage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=frontpage&cd134=1&z=1283654104

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 24ms
24ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=608437533&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABFAQCACAAI~&jid=548518163&gjid=1229815925&cid=1286725370.1685022850&tid=UA-142218-33&_gid=1225600693.1685022852&_r=1&_slc=1&cd34=none&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=frontpage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=frontpage&cd134=1&z=1513930250

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
53ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305220101&jk=3440710234520848&bg=!2dql2o7NAAZ8_aWmXP07ADkAdvg8WtYM1dQq1hSOXPVAoehLKkxQWW1De6SnNi2uLOmlvdI2oJS3h6DSy22C4F2uDWpNJRaAwEYCAAAAY1IAAAACaAEHCgB3A4CHdvAdFGfJkaeOxTMUvB3jNqSmywJnOvAq-277S_OLHU4Zt53Dh9sGmbhQr06kUy5mMZuJYqYT8izWvGHULmnaK1PkVlRdO65xXvD9imIgp1qIYzP-ewGrRNgjs8_zkZ0X1SDTvFjd46xprq6XE-HNDkd-JZyZApuxX1MP9SXh4dSJNWdxACNyCsqJLfIfXMG8T0dwMoo2edPK3s645Q65MK3-gQQkr4yOVeAd0Sylvqo0uOfJCHa4sXHl-_o22gNrNBSmTecqZZdKFHKIXNTbSjyHLz8lkjij62SxPa7hl4PzBhDnTn73v0NzTMlGvt6P1iP5Btiv7O_HdOIxAFNuoSFbhmAOrQwgNbVIKOAknT3WrbN-MCGPjQ9u4mqgSgeJ1PtYCwA_ttl3x4yKTPXFCnzUT54qMMJcy7s4vF1QjfiuiQA-m02RUZ9iolMugEn0Ezy_IVVFlg3O1J_cqVzQOkSE62EBkNpYWkk7ii6yF0njzE8RcW-_XnrEUcEKBJWNX6w4PiqK5cKltC_6fqkDt8PSUCDnaIcXfbbOUM7ApsPJySusLFesnjGjCvrptmQMNWszzWySoDHS6CZNs1-S562sd2fQU6arnipVNdeC-jkWH7cZbV1qku5jdXz-9xmeOdc7A_xUh_Pcny0oJ3bYkmkrJaPhKeXne0J2OwtjAM-OG2TeAxgsLSCEJjkTHJR3gw3IwXXkAAH9yhtz9iPVNxj0Kl0B83J93Lk4TOYkTbJXixWY_c3P427FVrZ8JevbADXtKNYQf2z9NN68MiD_iByY4KaUw4fVin-K7l2-l23aL_9-OaamVdPbhzLddezufZJtR12TLiwaBdELdUXxRgDPMEhcapybylrU0GV9K5hJAI2Q8yVzpie20OytAVmx03GkH1lzhI3kfwrzF6xZI2rBjfteR_HUrMsYWutBaHnXJ1rLpvXACx03t59fYZbDPwVo6SeauAvZMGc84f6iq4T1fZ4VMgvfUYj9We9h9GzFyEzvxjNgGauzv2z1_-BDDvo7eqFnE5u6C3bImnt-ZmG8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
508 B 90ms
34ms XHR
text/plain 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=365217&u=https%3A%2F%2Fwww.theonion.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVtrGavoUVsmqaxu8m6xpTrudhatuCl7Sf6Lw8gScpKpt%2BweI62K0gnu47Qf%2BRilL99LtcnYkMv79i3p3fmOsTud%2FeKMo4H4T7PUCNj2%2B8v80%2BlYaGlzopJF%2BRUrgp%2BqUBI%2FzSVr%2FpQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7cce44d678b79b4c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 info Show response
www.theonion.com/api/veritas/ 92 B
781 B 135ms
135ms Fetch
application/json 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/veritas/info?pi=50e5d5e8265421bfb3ffab5c5f5c5462422a4853&cb=1685022851542

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.9fb1351ec6bf73140995.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c9c3c0e5c963f8122f31d0d501e95e65fb4348af55a6aa6f6dd7c703c0957562

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 25 May 2023 13:54:11 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: master-only
x-kinja-gdpr: true
age: 0
x-cache: MISS, MISS, MISS
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 107
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100102-IAD, cache-iad-kjyo7100095-IAD, cache-fra-eddf8230072-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1685022852.560786,VS0,VE111
x-frame-options: DENY
vary: Accept-Encoding, Authorization, X-Valid-Scroll-User
content-type: application/json
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

POST
H2 200 b
www.theonion.com/api/veritas/ 0
0 131ms
131ms Fetch 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/veritas/b?debug=0

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.9fb1351ec6bf73140995.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-Veritas-Version: 1.1.2
Content-Encoding: gzip
Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self'
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 25 May 2023 13:54:11 GMT
x-permitted-cross-domain-policies: master-only
x-kinja-gdpr: true
x-cache: MISS, MISS, MISS
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-nocache
content-length: 0
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200171-IAD, cache-iad-kcgs7200171-IAD, cache-fra-eddf8230072-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1685022852.567637,VS0,VE108
x-frame-options: DENY
cache-control: no-cache, no-store, private
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 337ms
109ms Image
image/gif 3.229.72.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=theonion.com&p=%2F&u=DgwuT_BoMGv8BMnpuC&d=theonion.com&g=3012&g0=www.theonion.com&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=7010&o=4000&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.theonion.com%2F&b=751&t=BS8RYgBDozhiD79UhwBYTMO1OjbW&V=139&i=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&tz=0&sn=1&sv=DEk4BWCRfFUsrxyHhBRA05PD_L2bR&sd=1&im=067b2ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.72.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-72-78.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 25 May 2023 13:54:11 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 101ms
36ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-223393-1&cid=1286725370.1685022850&jid=1955691206&gjid=1494531264&_gid=1225600693.1685022852&_u=aCDACEAAFAQCACAAI~&z=2060792238

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 25 May 2023 13:54:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 101ms
37ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-142218-33&cid=1286725370.1685022850&jid=548518163&gjid=1229815925&_gid=1225600693.1685022852&_u=aCDACEABFAQCACAAI~&z=1029931945

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 25 May 2023 13:54:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
929 B 80ms
30ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2531158
x-guploader-uploadid: ADPycdvro_DwRxT_Br0Skpvaw8cpnJbx6bo-pAn6xAmjgFTsIdShyUilOSMOPi8r905kHylNuwuT1giagd7eelg0YwsAFQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaBRIdRci%2BQ0wRfkWyd%2F8ISnAqjn4MiqN01GZnqvs66gynUGYyzYt723pxGnBBLuvnnlNq8Y9hdeg34wl5UJNcL9rgYWpvQ6nFOAbYcXQ4NqfK5rxTVQ3NTYvMaDOHDJ10zvwOyWq%2FtBBg9gmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7cce44d6cf813616-FRA
expires: Wed, 26 Apr 2023 07:37:34 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 84ms
22ms Image
image/x-icon 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 10:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 May 2023 10:36:20 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
337 B 80ms
30ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.13927215376626045
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2531158
x-guploader-uploadid: ADPycdvro_DwRxT_Br0Skpvaw8cpnJbx6bo-pAn6xAmjgFTsIdShyUilOSMOPi8r905kHylNuwuT1giagd7eelg0YwsAFQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5G4CTb0XQWgryb3gP61lI4f6eywiNNZkahvOPcXba1atROjE1IwLc7ErsLbZ6QUOpJbi6Tj9h26FuYM%2BIxwEGyatJUi3uHxTIGR4N%2FTji5sBVM0Fthue4ssLd0Y5fA5%2F%2FU47le4SYuO0h0ayAg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7cce44d6cf833616-FRA
expires: Wed, 26 Apr 2023 07:37:34 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame D204 439 B
351 B 39ms
38ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Oh0CLAYAu0NBPJhBuBAAdoeCeDCDcCkAAABgYID-AMnNjMvZYmJxSywzz1q0cMzcwplltBYtFibnxOLxOBeTISC5mXE5W0wsboll5lmLFo6ZWzizjNaixcLknFg8HudiMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQwH6j3eUPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzhfSFNjxHnTSZSMFmEEQAAAABJo7qjI5N0gopFlf___34rAFcAAAIQp2B8CLPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QlPBjmiAGFHs1v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLTgCsTkDMDgAAAMCd____fzx4GfJVStSGqXpAymOzDQcrj8O3G85MnoVvYlzYhrvlzDGb2UwW4_bYc7LyJT6Wz_UREZbZ7zsI-W6X4eFzGURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsdgM0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoHVYLkYLhZrxcg2WouWs91audjN3CrXxmEzLAYTh823Fr0-pottuHIZJlskGGCyF8nTIp0oN6ORc7CZuTYr42Li8U0sI9NyNxpMFhPDaLkaTMQSzckincgu-5bHZhsOVh6HbzecmTwL38S4sA13y5ljNrOZLMZ9YTVYLoaLxVoxso3WouVst1YudjO3yrVx2AyLwcRh861Fr4_pYhuuXIbJvjEbrgaTyXA12Ddmw9VgMhmuBvsOk-mZ-pyN1pj48tEpv92VbWNzGhQug8X7k5gW0-7sYDr5jk6XV5gs6ox-v9_v9_v9fr_fb9B6DmaDwre6Lnvem_JxTXmdB7HBoIglgot0ovO7XSanw7EWHV1-u9Nvt4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jhhjN5rrBXLHYzXWLVQIAAAAAAAAAsATTTDcBAAAAcDKo4XKxmK3TwUyGs8VotlwAF55kun54D0z7jMozd8k0JpBdCMkYF2vssYjzu10mp8OxFh1dfrvTb7cygAtPK2abfUYQa7Va1gAAAASwAQAACHDTjTcB51Xc_____zgAAAAycugBAADQ7wOisjMzMzMz40eQw9lo_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1685022851614&uv=3284&tms=1685022851614&abt=dfrc_vB!nonrv_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=7f8961bb-b2f3-4a1f-8f24-41ad9bbcc912&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fbaaa7c9441f93f752065674978a9b6cd685bdf43e6f0a988a3b4c14b08ba1ab

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Thu, 25 May 2023 13:54:11 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230041-FRA
x-timer: S1685022852.638152,VS0,VE10

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 3E88 422 B
507 B 43ms
31ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8Oh0CLAYAu0NBPJhBuBAAdoeCeDCDcCkAAABgYID-AMnNjMvZYmJxSywzz1q0cMzcwplltBYtFibnxOLxOBeTISC5mXE5W0wsboll5lmLFo6ZWzizjNaixcLknFg8HudiMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQwH6j3eUPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzhfSFNjxHnTSZSMFmEEQAAAABJo7qjI5N0gopFlf___34rAFcAAAIQp2B8CLPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QlPBjmiAGFHs1v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLTgCsTkDMDgAAAMCd____fzx4GfJVStSGqXpAymOzDQcrj8O3G85MnoVvYlzYhrvlzDGb2UwW4_bYc7LyJT6Wz_UREZbZ7zsI-W6X4eFzGURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsdgM0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoHVYLkYLhZrxcg2WouWs91audjN3CrXxmEzLAYTh823Fr0-pottuHIZJlskGGCyF8nTIp0oN6ORc7CZuTYr42Li8U0sI9NyNxpMFhPDaLkaTMQSzckincgu-5bHZhsOVh6HbzecmTwL38S4sA13y5ljNrOZLMZ9YTVYLoaLxVoxso3WouVst1YudjO3yrVx2AyLwcRh861Fr4_pYhuuXIbJvjEbrgaTyXA12Ddmw9VgMhmuBvsOk-mZ-pyN1pj48tEpv92VbWNzGhQug8X7k5gW0-7sYDr5jk6XV5gs6ox-v9_v9_v9fr_fb9B6DmaDwre6Lnvem_JxTXmdB7HBoIglgot0ovO7XSanw7EWHV1-u9Nvt4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jhhjN5rrBXLHYzXWLVQIAAAAAAAAAsATTTDcBAAAAcDKo4XKxmK3TwUyGs8VotlwAF55kun54D0z7jMozd8k0JpBdCMkYF2vssYjzu10mp8OxFh1dfrvTb7cygAtPK2abfUYQa7Va1gAAAASwAQAACHDTjTcB51Xc_____zgAAAAycugBAADQ7wOisjMzMzMz40eQw9lo_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8f93b86f56e9342ce4c83e436ec5646bef5c14da83b143418abc4335bece2d8e

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 25 May 2023 13:54:11 GMT
machineid: 3407
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 41ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Oh0CLAYAu0NBPJhBuBAAdoeCeDCDcCkAAABgYID-AMnNjMvZYmJxSywzz1q0cMzcwplltBYtFibnxOLxOBeTISC5mXE5W0wsboll5lmLFo6ZWzizjNaixcLknFg8HudiMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQwH6j3eUPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzhfSFNjxHnTSZSMFmEEQAAAABJo7qjI5N0gopFlf___34rAFcAAAIQp2B8CLPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QlPBjmiAGFHs1v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLTgCsTkDMDgAAAMCd____fzx4GfJVStSGqXpAymOzDQcrj8O3G85MnoVvYlzYhrvlzDGb2UwW4_bYc7LyJT6Wz_UREZbZ7zsI-W6X4eFzGURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsdgM0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoHVYLkYLhZrxcg2WouWs91audjN3CrXxmEzLAYTh823Fr0-pottuHIZJlskGGCyF8nTIp0oN6ORc7CZuTYr42Li8U0sI9NyNxpMFhPDaLkaTMQSzckincgu-5bHZhsOVh6HbzecmTwL38S4sA13y5ljNrOZLMZ9YTVYLoaLxVoxso3WouVst1YudjO3yrVx2AyLwcRh861Fr4_pYhuuXIbJvjEbrgaTyXA12Ddmw9VgMhmuBvsOk-mZ-pyN1pj48tEpv92VbWNzGhQug8X7k5gW0-7sYDr5jk6XV5gs6ox-v9_v9_v9fr_fb9B6DmaDwre6Lnvem_JxTXmdB7HBoIglgot0ovO7XSanw7EWHV1-u9Nvt4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jhhjN5rrBXLHYzXWLVQIAAAAAAAAAsATTTDcBAAAAcDKo4XKxmK3TwUyGs8VotlwAF55kun54D0z7jMozd8k0JpBdCMkYF2vssYjzu10mp8OxFh1dfrvTb7cygAtPK2abfUYQa7Va1gAAAASwAQAACHDTjTcB51Xc_____zgAAAAycugBAADQ7wOisjMzMzMz40eQw9lo_wBUiLVarW431mq1AA!&cmcv=&pix=31589837&cb=1685022851614&uv=3284&tms=1685022851614&abt=dfrc_vB!nonrv_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1685022849064.8!ts:1685022851614&mntl=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
content-length: 0
server: nginx

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D204 70 B
264 B 56ms
54ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Oh0CLAYAu0NBPJhBuBAAdoeCeDCDcCkAAABgYID-AMnNjMvZYmJxSywzz1q0cMzcwplltBYtFibnxOLxOBeTISC5mXE5W0wsboll5lmLFo6ZWzizjNaixcLknFg8HudiMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQwH6j3eUPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzhfSFNjxHnTSZSMFmEEQAAAABJo7qjI5N0gopFlf___34rAFcAAAIQp2B8CLPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QlPBjmiAGFHs1v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLTgCsTkDMDgAAAMCd____fzx4GfJVStSGqXpAymOzDQcrj8O3G85MnoVvYlzYhrvlzDGb2UwW4_bYc7LyJT6Wz_UREZbZ7zsI-W6X4eFzGURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsdgM0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoHVYLkYLhZrxcg2WouWs91audjN3CrXxmEzLAYTh823Fr0-pottuHIZJlskGGCyF8nTIp0oN6ORc7CZuTYr42Li8U0sI9NyNxpMFhPDaLkaTMQSzckincgu-5bHZhsOVh6HbzecmTwL38S4sA13y5ljNrOZLMZ9YTVYLoaLxVoxso3WouVst1YudjO3yrVx2AyLwcRh861Fr4_pYhuuXIbJvjEbrgaTyXA12Ddmw9VgMhmuBvsOk-mZ-pyN1pj48tEpv92VbWNzGhQug8X7k5gW0-7sYDr5jk6XV5gs6ox-v9_v9_v9fr_fb9B6DmaDwre6Lnvem_JxTXmdB7HBoIglgot0ovO7XSanw7EWHV1-u9Nvt4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jhhjN5rrBXLHYzXWLVQIAAAAAAAAAsATTTDcBAAAAcDKo4XKxmK3TwUyGs8VotlwAF55kun54D0z7jMozd8k0JpBdCMkYF2vssYjzu10mp8OxFh1dfrvTb7cygAtPK2abfUYQa7Va1gAAAASwAQAACHDTjTcB51Xc_____zgAAAAycugBAADQ7wOisjMzMzMz40eQw9lo_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1685022851614&uv=3284&tms=1685022851614&abt=dfrc_vB!nonrv_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=7f8961bb-b2f3-4a1f-8f24-41ad9bbcc912&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 25 May 2023 13:54:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 05091811-1d64-4967-917f-e5caf010baf7-tuctb68ee02
pr-bh.ybp.yahoo.com/sync/taboola/ Frame D204 43 B
426 B 142ms
45ms Image
image/gif 2a05:d018:d29:3602:d19f:1de7:e73f:73f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/05091811-1d64-4967-917f-e5caf010baf7-tuctb68ee02?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Oh0CLAYAu0NBPJhBuBAAdoeCeDCDcCkAAABgYID-AMnNjMvZYmJxSywzz1q0cMzcwplltBYtFibnxOLxOBeTISC5mXE5W0wsboll5lmLFo6ZWzizjNaixcLknFg8HudiMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQwH6j3eUPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzhfSFNjxHnTSZSMFmEEQAAAABJo7qjI5N0gopFlf___34rAFcAAAIQp2B8CLPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QlPBjmiAGFHs1v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLTgCsTkDMDgAAAMCd____fzx4GfJVStSGqXpAymOzDQcrj8O3G85MnoVvYlzYhrvlzDGb2UwW4_bYc7LyJT6Wz_UREZbZ7zsI-W6X4eFzGURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsdgM0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoHVYLkYLhZrxcg2WouWs91audjN3CrXxmEzLAYTh823Fr0-pottuHIZJlskGGCyF8nTIp0oN6ORc7CZuTYr42Li8U0sI9NyNxpMFhPDaLkaTMQSzckincgu-5bHZhsOVh6HbzecmTwL38S4sA13y5ljNrOZLMZ9YTVYLoaLxVoxso3WouVst1YudjO3yrVx2AyLwcRh861Fr4_pYhuuXIbJvjEbrgaTyXA12Ddmw9VgMhmuBvsOk-mZ-pyN1pj48tEpv92VbWNzGhQug8X7k5gW0-7sYDr5jk6XV5gs6ox-v9_v9_v9fr_fb9B6DmaDwre6Lnvem_JxTXmdB7HBoIglgot0ovO7XSanw7EWHV1-u9Nvt4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jhhjN5rrBXLHYzXWLVQIAAAAAAAAAsATTTDcBAAAAcDKo4XKxmK3TwUyGs8VotlwAF55kun54D0z7jMozd8k0JpBdCMkYF2vssYjzu10mp8OxFh1dfrvTb7cygAtPK2abfUYQa7Va1gAAAASwAQAACHDTjTcB51Xc_____zgAAAAycugBAADQ7wOisjMzMzMz40eQw9lo_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1685022851614&uv=3284&tms=1685022851614&abt=dfrc_vB!nonrv_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=7f8961bb-b2f3-4a1f-8f24-41ad9bbcc912&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:d19f:1de7:e73f:73f7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame D204 0
125 B 73ms
20ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3E88 70 B
264 B 51ms
51ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Oh0CLAYAu0NBPJhBuBAAdoeCeDCDcCkAAABgYID-AMnNjMvZYmJxSywzz1q0cMzcwplltBYtFibnxOLxOBeTISC5mXE5W0wsboll5lmLFo6ZWzizjNaixcLknFg8HudiMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQwH6j3eUPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzhfSFNjxHnTSZSMFmEEQAAAABJo7qjI5N0gopFlf___34rAFcAAAIQp2B8CLPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QlPBjmiAGFHs1v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLTgCsTkDMDgAAAMCd____fzx4GfJVStSGqXpAymOzDQcrj8O3G85MnoVvYlzYhrvlzDGb2UwW4_bYc7LyJT6Wz_UREZbZ7zsI-W6X4eFzGURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsdgM0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoHVYLkYLhZrxcg2WouWs91audjN3CrXxmEzLAYTh823Fr0-pottuHIZJlskGGCyF8nTIp0oN6ORc7CZuTYr42Li8U0sI9NyNxpMFhPDaLkaTMQSzckincgu-5bHZhsOVh6HbzecmTwL38S4sA13y5ljNrOZLMZ9YTVYLoaLxVoxso3WouVst1YudjO3yrVx2AyLwcRh861Fr4_pYhuuXIbJvjEbrgaTyXA12Ddmw9VgMhmuBvsOk-mZ-pyN1pj48tEpv92VbWNzGhQug8X7k5gW0-7sYDr5jk6XV5gs6ox-v9_v9_v9fr_fb9B6DmaDwre6Lnvem_JxTXmdB7HBoIglgot0ovO7XSanw7EWHV1-u9Nvt4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jhhjN5rrBXLHYzXWLVQIAAAAAAAAAsATTTDcBAAAAcDKo4XKxmK3TwUyGs8VotlwAF55kun54D0z7jMozd8k0JpBdCMkYF2vssYjzu10mp8OxFh1dfrvTb7cygAtPK2abfUYQa7Va1gAAAASwAQAACHDTjTcB51Xc_____zgAAAAycugBAADQ7wOisjMzMzMz40eQw9lo_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 25 May 2023 13:54:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 05091811-1d64-4967-917f-e5caf010baf7-tuctb68ee02
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 3E88 43 B
425 B 135ms
45ms Image
image/gif 2a05:d018:d29:3602:d19f:1de7:e73f:73f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/05091811-1d64-4967-917f-e5caf010baf7-tuctb68ee02?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Oh0CLAYAu0NBPJhBuBAAdoeCeDCDcCkAAABgYID-AMnNjMvZYmJxSywzz1q0cMzcwplltBYtFibnxOLxOBeTISC5mXE5W0wsboll5lmLFo6ZWzizjNaixcLknFg8HudiMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQwH6j3eUPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzhfSFNjxHnTSZSMFmEEQAAAABJo7qjI5N0gopFlf___34rAFcAAAIQp2B8CLPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QlPBjmiAGFHs1v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLTgCsTkDMDgAAAMCd____fzx4GfJVStSGqXpAymOzDQcrj8O3G85MnoVvYlzYhrvlzDGb2UwW4_bYc7LyJT6Wz_UREZbZ7zsI-W6X4eFzGURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsdgM0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoHVYLkYLhZrxcg2WouWs91audjN3CrXxmEzLAYTh823Fr0-pottuHIZJlskGGCyF8nTIp0oN6ORc7CZuTYr42Li8U0sI9NyNxpMFhPDaLkaTMQSzckincgu-5bHZhsOVh6HbzecmTwL38S4sA13y5ljNrOZLMZ9YTVYLoaLxVoxso3WouVst1YudjO3yrVx2AyLwcRh861Fr4_pYhuuXIbJvjEbrgaTyXA12Ddmw9VgMhmuBvsOk-mZ-pyN1pj48tEpv92VbWNzGhQug8X7k5gW0-7sYDr5jk6XV5gs6ox-v9_v9_v9fr_fb9B6DmaDwre6Lnvem_JxTXmdB7HBoIglgot0ovO7XSanw7EWHV1-u9Nvt4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jhhjN5rrBXLHYzXWLVQIAAAAAAAAAsATTTDcBAAAAcDKo4XKxmK3TwUyGs8VotlwAF55kun54D0z7jMozd8k0JpBdCMkYF2vssYjzu10mp8OxFh1dfrvTb7cygAtPK2abfUYQa7Va1gAAAASwAQAACHDTjTcB51Xc_____zgAAAAycugBAADQ7wOisjMzMzMz40eQw9lo_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:d19f:1de7:e73f:73f7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 3E88 43 B
146 B 73ms
22ms Image
image/gif 3.72.30.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Oh0CLAYAu0NBPJhBuBAAdoeCeDCDcCkAAABgYID-AMnNjMvZYmJxSywzz1q0cMzcwplltBYtFibnxOLxOBeTISC5mXE5W0wsboll5lmLFo6ZWzizjNaixcLknFg8HudiMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQwH6j3eUPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAzhfSFNjxHnTSZSMFmEEQAAAABJo7qjI5N0gopFlf___34rAFcAAAIQp2B8CLPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QlPBjmiAGFHs1v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLTgCsTkDMDgAAAMCd____fzx4GfJVStSGqXpAymOzDQcrj8O3G85MnoVvYlzYhrvlzDGb2UwW4_bYc7LyJT6Wz_UREZbZ7zsI-W6X4eFzGURF19tidzjNnoP4oGFYTgbB_EzYYrSaTDbL4Wy5mAyGo-FotD8DsdgM0EQMlsvJZDHZrUar0Wa4G80GCyQQgwmiaNFgshqNJovJcDWarGbLxW63QRStWs1Gm8FwNZvMdrvVcDBcjkZowhaj1WSyWQ5ny8VkMBwNR6MhgoHVYLkYLhZrxcg2WouWs91audjN3CrXxmEzLAYTh823Fr0-pottuHIZJlskGGCyF8nTIp0oN6ORc7CZuTYr42Li8U0sI9NyNxpMFhPDaLkaTMQSzckincgu-5bHZhsOVh6HbzecmTwL38S4sA13y5ljNrOZLMZ9YTVYLoaLxVoxso3WouVst1YudjO3yrVx2AyLwcRh861Fr4_pYhuuXIbJvjEbrgaTyXA12Ddmw9VgMhmuBvsOk-mZ-pyN1pj48tEpv92VbWNzGhQug8X7k5gW0-7sYDr5jk6XV5gs6ox-v9_v9_v9fr_fb9B6DmaDwre6Lnvem_JxTXmdB7HBoIglgot0ovO7XSanw7EWHV1-u9Nvt4glStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov6jhhjN5rrBXLHYzXWLVQIAAAAAAAAAsATTTDcBAAAAcDKo4XKxmK3TwUyGs8VotlwAF55kun54D0z7jMozd8k0JpBdCMkYF2vssYjzu10mp8OxFh1dfrvTb7cygAtPK2abfUYQa7Va1gAAAASwAQAACHDTjTcB51Xc_____zgAAAAycugBAADQ7wOisjMzMzMz40eQw9lo_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.72.30.19 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-30-19.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 165ms
127ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 169ms
132ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=S07QD4htIR&w=5197056576585728&o=5726495427264512&cv=2.1.11-3-gabc8642&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.theonion.com%2F&sid=vkxMznn8&upapi=true
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 May 2023 13:54:11 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 54ms
53ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-142218-33&cid=1286725370.1685022850&jid=548518163&_u=aCDACEABFAQCACAAI~&z=110980069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 90ms
54ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-142218-33&cid=1286725370.1685022850&jid=548518163&_u=aCDACEABFAQCACAAI~&z=110980069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 33ms
32ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 May 2023 13:54:11 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DCB3 15 KB
6 KB 21ms
20ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 May 2023 13:54:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 750452
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 74ms
40ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-175c4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 26 May 2023 13:54:11 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame DCB3
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=theonion.com&sn=ChromeSyncframe&so=3&topUrl=www.theonion.com&bundle=jj2rZV95T1FMa083UURBeUc2cyUyRmRBcldmejJGTllyWUduVmZUUGZreFd2UFQ3NVElMk...
https://mug.criteo.com/sid?cpp=Yvhxx3wvWDZUL3hsZHEvZjFQV2JaWkQ4Y3BTdDhhSSs3Vm81djFLdWtPNGs3MmtOOWpXOExKc3VqVkEzUkdYdTNHK2RnMlZhTmN6RlQyWVFzbWY3VkN0R2ZRVHJsUzJienE2czdlekhZWFpPL3g2ZXBoQUFUMWxjOXZQZW...

433 B
655 B

18ms
17ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Yvhxx3wvWDZUL3hsZHEvZjFQV2JaWkQ4Y3BTdDhhSSs3Vm81djFLdWtPNGs3MmtOOWpXOExKc3VqVkEzUkdYdTNHK2RnMlZhTmN6RlQyWVFzbWY3VkN0R2ZRVHJsUzJienE2czdlekhZWFpPL3g2ZXBoQUFUMWxjOXZQZWlLOGg4UTdhTDVsRXBCZ0RtUDVleHpaSVNJU25jV3YyOXdFVXZ6K0hBRGl6WmJqSGp5OW5ITWVSTi9NMDhNU3dlWlVhUDE1WjhvZ3cxNndDbHVqSEgwQmlldDBla1dZTE1ZR2FKdTdkNWt0ancvVWFvQUJTaWdHNGx6NllzaFNJT0RLZzhpaFhBNHVjUXpNUHEvRW9obzJocGFyNE9CMTFGRVRpK09LL2RMOENXb2xHbXdiYz18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

17a6ba0bd227ac8128c829e2a56659a75fe9e732eb500f0ee9404e7b7b9c023c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1053507
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Yvhxx3wvWDZUL3hsZHEvZjFQV2JaWkQ4Y3BTdDhhSSs3Vm81djFLdWtPNGs3MmtOOWpXOExKc3VqVkEzUkdYdTNHK2RnMlZhTmN6RlQyWVFzbWY3VkN0R2ZRVHJsUzJienE2czdlekhZWFpPL3g2ZXBoQUFUMWxjOXZQZWlLOGg4UTdhTDVsRXBCZ0RtUDVleHpaSVNJU25jV3YyOXdFVXZ6K0hBRGl6WmJqSGp5OW5ITWVSTi9NMDhNU3dlWlVhUDE1WjhvZ3cxNndDbHVqSEgwQmlldDBla1dZTE1ZR2FKdTdkNWt0ancvVWFvQUJTaWdHNGx6NllzaFNJT0RLZzhpaFhBNHVjUXpNUHEvRW9obzJocGFyNE9CMTFGRVRpK09LL2RMOENXb2xHbXdiYz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 406694
content-length: 0
expires: 0

POST
H2 204 bulk Show response
trc.taboola.com/gomedia1-theonion/log/3/ 0
315 B 17ms
17ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/gomedia1-theonion/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230524-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Thu, 25 May 2023 13:54:12 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230041-FRA
server: nginx
x-timer: S1685022852.118259,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.theonion.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
635 B 8ms
7ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Thu, 25 May 2023 13:54:12 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 26872
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1685022852.351808,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 42
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 19703

GET
H2 403 action_links.json Show response
fr-actions.trackonomics.net/prod/www.theonion.com/ 243 B
587 B 520ms
391ms Fetch
application/xml 18.66.122.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fr-actions.trackonomics.net/prod/www.theonion.com/action_links.json
Requested by: Host: cdn-magiclinks.trackonomics.net
URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-86.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fce8baae3263812a42cc1d3913e8e01f10b2aea6eff456680ee2c30517de9154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:12 GMT
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA60-P2
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/xml
x-amz-cf-id: 6hhda9t8EWENcnkyOT2e7vIjDSwnuYEKS2_Y19EWNtxhNesBOCZTog==

GET
H2 200 i.png
trx-hub.com/i/m/ 128 B
463 B 134ms
7ms Image
image/png 18.66.147.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0iiLS3A48kAV2gA2AZ2Y9IMWGAAOU6jgyiKUsHmqwYYAMbUiAbVBDE-bURAALKFKGEA9DZQOAdBDPVEOLO8ebElGyApoanhqaCDoUwDwKDgkVHRsfFESAF0KTV4hCF9YGjpFEE0BLDkIdXYdQhAAJgAGaoBmAFpagFYm6taAFQBGBsJWgBZCHurHAHYADmqALSjlVXKIAUqQLtcAAgB5D3cNgB8NgEEaaCxNMAByIQ2AMVxqLI2AOWoUG4BlI2htRyisLAKKoAjA9ABsk1a9WqkOqU2q8AARpootQAG6ldQAT1kpnYUiCQiEnhwUQyWV8oVggNMeEp2DAsFqPVaYFa6lcsHcJLJgKkPVp9KwjOZrPZLh06T51VM3PcIBIQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-6.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 21:21:46 GMT
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 04:40:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 79418
etag: "90eb1bf3b49429bde87a3b5f0b53e6a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 128
x-amz-cf-id: WUcdVAmphkg5O5v4b7qON5RUaickVcgsouBfhJR0wwO0QbAqpMpemQ==

GET
H2 200 usersync
match.adsrvr.org/track/ 70 B
261 B 34ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 25 May 2023 13:54:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK cksync.php
cs.media.net/ 60 B
426 B 90ms
52ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 May 2023 13:54:13 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 60
x-mnet-hl2: E
Expires: Thu, 25 May 2023 13:54:13 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
https://p.rfihub.com/cm?in=1&pub=2079&gdpr=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455419347951259

43 B
632 B

508ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455419347951259
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 May 2023 13:54:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455419347951259
Date: Thu, 25 May 2023 13:54:13 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 pd
u.openx.net/w/1.0/ 43 B
132 B 31ms
25ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 May 2023 13:54:13 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sync
eb2.3lift.com/ 37 B
141 B 31ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=161204
https://image8.pubmatic.com/AdServer/ImgSync?p=161204&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REM3QUMyRDctMkUyRi00QUZGLTlGOTctRjBBRDY4QzA3QTA3&gdpr=-1&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
217 B

19ms
18ms

Image
text/plain

185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 13:54:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Thu, 25 May 2023 13:54:14 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
theonion.com/	1969-12-31 23:59:59	Name: geocc Value: DE
.theonion.com/	1970-01-20 20:49:18	Name: KinjaBucket Value: f
theonion.com/	1970-01-20 12:03:43	Name: KinjaSetBucket Value: f\|1685022600\|oyW08pZHZ6ORccQ6Gi1ESF9KBBQvHaBVJajsFlgat3M=
www.theonion.com/	1969-12-31 23:59:59	Name: geocc Value: DE
www.theonion.com/	1970-01-20 12:03:44	Name: lux_uid Value: 168502284944032290
kinja.com/	1970-01-20 12:13:47	Name: KinjaSession Value: 9eef4c86-aabe-49e8-ab94-ef1644da99dd
.kinja.com/	1970-01-20 20:49:18	Name: KinjaBucket Value: f
kinja.com/	1970-01-20 12:03:43	Name: KinjaSetBucket Value: f\|1685022600\|oyW08pZHZ6ORccQ6Gi1ESF9KBBQvHaBVJajsFlgat3M=
www.theonion.com/	1970-01-20 12:46:54	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.theonion.com/	1970-01-20 12:05:09	Name: pageDepth Value: 1
www.theonion.com/	1970-01-20 12:05:09	Name: _lr_geo_location Value: DE
.kargo.com/	1970-01-20 20:49:18	Name: ktcid Value: d83aad51-3311-04ef-1ea1-f9e0db791dd7
.theonion.com/	1970-01-20 21:25:18	Name: __gads Value: ID=6435e921a52aef89:T=1685022850:S=ALNI_MYAAKk20znGevJT9vZMXXMx0kGbNg
.theonion.com/	1970-01-20 21:25:18	Name: __gpi Value: UID=00000c1bfef4de77:T=1685022850:RT=1685022850:S=ALNI_MaendXm_-IMH9Z7hrXHclsj9akzrA
.rubiconproject.com/	1970-01-20 20:49:18	Name: khaos Value: LI373KJL-9-7356
.rubiconproject.com/	1970-01-20 20:49:18	Name: audit Value: 1\|hLZGFuTafB0L1M2KkiV5ovsKGGM1eolu5vVtDhgOVUPn/4TLQE0M/+CBcNhMzgAjgXKALezHt0LVxh1uxPoukeBxGCOXoSK1DUMZeP765Cvc6UO785F0Pw==
.criteo.com/	1970-01-20 21:25:18	Name: uid Value: 3f75bc6e-14eb-4e1d-9a26-81f218df80af
.adnxs.com/	1970-01-20 14:13:18	Name: icu Value: ChgI64dgEAoYASABKAEwgtG9owY4AUABSAEQgtG9owYYAA..
.adnxs.com/	1970-01-20 14:13:18	Name: uuid2 Value: 6991728677030561918
ads.resetsrv.com/	1970-01-20 14:13:18	Name: ckbk Value: 000000F98FDD65FE
www.theonion.com/	1970-01-20 20:49:18	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D05091811-1d64-4967-917f-e5caf010baf7-tuctb68ee02
.theonion.com/	1970-01-20 21:39:42	Name: _ga_FBJXBGD4M8 Value: GS1.1.1685022851.1.0.1685022851.0.0.0
.liadm.com/	1970-01-20 21:39:42	Name: lidid Value: 54b8a181-c65e-4416-89b2-e78ee06a9c9c
.theonion.com/	1970-01-20 12:03:46	Name: AMP_TOKEN Value: %24NOT_FOUND
.theonion.com/	1970-01-20 21:39:42	Name: _ga Value: GA1.2.1286725370.1685022850
.theonion.com/	1970-01-20 12:05:09	Name: _gid Value: GA1.2.1225600693.1685022852
.theonion.com/	1970-01-20 12:03:42	Name: _gat_unique Value: 1
.theonion.com/	1970-01-20 12:03:42	Name: _gat Value: 1
www.theonion.com/	1970-01-20 12:46:54	Name: vtas_f Value: 50e5d5e8265421bfb3ffab5c5f5c5462422a4853
www.theonion.com/	1970-01-20 12:46:54	Name: vtas_version Value: 1.1.2
.theonion.com/	1970-01-20 21:32:30	Name: _cb Value: DgwuT_BoMGv8BMnpuC
.theonion.com/	1970-01-20 21:32:30	Name: _chartbeat2 Value: .1685022851557.1685022851557.1.DEk4BWCRfFUsrxyHhBRA05PD_L2bR.1
.theonion.com/	1970-01-20 12:03:44	Name: _cb_svref Value: null
www.theonion.com/	1970-01-20 12:46:54	Name: vtas_kv Value: {"veritas-segments":"10","veritas-iab":"13"}
.doubleclick.net/	1970-01-20 21:25:18	Name: IDE Value: AHWqTUn1t35RSu37ZZFs3K6NSGzf2ohCYbHXCSMIkru9AAp-Nl3hYEkUueiTIHY9LFM
.theonion.com/	1970-01-20 21:25:18	Name: cto_bundle Value: j6BSiV95T1FMa083UURBeUc2cyUyRmRBcldmejJGOUM1SHlNTUx5dmQ1cmt0Y1N4RDJFZHhqQmF3MXklMkJXUzclMkJRWDRFRjYyWEJjdWZqWVV2NDNzbmQ0NGs2d0RmM2xzdXNsTlclMkI4Q2QwdmRFSnZDTUgzenJxVWhheEE2MFFVQTh0MnB5N1VDSmc3Q05VVjZ6RXNhWENxS2VzJTJCc3VBJTNEJTNE
.casalemedia.com/	1970-01-20 20:49:18	Name: CMID Value: ZG9ohbtHL6UA3q6tb3dXDAAA
.casalemedia.com/	1970-01-20 14:13:18	Name: CMPS Value: 2143
.casalemedia.com/	1970-01-20 14:13:18	Name: CMPRO Value: 2143
.pubmatic.com/	1970-01-20 12:05:09	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 14:13:18	Name: SyncRTB3 Value: 1686182400%3A220
.pubmatic.com/	1970-01-20 20:49:18	Name: KADUSERCOOKIE Value: DC7AC2D7-2E2F-4AFF-9F97-F0AD68C07A07
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxtDQ2Mbc0NTQytRTiM9Q1L41MD4tKN9EN8E0EANdZmlslAAAA
.rfihub.com/	1970-01-20 21:25:18	Name: eud Value: H4sIAAAAAAAA__vFyGtoZmFqYGRkYWpsaWkCAIwiwxkQAAAA
.rfihub.com/	1970-01-20 21:25:18	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxtDQ2Mbc0NTQytRTiM9Q1L41MD4tKN9EN8E0EANdZmlslAAAA
.pubmatic.com/	1970-01-20 12:05:09	Name: pi Value: 161204:3
.pubmatic.com/	1970-01-20 14:13:18	Name: chkChromeAb67Sec Value: 2

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://tagan.adlightning.com/gomedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idx.liadm.com/idex/ie/any Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://fr-actions.trackonomics.net/prod/www.theonion.com/action_links.json Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ads.resetsrv.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ampcid.google.com
ampcid.google.de
api.btloader.com
api.rlcdn.com
as-sec.casalemedia.com
ats.rlcdn.com
b6f7b9554bcec69ba68993f256e2026a.safeframe.googlesyndication.com
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
cdn-magiclinks.trackonomics.net
cdn.speedcurve.com
cdn.taboola.com
cm.g.doubleclick.net
cs.media.net
direct.adsrvr.org
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
f.kinja-static.com
fastlane.rubiconproject.com
fr-actions.trackonomics.net
fusion-media-group-d.openx.net
geo.privacymanager.io
grid.bidswitch.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.kinja-img.com
ib.adnxs.com
id.sv.rkdms.com
idx.liadm.com
image2.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
imprammp.taboola.com
insight.adsrvr.org
js-sec.indexww.com
kinja-com.videoplayerhub.com
kinja.com
krk.kargo.com
match.adsrvr.org
ml314.com
mug.criteo.com
no.kinja-img.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pr-bh.ybp.yahoo.com
prebid.media.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
region1.google-analytics.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
tagan.adlightning.com
theonion.com
tlx.3lift.com
tpc.googlesyndication.com
trc.taboola.com
trx-hub.com
u.openx.net
ups.analytics.yahoo.com
vidstat.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.theonion.com
x.bidswitch.net
x.kinja-static.com
104.18.11.47
104.18.24.185
104.18.25.185
13.224.192.181
13.248.245.213
13.32.121.17
13.32.99.89
130.211.23.194
138.197.55.50
141.226.228.48
143.204.98.71
151.101.1.44
151.101.130.217
151.101.194.166
151.101.66.166
172.217.16.198
178.250.1.11
18.195.189.38
18.66.122.86
18.66.147.6
18.66.147.69
185.64.189.112
185.64.190.79
185.64.190.80
185.80.39.216
185.89.211.132
193.0.160.131
2001:4860:4802:34::36
216.58.212.130
23.35.228.23
2600:9000:2057:8000:18:1fcd:353:c61
2600:9000:236e:b400:1d:8c8c:47c0:93a1
2602:803:c004:200::140
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700:20::681a:932
2a00:1450:4001:801::2004
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c0a::9b
2a02:2638:d::2
2a02:2638:d::a
2a02:2638:d::d
2a05:d018:d29:3602:d19f:1de7:e73f:73f7
3.124.127.106
3.208.211.92
3.229.72.78
3.33.220.150
3.64.171.66
3.72.30.19
3.75.62.37
34.111.234.236
34.120.133.55
34.120.63.153
34.192.8.210
34.252.134.81
34.98.64.218
35.71.131.137
52.222.209.4
52.223.4.62
52.57.115.121
54.159.254.249
54.229.39.212
014f235236af831dc18bebba5bf8ca9a0d2ad0fb04c98064790a3f4c77444457
01c61fa8398bb360b7a71e2e36392400568e53e0c560ac795294826134e58495
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09c15760538f80160b462c438428e831f22d42f5f27f32eb364f15fd62e6accd
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
0ed375278b06c36ab8b2da5f18e09677565b827177abdffe343b8b274a70c08b
1063c185d2ba098c3c38deeaa02f320ce4850364758330aa5a511441bd313d22
10c43c456f1a248aca9249779b5e61f1b0bf9431d38b59f552c34e0c14b0fd7f
115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388
11bd6d902ca26d8866e22eb04feb7ea8c754ad25b40f37fc15d784857cc7d248
125e539173a50a3dea5c5fdf369e3823754d7bab90fb9107a0088854f676d9b2
1438700bc5c08c81bbc8eab227772b9898a6cc68a8e66a2fb8b366a663a29b74
17a6ba0bd227ac8128c829e2a56659a75fe9e732eb500f0ee9404e7b7b9c023c
18265d4feb13c9e02c2f2d4d12de0e51d24500c23f2f68b5536f9e35e05e9097
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a31861a53fec5e0e1135ff6fa3563ceb096a0fd0b5356004dcbc6931101d47a
1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c8ca7b6a077da2f5e0c1d79c074684b93c9ad901ebdba3a19c0319347076575
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
212c6c3d608079d600a89f8141de3ca4fb381b1aca8e12a5e669815749315793
21f472be68e6b3100bacd2b71ccd1607e9b3145aa8324bbf6d574f6e6c3d4123
221c51d6190d8c5cf2217bc17bc7ed47c99c31528fb2b8800c4c0233742a5038
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
2b14301c6e55453137555d78d96f03fbfe06dfd5f7b648228770384f9d05b257
2bb0e261722b9b5ff76a22157a0a4d2ad2ec47248eb2ed049782bb8492199a70
2c51a9f78fdccbfbd0c6bf58c7146bf7ea7a6e9c0e27795f07f1247c4c682dd6
2d25d1da39b0a6736291fa1f130be3360c9e063a287c2ab92f13a665215cfd07
2ed8d3a8d867f80b40133bd8d869461487c8a8305a93d32d97dd237ae813dbf7
30605821fb656678741a59f72d704f6faf52172c1745adb3927e3a5802a10ae3
30d6dfd42b9a5f0be38020e3fe03042fe88b4931993c6c63c0b8061e934d727f
32879eba9b2433c53f34f9e1e3ed09e6fa564fca84252541b75526a2148ddcd7
330b1e9ee51be3e724fa47637a4e97cf7e2f3c8ae353f439282799f15a0f6bfc
332178c76008a6c2d64d1956767df4abcba64c510ba40e92b8cbf374a8ac6ab5
33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad
36e179bd926d341411fc49f8aae4b1dfab44d919521add8bbd251a0c06f1c7da
381a36dedfb411e7e88cfe6ab8f387e5773f30361b80aa61fbc4eac8bf99a9cf
393e670b043757b273bfa3f071439061cfa03327dc538ba6ca730b7d182de1ac
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a59fb3b16429d5ba9bb966f4b60761352a52a95a8874138001559296c687bc9
3ab6d5bddb52a980ebe7658cca937e1ce087c1478cbeb13715876e463b2dd7f3
3f5f3be3dcd8039c166b39b0ebbf825484c57373c781f5fb67f29b70e91eea89
3f5fce94ad605982255f98a7ff3d67f71858622afaf9a14859a06b9e028eda8c
41ed70da9d1f49cc976b234dd0c093e326b4626de463d26b3f5d05c054730f5b
4227e7808bb153943a5c2f8fbb6e877dc2ebea70934f7b223ee112124f8f8d61
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
466ec679712d74fc59ddb8a10193696b87f17e2a2d0aae8fc14037e68669161f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a76bf1ff1716d3a87dade6460b4b3c7971a42dddd38a109877d4531a0e7e73
46bcdeff7e0fe6ae7050dc9d2e5edd5e74d3c78e6f322dc7df3c1a73a40ffb40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a0ad8029e7a1e5f04247b07e3be19768196ce8e66128b9dffe58240b5cc2de0
4d0de41b596f1c37d0cf111f5678e895cbb61068a7978f9d9afd342285522a4d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e654dc4aa833a34b4871aa86e91240fe6b88560fdffcd9b1023d9cc31d1753d
5039183655944787adb113695a648f2aaf397867a6072b2ce97c7b572fe3fc20
514ee176d2081129cc97b2a18a6aeac1b2ef555721a265b03f81e228255f3fbb
51f872a9c5227d921e9f8c74ba58c6cf16af4a29391d720a3c2858c0fa426c88
528a5bcdfe99d459ca9724e827f3ac036b5ef16ed581942fa62f947676c37af0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564a2d5a494c5ad18cc8ab626fd34b94ebaf23afe884bfc8cd7fb4cf4f1d5edf
568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d
582fd9b394fd8aacd37da7ff532062c5b1d274b20441e35601f1ae44f6b9d340
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a49cf74a234b01650f208a787578e011c050bc3056ffb33dd35a5ec73db8b8a
5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5daee2974fa584e4ada3a944750121f8ee7500c8dbda3fe304dbf2d01856ad21
5db6dc59e662741fc2c7cd4961e31ab13a1afa0bc8efac1ed7fe8aab6ed242eb
60bff1f3d1652febff5190c494944d027b4239d3d030d189763a8e923d8d40a7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638cb175b6c9d489fd461421a80dd74569f0873de513aec695e34aa1d2b75304
63bf2e4b1ebce527755d68e4e86701006ce1d9d1c83fdaa29b4b3c36dacc2743
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
690d140c84dff4981749a656ec4f6f14200f3caabbdae6ea3fb8f6877f8b798b
6ad61602e9db9558662d5280058aee442dbf0b3676a043158ea945439e4f6346
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be2f75adb91ea6250947c3508fa1a8e76a88c8ac755061454f7cd91fcc04966
6e575bd6b4933326a8991eb95f551350b3cca9169b7c131313fdc0178453d77b
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
70cf567f57e13e91d4c7b2442eb95f49764108be111f38589109249933960bb5
735c404d5eb5ac2d0ce08d5463e0d2400b2d6470adac2cd58e56cdb3876410d5
73e0b4849267d52ad5b7ec2770d92fb24b85b127aa7ae835700f6d5d0e755c0f
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
752e5fd378491d1b3164d0c45a0703ebd4e31a2337701fb441e7b7e3258a3775
7571dffba6f42b4f8b852eae3006e8882e89cbb3b67fbb849a0819821ae0b5dd
7941a6f509b7760cef9ae2c1e13e076530a5b08f9c05ea1e9ac2561e0ed9bd4f
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7d9108d5fe7c8fa650fad1d89dffab5f622d9533a23e39c6192bcb8569709817
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
7fae5e1f0ad241683e0138a7442b5cab53b0cbad0687c5fc5933aacfb961e12c
817f08350b5707a1aa5d0593cfb7fa8c588e4393479db8c211252f42a01d36a4
8413176dd89287beafbd21e4fa5586f3d5db9aefa37b1350b34bc7533ca5ef34
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8776a8ad91c217fa4d327ff5d7dbf975bbfc3585e5aaf22d68fa4ae7d2888a45
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89ecfb858ac8a33f5e99389189e952333fdf09b4b7f081ea4bd09acdbffaf5ac
8cfbb185b57de51b612c207ebaad5d9f8e49a4103d6c94cb5259281f66e7ebc5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e38c603e1aabecdf282291958cfdfcabb2b53b5a69c13edf125ec5bedc2afee
8ea9eb65ccb26ccce2f8c8cf4781fbff8221c570961b71e4dc16de803bed8233
8f93b86f56e9342ce4c83e436ec5646bef5c14da83b143418abc4335bece2d8e
8facfa89433ed07dcc25f817b3b9992b7e359b1ea38c672869f69ba41bdf6ac8
921d6a08298f520a4f4c7444ba3cf32d128706ad4018c6a576f915d79122a8dc
9708fbfcf504ef77c5c4170d1e9db38c159049f8ab47d04f6a452e689cf696aa
98c115c8f099e933183fb18adb4c9f7c5d2b552d1d025d9f90a6a21d2e00dc63
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a3e870a66fa16194df4cbf1052e81e983338cca245f4a72e152121b48ca2e2f
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8
9dd16b949e171070e7bcfcf697274c0df2e8539fb1dbe7e6de696040e82d7c1f
9dd295f1b8047318855e74e81dbeb02d463452670f2997dd64764a6ad88f3884
9e988192ae58551ea32719b8dd14415ad06e94360a96c4fc67e3f32384085bfc
9f19114fc66ef2ca455dc1b7e93be045b3698a3f291312e951b163473fbf6980
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a198440fa540fd8de0dfe887ae1bf7890e4c17b2c99989ff42e6efba7b06361f
a1bcc37432884a16b8c3a3d39f32ea9ef7d6f4330dd92571b760343e89556a42
a2e4cbf774066dd66eee9b3d9a38f1062f7f3686ae0001228540691c92671c95
a323d4626bd1d87ea98075d2d577463700bfd82f733fede6c174ace4c1a62e08
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a5e38141216616f8afb1d4615524bc9437e25dbd47435765754da1d2278da3f0
a66a45787e47ab5de0d1ed07d185f9ce9aa0907b60070c2e5af7f321eb11208f
a7ebec103c04aedd9c1b8e8136c0afc3d979b46c8d1cc92f8a4a9ea62dc6f3aa
aa2fd69109467c1dcbf65856c4e4fcafe0ea616b822f1a0a584c4bf17233711a
acb40f0e0250a0b0b61278541a84c0fd936728dbd16316f3a4695b7cf576147e
adcaa82dccaaa3cecdc503fc6531653947d6204a997edcbd4d796033fe49751d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af07705eb7e434ddc33426eb84d9ba31bba2b5cc9d022239df1c1376e437f1d7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d67346f32ba6a331321f8f3e2b0112e80e41db809959974d308120aeda29da
b2d12302eee2d4e702a095497dd20133916901be34e4f4f7748f5e87385fef5e
b3e99914a00d9c5183225436f894d820998137017c6e50afdd840c918df78cd6
b3f483b4c4f941a7cc1860356329639370e23b643ba93da4be31500be0b4c1ee
b5499c873a87eb32edcdf9e4591b91193a980cc9ed71ae80d56466f20ac33980
b630399dc87169c912b553c7dc294e6a7af0ca96a3186f27086566d7dd87ca41
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8cd9865e08dd1d2ac286d755bc886cdbfd0a1811ba364eafc33846d4fd4bd2
be61dbb08493a8447831037a6e9f8d4759d08b61206f62d5674bf140470aa643
c0742372439397bd0ea6186aba86699f7f2e2fc3f50bf291e79ea7e91f3afad0
c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948
c8037d94c463c2b78f9206e8e46a541c97ae534397b764750f2e0eb3c3d9440b
c93794353afab50509f28bb4792ed22d0e5038b15040fe3a05ba1296b5cc1193
c9c3c0e5c963f8122f31d0d501e95e65fb4348af55a6aa6f6dd7c703c0957562
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd41b4096ddcd496972e59aa37bfbaba103150498da855d96a9c7a3e5cabb2d5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d27d3ce9124909a5ff44640d1a1556822d10db85c40fd45c9c574d52ff30fb1a
d29eafa9d9e1188ebfffd7b7915d07a290be935b0f6ee1520013f535fe1ccfcf
d617fb46ef25d32cdfc6459393c2d7933339093ee270b951e1fdb50ab5662140
d7d8eda923854d45e87c11183868b806aff279a82906f1226d8752793a17ab67
d7fa261298e7430c764efe74a192a4bb2b3c975032be043c0402d23d800ca438
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d998c7ddc798f324ab6863a89d6900a05201ccc351d8a69dffc3e0820d37a590
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db374d1d9520f48c692f6dacf6296b043839251ec1f08caa5507b10c2cc9f80e
db6e3ab6717b58968c7fee557d5e971f6cb50bb0c03ae596748208e22febd93c
dbca21de82ba69b1bc23cd1c49721d7b763db98007a74397ad196d494e552f19
dd43a8c80d6f726429cd331765faf88e44a8a2bbb1da20d33c5925c027d4cc6e
dda64c821b18b8b305880cd5a43d9cc95a279260c2866d1b14467024a5cce3ef
e0ea7b348b212b71ea78f15f8785a15cc2357f499b63bd51d63c15d126ca59a1
e18a7608db1209ce0f30b908f72d64307bd9d6285c620b6350d4982c49d73322
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9975431ab3558981df8a558a765319f7268c3d8acfe26b973a5963657f24ce0
e9b433e9788dcda52ba157d0162fabfdbb3233975262a4226c04dfef3ff6b18f
ea2884cc810612616bee4d3ce0ee4123102e85eee5ee05053d184d8551f79b80
eb36e704ef6fbe34301005c259edecfddc4a41d824e3540e436875bf14e774dd
eb8868fc32945760add8b3a5b3cdbfe45a57ea6e509484152fe8bf003b37fc50
ec7436e7646b56061b17b8c5c256c629e6fd0986168714d3ff1d9bf869bc1226
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f183ae165bdd51639e9d3f3d1a8f48f0cb5853af1ec99ed28854f49d06bbd88d
f349f377771088db1f569fef15694e14010735cc5123eed49275d24278b3e1dc
f373d92a45770f2bb384d7804bd74839c9c9895a9223fabe02fbcbedafcb6382
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f8390791fab3a4f38a41db5a1965adb8979102262b3ffbfb12d504b262b6f823
fbaaa7c9441f93f752065674978a9b6cd685bdf43e6f0a988a3b4c14b08ba1ab
fce8baae3263812a42cc1d3913e8e01f10b2aea6eff456680ee2c30517de9154

www.theonion.com Open in urlscan Pro 151.101.194.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

240 Requests

98 %HTTPS

37 %IPv6

50 Domains

87 Subdomains

73 IPs

9 Countries

2544 kBTransfer

7109 kBSize

47 Cookies

23 Outgoing links

Page URL History

Redirected requests

240 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theonion.com Open in urlscan Pro
151.101.194.166 Public Scan

Screenshot
Live screenshot

Full Image

240
Requests

98 %
HTTPS

37 %
IPv6

50
Domains

87
Subdomains

73
IPs

9
Countries

2544 kB
Transfer

7109 kB
Size

47
Cookies

240 HTTP transactions
1 data transactions