urlscan.io logo urlscan.io
SecurityTrails logo

www.theonion.com Open in urlscan Pro
151.101.66.166  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.theonion.com/
Effective URL: https://www.theonion.com/
Submission: On May 19 via api from BG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 85 IPs in 10 countries across 55 domains to perform 348 HTTP transactions. The main IP is 151.101.66.166, located in United States and belongs to FASTLY, US. The main domain is www.theonion.com. The Cisco Umbrella rank of the primary domain is 92927.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q3 on July 25th 2022. Valid for: a year.
This is the only time www.theonion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 72 151.101.66.166 54113 (FASTLY)
13 151.101.130.166 54113 (FASTLY)
2 13.32.99.21 16509 (AMAZON-02)
1 151.101.66.217 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 52.222.208.154 16509 (AMAZON-02)
17 151.101.1.44 54113 (FASTLY)
2 44.213.190.84 14618 (AMAZON-AES)
1 143.204.98.16 16509 (AMAZON-02)
1 13.32.99.122 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.111.234.236 396982 (GOOGLE-CL...)
1 2600:9000:224... 16509 (AMAZON-02)
2 6 2a02:2638:3::c 44788 (ASN-CRITE...)
14 2a00:1450:400... 15169 (GOOGLE)
6 18.66.147.119 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 52.215.103.77 16509 (AMAZON-02)
4 52.222.253.136 16509 (AMAZON-02)
2 104.18.24.185 13335 (CLOUDFLAR...)
4 138.197.55.50 14061 (DIGITALOC...)
11 37.252.171.22 29990 (ASN-APPNEX)
4 52.29.34.191 16509 (AMAZON-02)
4 2a02:2638:3::7 44788 (ASN-CRITE...)
4 35.71.161.21 16509 (AMAZON-02)
5 35.244.159.8 15169 (GOOGLE)
4 54.155.77.0 16509 (AMAZON-02)
4 52.28.189.123 16509 (AMAZON-02)
4 35.158.0.160 16509 (AMAZON-02)
4 54.93.180.214 16509 (AMAZON-02)
1 2602:803:c003... 26667 (RUBICONPR...)
4 185.64.189.112 62713 (AS-PUBMATIC)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 34.107.148.139 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
2 178.250.7.13 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.18.10.47 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:205... 16509 (AMAZON-02)
6 15.197.193.217 16509 (AMAZON-02)
6 141.226.228.48 200478 (TABOOLA-AS)
3 2a00:1450:400... 15169 (GOOGLE)
6 2001:2030:0:4... 1299 (TWELVE99 ...)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 3.208.211.92 14618 (AMAZON-AES)
1 44.209.73.107 14618 (AMAZON-AES)
3 13.32.27.60 16509 (AMAZON-02)
5 23.35.236.188 16625 (AKAMAI-AS)
9 37.252.171.21 29990 (ASN-APPNEX)
1 52.207.12.114 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:211... 16509 (AMAZON-02)
3 52.92.153.154 16509 (AMAZON-02)
3 9 35.214.168.80 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.217.18.6 15169 (GOOGLE)
3 2a05:d018:d29... 16509 (AMAZON-02)
2 3.65.71.228 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 130.211.23.194 15169 (GOOGLE)
1 18.66.122.70 16509 (AMAZON-02)
1 18.66.147.3 16509 (AMAZON-02)
6 130.211.44.5 15169 (GOOGLE)
6 2600:9000:223... 16509 (AMAZON-02)
9 2600:1f18:1ac... 14618 (AMAZON-AES)
1 2a04:4e42::300 54113 (FASTLY)
1 141.226.230.50 200478 (TABOOLA-AS)
2 3 185.64.190.79 62713 (AS-PUBMATIC)
1 1 142.250.185.98 15169 (GOOGLE)
1 1 185.64.190.80 62713 (AS-PUBMATIC)
2 3 185.80.39.216 27381 (CASALE-MEDIA)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
1 76.223.111.18 16509 (AMAZON-02)
1 23.35.228.23 16625 (AKAMAI-AS)
1 151.101.129.44 54113 (FASTLY)
1 3.71.149.231 ()
348 85
72    151.101.66.166 (United States)

ASN54113 (FASTLY, US)
www.theonion.com
i.kinja-img.com
kinja.com
x.kinja-static.com
13    151.101.130.166 (United States)

ASN54113 (FASTLY, US)
f.kinja-static.com
no.kinja-img.com
x.kinja-static.com
www.theonion.com
2    13.32.99.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
cdn.speedcurve.com
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
17    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
imprammp.taboola.com
vidstatb.taboola.com
2    44.213.190.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-190-84.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
1    143.204.98.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-16.fra50.r.cloudfront.net
ats.rlcdn.com
1    13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net
geo.privacymanager.io
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
2    34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
1    2600:9000:2240:7600:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-magiclinks.trackonomics.net
6    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
14    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    18.66.147.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-119.fra60.r.cloudfront.net
tagan.adlightning.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
11    52.215.103.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-103-77.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
4    52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net
aax.amazon-adsystem.com
2    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
as-sec.casalemedia.com
4    138.197.55.50 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
ads.resetsrv.com
11    37.252.171.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    52.29.34.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-34-191.eu-central-1.compute.amazonaws.com
krk.kargo.com
4    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
4    35.71.161.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac9557e2e67bd8033.awsglobalaccelerator.com
direct.adsrvr.org
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
fusion-media-group-d.openx.net
u.openx.net
4    54.155.77.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-77-0.eu-west-1.compute.amazonaws.com
hb.yellowblue.io
4    52.28.189.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-189-123.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
4    35.158.0.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-0-160.eu-central-1.compute.amazonaws.com
tlx.3lift.com
4    54.93.180.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-180-214.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2b77319d7650ed6fda932114414ab49f.safeframe.googlesyndication.com
3    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
3    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700:20::681a:932 (United States)

ASN13335 (CLOUDFLARENET, US)
kinja-com.videoplayerhub.com
1    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2600:9000:2057:1c00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
6    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
6    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
3    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    2001:2030:0:4e::d59b:9dc8 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
cdn.doubleverify.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    3.208.211.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-211-92.compute-1.amazonaws.com
id.sv.rkdms.com
1    44.209.73.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-73-107.compute-1.amazonaws.com
idx.liadm.com
3    13.32.27.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-60.fra56.r.cloudfront.net
cdn.mediago.io
5    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
cdn.adnxs.com
acdn.adnxs.com
9    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
1    52.207.12.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-12-114.compute-1.amazonaws.com
ping.chartbeat.net
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2600:9000:211e:4e00:11:9be7:da80:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2cli4kgl5uxre.cloudfront.net
3    52.92.153.154 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
onlinertb-us.s3.us-west-2.amazonaws.com
9    35.214.168.80 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 80.168.214.35.bc.googleusercontent.com
trace-eu.mediago.io
2    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net
ad.doubleclick.net
3    2a05:d018:d29:3601:a280:fe7c:1c7c:7039 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    3.65.71.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-71-228.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    18.66.122.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-70.fra60.r.cloudfront.net
fr-actions.trackonomics.net
1    18.66.147.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-3.fra60.r.cloudfront.net
trx-hub.com
6    130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
6    2600:9000:223f:2800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
9    2600:1f18:1aca:4282:f887:cee9:cb75:534 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.230.50 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
3    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum.casalemedia.com
dsum-sec.casalemedia.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
cs.media.net
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
1    3.71.149.231 (None, )

ASN- ()
ups.analytics.yahoo.com
Apex Domain
Subdomains		 Transfer
32 theonion.com
www.theonion.com — Cisco Umbrella Rank: 92927
718 KB
26 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 685
static.adsafeprotected.com — Cisco Umbrella Rank: 595
dt.adsafeprotected.com — Cisco Umbrella Rank: 569
302 KB
26 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 899
trc.taboola.com — Cisco Umbrella Rank: 635
vidstat.taboola.com — Cisco Umbrella Rank: 2666
am-trc-events.taboola.com — Cisco Umbrella Rank: 14016
imprammp.taboola.com — Cisco Umbrella Rank: 14039
am-match.taboola.com — Cisco Umbrella Rank: 14084
am-vid-events.taboola.com — Cisco Umbrella Rank: 13207
pips.taboola.com — Cisco Umbrella Rank: 1575
cds.taboola.com — Cisco Umbrella Rank: 1782
vidstatb.taboola.com
594 KB
26 kinja-img.com
i.kinja-img.com — Cisco Umbrella Rank: 22805
no.kinja-img.com — Cisco Umbrella Rank: 62502
222 KB
26 kinja-static.com
f.kinja-static.com — Cisco Umbrella Rank: 29247
x.kinja-static.com — Cisco Umbrella Rank: 27782
337 KB
25 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
cdn.adnxs.com — Cisco Umbrella Rank: 1499
fra1-ib.adnxs.com — Cisco Umbrella Rank: 7677
acdn.adnxs.com — Cisco Umbrella Rank: 583
186 KB
18 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
ad.doubleclick.net — Cisco Umbrella Rank: 165
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
187 KB
12 mediago.io
cdn.mediago.io — Cisco Umbrella Rank: 6224
trace-eu.mediago.io — Cisco Umbrella Rank: 15563
8 KB
12 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 486
tps.doubleverify.com — Cisco Umbrella Rank: 505
tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 10198
317 KB
12 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 413
bidder.criteo.com — Cisco Umbrella Rank: 723
mug.criteo.com — Cisco Umbrella Rank: 2837
18 KB
10 adsrvr.org
direct.adsrvr.org — Cisco Umbrella Rank: 3243
insight.adsrvr.org — Cisco Umbrella Rank: 522
match.adsrvr.org — Cisco Umbrella Rank: 306
3 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
2b77319d7650ed6fda932114414ab49f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
40 KB
8 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 477
image8.pubmatic.com — Cisco Umbrella Rank: 641
image2.pubmatic.com — Cisco Umbrella Rank: 820
1 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
ampcid.google.com — Cisco Umbrella Rank: 2221
3 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 286
aax.amazon-adsystem.com — Cisco Umbrella Rank: 387
63 KB
6 google.de
adservice.google.de — Cisco Umbrella Rank: 9037
ampcid.google.de — Cisco Umbrella Rank: 61764
www.google.de — Cisco Umbrella Rank: 6080
2 KB
6 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 834
x.bidswitch.net — Cisco Umbrella Rank: 290
1 KB
6 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1826
171 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 508
eb2.3lift.com — Cisco Umbrella Rank: 358
2 KB
5 openx.net
fusion-media-group-d.openx.net — Cisco Umbrella Rank: 39516
u.openx.net — Cisco Umbrella Rank: 619
903 B
5 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 500
as-sec.casalemedia.com — Cisco Umbrella Rank: 1710
dsum.casalemedia.com — Cisco Umbrella Rank: 1199
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
3 KB
4 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423
ups.analytics.yahoo.com
1 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1346
cs.media.net — Cisco Umbrella Rank: 1383
2 KB
4 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 928
633 B
4 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 3182
2 KB
4 kargo.com
krk.kargo.com — Cisco Umbrella Rank: 2222
3 KB
4 resetsrv.com
ads.resetsrv.com — Cisco Umbrella Rank: 14826
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
region1.google-analytics.com — Cisco Umbrella Rank: 2230
21 KB
3 amazonaws.com
onlinertb-us.s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 72790
85 KB
3 cloudfront.net
d2cli4kgl5uxre.cloudfront.net
188 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
159 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 814
api.btloader.com — Cisco Umbrella Rank: 906
7 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 639
71 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
176 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 886
1 KB
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 437
346 KB
2 trackonomics.net
cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 5628
fr-actions.trackonomics.net — Cisco Umbrella Rank: 10357
28 KB
2 ml314.com
ml314.com — Cisco Umbrella Rank: 1672
11 KB
2 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1777
api.rlcdn.com — Cisco Umbrella Rank: 922
38 KB
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 677
450 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 155
3 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 722
631 B
1 trx-hub.com
trx-hub.com — Cisco Umbrella Rank: 6279
464 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1280
201 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 3930
475 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5187
168 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1564
15 KB
1 videoplayerhub.com
kinja-com.videoplayerhub.com — Cisco Umbrella Rank: 33585
456 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 620
16 KB
1 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 469
937 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 276
17 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 885
46 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1698
611 B
1 kinja.com
kinja.com — Cisco Umbrella Rank: 27689
1 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 5518
8 KB
348 55
Domain Requested by
32 www.theonion.com 1 redirects www.theonion.com
tagan.adlightning.com
25 i.kinja-img.com www.theonion.com
18 x.kinja-static.com www.theonion.com
tagan.adlightning.com
14 securepubads.g.doubleclick.net www.theonion.com
tagan.adlightning.com
securepubads.g.doubleclick.net
11 ib.adnxs.com x.kinja-static.com
www.theonion.com
acdn.adnxs.com
11 pixel.adsafeprotected.com x.kinja-static.com
tagan.adlightning.com
10 cdn.taboola.com www.theonion.com
cdn.taboola.com
9 dt.adsafeprotected.com
9 trace-eu.mediago.io 3 redirects www.theonion.com
9 fra1-ib.adnxs.com tagan.adlightning.com
cdn.adnxs.com
8 f.kinja-static.com www.theonion.com
6 static.adsafeprotected.com tagan.adlightning.com
6 cdn.doubleverify.com tagan.adlightning.com
6 tagan.adlightning.com www.theonion.com
tagan.adlightning.com
6 gum.criteo.com 2 redirects cdn.taboola.com
tagan.adlightning.com
5 match.adsrvr.org js-sec.indexww.com
imprammp.taboola.com
am-match.taboola.com
4 vidstat.taboola.com tagan.adlightning.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 adservice.google.com tagan.adlightning.com
4 adservice.google.de tagan.adlightning.com
4 hbopenbid.pubmatic.com x.kinja-static.com
4 btlr.sharethrough.com x.kinja-static.com
4 tlx.3lift.com x.kinja-static.com
4 grid.bidswitch.net x.kinja-static.com
4 hb.yellowblue.io x.kinja-static.com
4 fusion-media-group-d.openx.net x.kinja-static.com
4 direct.adsrvr.org x.kinja-static.com
4 bidder.criteo.com x.kinja-static.com
4 krk.kargo.com x.kinja-static.com
4 ads.resetsrv.com x.kinja-static.com
4 aax.amazon-adsystem.com c.amazon-adsystem.com
3 tpsc-ew1.doubleverify.com cdn.doubleverify.com
3 image8.pubmatic.com 2 redirects
3 tps.doubleverify.com tagan.adlightning.com
3 pr-bh.ybp.yahoo.com imprammp.taboola.com
am-match.taboola.com
3 onlinertb-us.s3.us-west-2.amazonaws.com cdn.mediago.io
3 d2cli4kgl5uxre.cloudfront.net www.theonion.com
3 cdn.adnxs.com tagan.adlightning.com
3 cdn.mediago.io tagan.adlightning.com
3 www.googletagservices.com tagan.adlightning.com
3 am-trc-events.taboola.com cdn.taboola.com
3 tpc.googlesyndication.com tagan.adlightning.com
3 prebid.media.net x.kinja-static.com
3 static.criteo.net tagan.adlightning.com
x.kinja-static.com
static.criteo.net
3 c.amazon-adsystem.com www.theonion.com
c.amazon-adsystem.com
3 www.googletagmanager.com www.theonion.com
www.googletagmanager.com
3 www.google-analytics.com www.theonion.com
www.google-analytics.com
2 dsum.casalemedia.com 2 redirects
2 api.btloader.com kinja-com.videoplayerhub.com
2 x.bidswitch.net imprammp.taboola.com
am-match.taboola.com
2 acdn.adnxs.com www.theonion.com
2 am-match.taboola.com tagan.adlightning.com
2 ad-delivery.net
2 stats.g.doubleclick.net www.google-analytics.com
2 www.google.com tagan.adlightning.com
2 mug.criteo.com
2 trc.taboola.com cdn.taboola.com
2 imasdk.googleapis.com www.theonion.com
tagan.adlightning.com
2 ml314.com www.theonion.com
ml314.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 sb.scorecardresearch.com www.theonion.com
1 ups.analytics.yahoo.com am-match.taboola.com
1 vidstatb.taboola.com
1 u.openx.net
1 cs.media.net
1 eb2.3lift.com
1 dsum-sec.casalemedia.com
1 um.simpli.fi 1 redirects
1 image2.pubmatic.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 trx-hub.com
1 fr-actions.trackonomics.net cdn-magiclinks.trackonomics.net
1 www.google.de
1 am-vid-events.taboola.com
1 imprammp.taboola.com tagan.adlightning.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 ad.doubleclick.net
1 ping.chartbeat.net
1 idx.liadm.com js-sec.indexww.com
1 id.sv.rkdms.com js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
1 ampcid.google.de www.google-analytics.com
1 insight.adsrvr.org
1 static.chartbeat.com tagan.adlightning.com
1 btloader.com
1 kinja-com.videoplayerhub.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 ampcid.google.com www.google-analytics.com
1 js-sec.indexww.com tagan.adlightning.com
1 2b77319d7650ed6fda932114414ab49f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 fastlane.rubiconproject.com x.kinja-static.com
1 htlb.casalemedia.com x.kinja-static.com
1 s0.2mdn.net imasdk.googleapis.com
1 cdn-magiclinks.trackonomics.net www.theonion.com
1 www.googleoptimize.com www.googletagmanager.com
1 geo.privacymanager.io ats.rlcdn.com
1 ats.rlcdn.com www.theonion.com
1 kinja.com www.theonion.com
1 no.kinja-img.com www.theonion.com
1 cdn.speedcurve.com www.theonion.com
348 102
Subject Issuer Validity Valid
*.avclub.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-07-25 -
2023-08-26		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-19 -
2024-05-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-24		 7 months crt.sh
ml314.com
GTS CA 1D4		 2023-04-09 -
2023-07-08		 3 months crt.sh
*.trackonomics.net
Sectigo RSA Domain Validation Secure Server CA		 2022-12-01 -
2023-12-01		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-07-07		 4 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-22 -
2023-06-21		 a year crt.sh
resetsrv.com
E1		 2023-05-16 -
2023-08-14		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.dev.kargo.com
Amazon RSA 2048 M01		 2023-02-13 -
2024-03-12		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-19 -
2024-05-17		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-05-09 -
2023-08-07		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
securedvisit.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-11-26		 9 months crt.sh
*.liadm.com
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-29		 8 months crt.sh
*.mediago.io
Amazon RSA 2048 M02		 2023-02-24 -
2023-10-05		 7 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2023-12-28		 9 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.trx-hub.com
Amazon RSA 2048 M02		 2023-01-21 -
2024-02-19		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh

This page contains 24 frames:

Primary Page: https://www.theonion.com/
Frame ID: BF318631877EE8DD6F8EEC66EB29EBA8
Requests: 256 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.574.0_en.html
Frame ID: 60F745A6F7540117A2DED6D6A6B39AC3
Requests: 1 HTTP requests in this frame

Frame: https://2b77319d7650ed6fda932114414ab49f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B6438A0A22522A218239B9FD5B19F66E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.theonion.com
Frame ID: F575365433BF152525663CBE2A018519
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 822A0940A373F48D6935AC338EB69A62
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 37D3F98F5219CF969F681C318E1591D6
Requests: 2 HTTP requests in this frame

Frame: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Frame ID: 55A7DB8C021B52194CDA71B5109FE31A
Requests: 16 HTTP requests in this frame

Frame: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Frame ID: 668E88B4575B473D27B25E8240B08BE9
Requests: 16 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eKECLAZ4NstnMC47qBPwbJbPYFx2UC8AAABgYID-AEnuRovRcGZyizyT5Vq0MC7WwtnC4RZNbIOJxbWbzTYuIyDJ3WgxGs5MbpFnslyLFsbFWjhbONyiiW0wsbh2s9nGZQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQ0A6n3foPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxR6vbx-kDZdCFSYFuEEQAAAIDc6k3JI5N0gopFlf___34rAFcAAAIQZcR9NrPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QkkJPmqCBwg81v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLDkErBoPVCYjZAQAAALjz____jwcvQ75KidowVQ9I-RablcMzcvhGxtlgNxnObDbnzOXyzGaDmc018x4uCAP1V5q0iz4iwjL7fQch3-0yPHwug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDZxuVarmW2tGs4cbtHIuFsLZ7vlWrVyuSaLiW_kWjncotfHdLENFsaVZ4sEA0z2InlapBOZczJa7oaTicWymG2Gu43JM1kuPJOJyznYbAyTiViiOVmkE9ll3_ItNiuHZ-TwjYyzwW4ynNlszpnL5ZnNBjOba-avTVyu1WpmW6uGM4dbNDLu1sLZbrlWrVyuyWLiG7lWDrfo9TFdbIOFceXZN2bD0Wg4GM52-8ZsOBoNB8PZbt9hMj1Tn7PRGhNfPjLVuLSyTGxOg8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-FbXZc97Uz6uKa_zIDYYFLFEcJFOdH63y-R0ONaio8tvd_rtFrFEabpIJ_qi3-0yPHwuf0UsEZwu0onQ73ZZ1H_0EMPVXLLYzBWr1Vwxmq0SAAAAAAAAAIAlmGa6CQAAAICTQQ2Xi8VsnQ5mMpwtRrPlArjwJNP1M7wjH_jGC7lLpjGB7EJIxrhYY49FnN_tMjkdjrXo6PLbnX67lQFceFox2-wzglir1bIGAAAggA0AAECAm268CUih4v7____HAQAAkJFDDwAAgH4f0NQzF0q98CM_ghzORvsHoEKs1Wp1u7FWqwU!&cmcv=&pix=undefined&cb=1684480869727&uv=3280&tms=1684480869727&abt=nonrv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=974148fd-d329-4a81-86aa-4b60bb5766ce&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 16761EAA79ED0CD82AE6D4D5C41D0F08
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8eKECLAZ4NstnMC47qBPwbJbPYFx2UC8AAABgYID-AEnuRovRcGZyizyT5Vq0MC7WwtnC4RZNbIOJxbWbzTYuIyDJ3WgxGs5MbpFnslyLFsbFWjhbONyiiW0wsbh2s9nGZQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQ0A6n3foPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxR6vbx-kDZdCFSYFuEEQAAAIDc6k3JI5N0gopFlf___34rAFcAAAIQZcR9NrPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QkkJPmqCBwg81v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLDkErBoPVCYjZAQAAALjz____jwcvQ75KidowVQ9I-RablcMzcvhGxtlgNxnObDbnzOXyzGaDmc018x4uCAP1V5q0iz4iwjL7fQch3-0yPHwug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDZxuVarmW2tGs4cbtHIuFsLZ7vlWrVyuSaLiW_kWjncotfHdLENFsaVZ4sEA0z2InlapBOZczJa7oaTicWymG2Gu43JM1kuPJOJyznYbAyTiViiOVmkE9ll3_ItNiuHZ-TwjYyzwW4ynNlszpnL5ZnNBjOba-avTVyu1WpmW6uGM4dbNDLu1sLZbrlWrVyuyWLiG7lWDrfo9TFdbIOFceXZN2bD0Wg4GM52-8ZsOBoNB8PZbt9hMj1Tn7PRGhNfPjLVuLSyTGxOg8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-FbXZc97Uz6uKa_zIDYYFLFEcJFOdH63y-R0ONaio8tvd_rtFrFEabpIJ_qi3-0yPHwuf0UsEZwu0onQ73ZZ1H_0EMPVXLLYzBWr1Vwxmq0SAAAAAAAAAIAlmGa6CQAAAICTQQ2Xi8VsnQ5mMpwtRrPlArjwJNP1M7wjH_jGC7lLpjGB7EJIxrhYY49FnN_tMjkdjrXo6PLbnX67lQFceFox2-wzglir1bIGAAAggA0AAECAm268CUih4v7____HAQAAkJFDDwAAgH4f0NQzF0q98CM_ghzORvsHoEKs1Wp1u7FWqwU!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: EA119CB6CBA32F2A0838E31BD1C3E115
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7656&pub_id=1573867
Frame ID: 654A86151D1789CE959D356FD8CEF759
Requests: 3 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931294&campId=970x250&pubId=4531748607&chanId=22405397127&placementId=4601588782&pubCreative=138271807375&pubOrder=2260375129&cb=463759132&adsafe_par&impId=&custom2=top&custom3=&custom4=&custom5=top-01
Frame ID: E45E6FB8FD1AB7142802AAF5B9FCF4FC
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3783.js
Frame ID: E269404256EAF656BC4128AA5E28E518
Requests: 3 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931294&campId=970x250&pubId=4531748607&chanId=22405397127&placementId=4601587669&pubCreative=138271807375&pubOrder=2260375129&cb=498864057&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-02
Frame ID: 57E540C5633F39B92D7422D2BA06F394
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3783.js
Frame ID: DADBBD70FE2BE25B3B551B64181DDD74
Requests: 3 HTTP requests in this frame

Frame: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Frame ID: 9EDEC071F6D6589AA103EE406BE3C691
Requests: 16 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com
Frame ID: 03F9B2AF74906A5748A9B1C9D080EECC
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7656&pub_id=1573867
Frame ID: BD0DFE94B6B2827A62117012DEBBE0D6
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 85593FF174D6D5E96A61ED82975BA4F3
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931294&campId=728x90&pubId=4531748607&chanId=22405397127&placementId=4601587669&pubCreative=138271807372&pubOrder=2260375129&cb=455849355&adsafe_par&impId=b9b4240f-f615-11ed-9736-0ae3ea675541&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-03
Frame ID: B360D4200524E8A10DC5B1486655A72D
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3783.js
Frame ID: 80DA8D00E7529368CBFD641C2A0A7595
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2C75FFF04E3EFA55AF5C34F73F5B096E
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D0FBF621213B09B24E65E7B48C7BA463
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8eKECLAZ4NstnMC47qBPwbJbPYFx2UC8AAABgYID-AEnuRovRcGZyizyT5Vq0MC7WwtnC4RZNbIOJxbWbzTYuIyDJ3WgxGs5MbpFnslyLFsbFWjhbONyiiW0wsbh2s9nGZQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQ0A6n3foPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxR6vbx-kDZdCFSYFuEEQAAAIDc6k3JI5N0gopFlf___34rAFcAAAIQZcR9NrPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QkkJPmqCBwg81v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLDkErBoPVCYjZAQAAALjz____jwcvQ75KidowVQ9I-RablcMzcvhGxtlgNxnObDbnzOXyzGaDmc018x4uCAP1V5q0iz4iwjL7fQch3-0yPHwug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDZxuVarmW2tGs4cbtHIuFsLZ7vlWrVyuSaLiW_kWjncotfHdLENFsaVZ4sEA0z2InlapBOZczJa7oaTicWymG2Gu43JM1kuPJOJyznYbAyTiViiOVmkE9ll3_ItNiuHZ-TwjYyzwW4ynNlszpnL5ZnNBjOba-avTVyu1WpmW6uGM4dbNDLu1sLZbrlWrVyuyWLiG7lWDrfo9TFdbIOFceXZN2bD0Wg4GM52-8ZsOBoNB8PZbt9hMj1Tn7PRGhNfPjLVuLSyTGxOg8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-FbXZc97Uz6uKa_zIDYYFLFEcJFOdH63y-R0ONaio8tvd_rtFrFEabpIJ_qi3-0yPHwuf0UsEZwu0onQ73ZZ1H_0EMPVXLLYzBWr1Vwxmq0SAAAAAAAAAIAlmGa6CQAAAICTQQ2Xi8VsnQ5mMpwtRrPlArjwJNP1M7wjH_jGC7lLpjGB7EJIxrhYY49FnN_tMjkdjrXo6PLbnX67lQFceFox2-wzglir1bIGAAAggA0AAECAm268CUih4v7____HAQAAkJFDDwAAgH4f0NQzF0q98CM_ghzORvsHoEKs1Wp1u7FWqwU!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 1EA823B380D3496D43419B04A3C6C83C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Onion | America's Finest News Source.

Page URL History Show full URLs

  1. http://www.theonion.com/ HTTP 307
    https://www.theonion.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

348
Requests

97 %
HTTPS

39 %
IPv6

55
Domains

102
Subdomains

85
IPs

10
Countries

4424 kB
Transfer

12956 kB
Size

46
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.theonion.com/ HTTP 307
    https://www.theonion.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://www.theonion.com/undefined HTTP 301
  • https://www.theonion.com/
Request Chain 135
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=theonion.com&sn=ChromeSyncframe&so=0&topUrl=www.theonion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=xKgqsnxpeTBtMWhGbU13SEhZOGhVMVlhOEVORlRqbm9tUDNYSFMrRm8wd0thRTJ2cGs5dDQyUHU2dWF6MDlneVpJakNqK09JN01zMGZqaDVsY0ZzdEZ5T09jVEk1WW50T25KejNtZDhJdTJ3VDhEc21RdHdSK2xVTzR5ZHVGcWJZcitFM2w4RUpSWkhaeGxjKzBmTXdFdlc0OTJqUGRSTG9hR0c5RklqYnI1Z09aTU51R0FmZEVNbkhNZkpDSjFGVnUrRlBQd2NjVVBHbmZhNFEwMUFEY3N6VDJRdGlKOWRXZDRXdzRNelE4Z0JqV1pBVnFxQ2Q0OXZRSzJMOGxaems0U1VDTTMyWi9STDZPZTFTWW5JYm9yTEJQZz09fA&cppv=2
Request Chain 174
  • https://kinja-com.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=kinja-com&upapi=true
Request Chain 232
  • https://trace-eu.mediago.io/cs/xandr?rdid=dcd2323dd07cbae04edc5f2db5731459 HTTP 302
  • https://ib.adnxs.com/setuid?entity=529&code=6353e3be9a6184a972875fe1388ff414
Request Chain 252
  • https://trace-eu.mediago.io/cs/xandr?rdid=9b77a8ba17972c0f439f7271d9d4c216 HTTP 302
  • https://ib.adnxs.com/setuid?entity=529&code=6353e3be9a6184a972875fe1388ff414
Request Chain 292
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theonion.com&sn=ChromeSyncframe&so=3&topUrl=www.theonion.com&bundle=XjhNsV9Uc1ZwcThkRmFBaHppeUZWUDlLeTB0a1lINU9xenFYWlpJaHRtR29KTHE1Rjk2NmNtSU16JTJCJTJGVzRFaFZ3VnNONTdLTkpvakNpMCUyRjRlUVBFajMlMkYlMkIzV2R4a2JlR0U1ZkVuNXhtYXJCbm4wY0olMkZab0tVbUNGSWt3ajFwUko4MGowQ285TnhYdnk1R1ExTWZCbjhtM2NvY0ElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=TIgWM3xZdFgyL2FKcXN5aysyVnJCTjBxTmsyUXFBWGpxZlZMaUxTQy9OeGtaYXYwNExOZTlJMHZONWNlLzlxYUh4cGNOcWZZRGdVYTJ3cDJDQ1lkdW9OZXBQUFg5NkMyVXMwWlVUN2VPVTMrSjUzbE16U2JFYjF4K2U0YzJWUjBlV2c4OWp2OTFKZ3dvM0hqM0RVcGxWdjNyZmtuTnYxQWRPY0tHdVkwTEFqK3lTUEVhZDdNdHZSN2hHWUFyNmkvK3lqaXI1MkFjbU52QVgvbllLcUthUHo5SHpFWitkay9zSjlhOUx6RDRSQk1COGUvMFg4SHdsYkJ1UU81L1FSZTBpa3BsN3MzUlpJVzg2M2diNnpKQmdnMW9qNWdPZ2M0ZUE3Y2U1Qm9WWkhtMEg5dz18&cppv=2
Request Chain 300
  • https://trace-eu.mediago.io/cs/xandr?rdid=45f78216f8814b9ad338b56fe8cf0624 HTTP 302
  • https://ib.adnxs.com/setuid?entity=529&code=6353e3be9a6184a972875fe1388ff414
Request Chain 323
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161204 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161204&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Qjg2MzE2QzEtMkMwQy00RkNFLUFEODEtMjQzNzBFNDg1ODFD&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 324
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0F5E0D8BE1874A2B8C426DC77F74DC41&gdpr=0

348 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.theonion.com/
Redirect Chain
  • http://www.theonion.com/
  • https://www.theonion.com/
394 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
27a3e24234e5ae74f27010f9b62df7e4a9c3fb4b212f3f434b5762b3830a8929
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
56
cache-control
stale-if-error=86400, stale-while-revalidate=300
content-encoding
gzip
content-length
63353
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 19 May 2023 07:21:06 GMT
etag
W/"6288f-wkK8YXDWddJGpm3rgWlpohsrdYo"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Authorization
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, HIT, HIT
x-cache-hits
0, 11, 1
x-cdn-fetch
mantle-default
x-content-type-options
nosniff
x-googlenews-bot
false
x-kinja
kinja-magma-kube02-f697ccd8b-zwl62 #4113
x-kinja-build
4113
x-kinja-gdpr
true
x-kinja-revision
24aa977b9ed6940301536d921e202aaec851e913
x-kinja-server
kinja-magma-kube02-f697ccd8b-zwl62
x-kinja-superheroloaded
true
x-powered-by
Express
x-served-by
cache-iad-kiad7000116-IAD, cache-iad-kiad7000116-IAD, cache-fra-eddf8230111-FRA
x-timer
S1684480867.680626,VS0,VE2
x-ua-device
desktop
x-xss-protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://www.theonion.com/
Non-Authoritative-Reason
HSTS
roboto_condensed_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_reg-webfont.woff2?11012022
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
563YCJKW05V1F2RY
age
40
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
15700
x-amz-id-2
AOKxzz7KSbFSOyL3zNGyVkWEUqPiBupH3OftBYWSJZHKHUSOjz1C4hDPF5kql0C5GChjPyVv8j21pmB3FP+uCktlL1r9aUcS
x-served-by
cache-fra-eddf8230047-FRA
last-modified
Fri, 13 Jan 2023 15:40:59 GMT
server
AmazonS3
x-timer
S1684480867.728744,VS0,VE0
etag
"3d7f7413fca69bff4d231ebdc50aaab0"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
roboto_condensed_reg_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_reg_it-webfont.woff2?11012022
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ab6d5bddb52a980ebe7658cca937e1ce087c1478cbeb13715876e463b2dd7f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
9JWAVSZJG73XV4RX
age
1
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
17376
x-amz-id-2
pf1zYA6gAdcqDi5UFvwpupFfLGo3rmuo+5gZKgHpdxU0nFKwaZ33/5eafb1rTns9Qb7Ybis9E10=
x-served-by
cache-fra-eddf8230047-FRA
last-modified
Fri, 13 Jan 2023 15:40:59 GMT
server
AmazonS3
x-timer
S1684480867.729194,VS0,VE1
etag
"8e134f1169d65556e833a4f33fd78242"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
roboto_condensed_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_bold-webfont.woff2?11012022
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
KDZQWEDHPT69FPD2
age
58
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
15660
x-amz-id-2
FwduhEeOoE85CNAs3+ck8e8W7bOdc8BkTVIUkm3d6ZzzI0q/SJTgFXitTXMBDdHyexpiYhNPqZ8=
x-served-by
cache-fra-eddf8230047-FRA
last-modified
Fri, 13 Jan 2023 15:40:57 GMT
server
AmazonS3
x-timer
S1684480867.729199,VS0,VE0
etag
"d7b0b953a50fddaa88089b5b787cf719"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
roboto_condensed_bold_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_bold_it-webfont.woff2?11012022
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
921d6a08298f520a4f4c7444ba3cf32d128706ad4018c6a576f915d79122a8dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
VDXDSTHSRT7P02PA
age
54
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
17080
x-amz-id-2
fuXpV/ZN1oa9xO2+Bx8DBOcTLwXPABK8PlJWBmycpaxyuFQxMttlyu5fj/CtdKONeNjCvaUU3OQ=
x-served-by
cache-fra-eddf8230047-FRA
last-modified
Fri, 13 Jan 2023 15:40:56 GMT
server
AmazonS3
x-timer
S1684480867.729158,VS0,VE0
etag
"e43aefe2f0b22276ca8ade3f8040749b"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
RH7Z9QBPZWY74SJ8
age
23
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
17984
x-amz-id-2
eAmZTngXZqKd7eCKSQLSNd4IPWfqZcPz7aUqtmmS1NSy6XX6aMfMfC0toSsVdi6PPyWM38Aiq7M=
x-served-by
cache-fra-eddf8230047-FRA
last-modified
Tue, 16 May 2023 21:52:45 GMT
server
AmazonS3
x-timer
S1684480867.729150,VS0,VE0
etag
"0518781cd45a71291d17ea1febfcc5fe"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 06:03:53 GMT
content-encoding
gzip
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
4633
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
FobEuEMyQPbsiHEnVj_WE280YmmTlRdnLWyYir-i7PyPG--BY3YN7Q==
lux.js
cdn.speedcurve.com/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.speedcurve.com/js/lux.js?id=527761496
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
6d2ca4e549a9a91705c30a0213f0d963513ac49e355fc83273e0392a875e4bc4

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-cache-hits
6
date
Fri, 19 May 2023 07:21:06 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
2716
x-cache
HIT
content-length
7827
x-served-by
cache-fra-eddf8230082-FRA
last-modified
Fri, 19 May 2023 06:35:51 GMT
server
Apache
x-timer
S1684480867.753417,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 May 2023 06:35:51 GMT
76e97d09a75e6e1b6d18631081731627.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,q_60,w_645/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,q_60,w_645/76e97d09a75e6e1b6d18631081731627.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c923a732b548572aa5c8329bee5129a633171b25092c84be5c8fbe58e0eb2a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
UG28puIqGPxfdkMO1uyK_44OTYtzFbml
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
TV48E6F83XPZ0SSW
age
219734
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=570195 idim=2000x1125 ifmt=jpeg ofsz=23430 odim=645x362 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
23430
x-amz-id-2
MM9oPOhYmz43AUdEpXVMvgYmCOQIAjEQlo1FifbSUTDiINOqe9QeC7c6Ixdd10lkSRuUAn4h/BQ=
x-served-by
cache-iad-kiad7000131-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.738200,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=362&quality=60&width=645
etag
"VhTSXJ08ynxRf3pnjm/M6xaXbNs9tfYtWK1RoG+fNbY"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
24, 1
6ac16f276e24f75181f3bb9eb13daee7.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/6ac16f276e24f75181f3bb9eb13daee7.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09280334d0b307a17713df150a6dd9c4b63f9556fa2d9244aee0afc26bcc0eaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
SYhVWP2hc9etqvOjFCtZmPMg1zwH5O2s
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
5R8WQDCJVP5YHYGN
age
45918
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=1015822 idim=1929x1085 ifmt=jpeg ofsz=11200 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
11200
x-amz-id-2
LWkF0bBEoAqRJVoN0VXGAOZGkvLqC3zkDmC2C+fHgU0zU5yqmUcVfG6aLRdaZaWkgHBM8g7SyA88Jo12DhXCQlKl1G92BMN4Nvy2Mt4oYzI=
x-served-by
cache-iad-kiad7000022-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.738572,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"zqsK98ydiDnsIOgN2Q5aILD41tYYc5u8TXmsLv85ozg"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
5, 1
e7e2bce050ef1c523a78e350312c7f84.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/e7e2bce050ef1c523a78e350312c7f84.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d715501401128a6ef9b7c4c29fbcfda703b17ad781014c0fc9916f5ef5e008d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
kwJ3dlIsCPpiZl_E12NshD9lwo_hfYx0
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
WZZFKVG5QZ3S4ACD
age
1913570
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=421206 idim=2000x1125 ifmt=jpeg ofsz=5732 odim=340x191 ofmt=webp
x-amz-storage-class
STANDARD_IA
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
5732
x-amz-id-2
frzhycD6sbAGAssp53FJnMBF4FgerUvbmBtH1EB9n76mXcmPGuG7I2uVJKU3/1L37cboAm8oHQvMVKdZqLH+jjOfGSDkwAgbOj2xSW1QHig=
x-served-by
cache-iad-kcgs7200169-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.738596,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"0o1P4rOoZjpynjb6dMXKK2y272p+R4Rr5CTIeqirTtI"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
32, 1
4e430c386575d529be74b720d1e01c5f.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/4e430c386575d529be74b720d1e01c5f.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c068763ad4712de6e6288d377915fbd3b18a151fefe313abaaf4667feb13b143

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
B7LHp9Fa8wNnZrjkm218DMcTVgOShAZl
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
SEWFQPD63KHTAPFS
age
139222
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=1112708 idim=2000x1125 ifmt=jpeg ofsz=12632 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
12632
x-amz-id-2
+i78wTuHn2DSvYN42vZ3ompTCYIxi+1+7Hnb2Hqe+h39NuW4EUFlv57vMn9cKzhsVAyCfEG+yAA=
x-served-by
cache-iad-kiad7000035-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.738794,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"A2AwZ4moatGoSg/MxwjYcttgNlyIyVv/U7dvbrW7FrE"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
35, 1
8eca1dfa67b240fa0bee2479a7250fa7.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/8eca1dfa67b240fa0bee2479a7250fa7.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c17821ad7c60144c3011c557ee5cc2c4fcfb8b1483603432bd5d0bacc4f748c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
sB4iP.vJxoLH5lb_uMv.GJdY6lpIW2GN
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
1M0BNV1ZMEEB6SAP
age
139949
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=450628 idim=2000x1125 ifmt=jpeg ofsz=11232 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
11232
x-amz-id-2
Hx5fchuSN5gmlf6u5rhLfX6g2GAaHGLwbvr8PPgYycXp6lCDxoGUIAeZEDLzdoMrgiYOTiE+e+I=
x-served-by
cache-iad-kcgs7200034-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.738582,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"+D8YpDFsw5HereoFBadPUulPfcpTVqx5tJinDbYW0zM"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
8, 1
197xrjaz7466rpng.png
no.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,pg_1,q_60,w_645/ 		54 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://no.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,pg_1,q_60,w_645/197xrjaz7466rpng.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ad61602e9db9558662d5280058aee442dbf0b3676a043158ea945439e4f6346

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
original
x-amz-version-id
null
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
NA9M5P2FC4C10ESW
age
2047710
x-amz-meta-cld-version
1388776355
x-cache
HIT, HIT
fastly-io-info
ifsz=95 idim=1x1 ifmt=png ofsz=54 odim=645x362 ofmt=webp
fastly-stats
io=1
content-length
54
x-amz-id-2
iIwSsUXVMMGb4jzPwd3F8JPi0aWeiQkuc2vx4NXxRuP2vvOEHrxaGbjzDrHMJBBJ/GilhKc8HeE=
x-served-by
cache-iad-kjyo7100146-IAD, cache-fra-eddf8230047-FRA
server
AmazonS3
x-timer
S1684480867.738693,VS0,VE0
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=362&quality=60&width=645
etag
"8BXYySxyyUaE383ZNc2VVYHztHXYmxrVLdcZf6slSps"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
6957, 32
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 May 2023 06:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2727
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 19 May 2023 08:35:39 GMT
gtm.js
www.googletagmanager.com/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ece8a06b96f038103b2f945a3f8932b4807f0eb982a7d284a0be0ebb5bf40fa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41725
x-xss-protection
0
last-modified
Fri, 19 May 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 May 2023 07:21:06 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
07f8f9995e664899c46aab9c5fd75f09.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/07f8f9995e664899c46aab9c5fd75f09.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
adf38d0d4e407dbac0db7c97990ef95f2c4ecedfd8b9612c32a84973248c4df3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
ZybDlWxuzRJkB43nAX85hEILfj4L4j1S
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
8Y5JHH8JS2Z0NVXN
age
156368
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=3227940 idim=2000x1125 ifmt=png ofsz=9856 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
9856
x-amz-id-2
oBWXoV2OInhaf5UKonHSWLPuaFKxuqHr8jUeIOLbsGP2zizUHUc21Z5NlBepqcQQ0h0kAPpUlX4+aM3Q49wSGBzRPYYVThvNk3drqZA0Ap4=
x-served-by
cache-iad-kjyo7100068-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.746366,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"N2rT/ExpDi65RzcAgyluq3yIfFw/N/SzP36iYLVeUbk"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
1073, 1
d36645ba0e71af78a0f248aeac391686.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/d36645ba0e71af78a0f248aeac391686.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
682f1cc5b34c9385a942715670acf4f165e8e14f77e2fe29a43fcbcf8ca0b463

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
FegDkAAhAihdrX1IzxMk1KdoJdD6yyle
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
X831ZG303K40A297
age
128512
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=381415 idim=2000x1125 ifmt=jpeg ofsz=6122 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
6122
x-amz-id-2
65I4YCEuGFzrug0tJSNGb6z4OPO9MC0BZdJRV3MtNyogQ0XyNjRy6LRS9LGS//yNmN6MMpUObjA=
x-served-by
cache-iad-kiad7000139-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.753228,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"wQnx5RU0czthewEpDqzt38631JYsRWYJ+KvecL5ZGA4"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
9, 1
7bb6a12e33c7c3f3de03b4d0011128d7.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/7bb6a12e33c7c3f3de03b4d0011128d7.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd8e03026b055ef3c676a417cccb8936835272ce0a7ec9fde0373da29136d96c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
6lKwGY_E8mVfcQT3zWCLK..khfDS.Gmr
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
5C4G3HHGP5Z3A9Z0
age
48483
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=950324 idim=2000x1125 ifmt=jpeg ofsz=6940 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
6940
x-amz-id-2
IL7hKug168OOqimJixkSlkLxL391TRB7kWR/a1KbJjgkSaO3hCBWYLwtvuyWwkkntcWuWUsdjBw=
x-served-by
cache-iad-kiad7000098-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.753123,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"alp3T5cnzdSI3UH1JIGACoeJXvOo0+4a/7oFibTAzSE"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
12, 1
b83e8a07029f19bf8bdf82e70608a726.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/b83e8a07029f19bf8bdf82e70608a726.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca37ef191b6f9c18aff3cb043673d0a3471d3bb97ddfe2662f6126d0e0b50d2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
H_OhrMWqy18Sx6PnZXWb_u3ovNrp_Ce9
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
114W9D8P144BM0A6
age
247791
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=1491442 idim=2000x1125 ifmt=jpeg ofsz=4918 odim=340x191 ofmt=webp
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
4918
x-amz-id-2
lNulvAznFn5BSflHMq6cHerG6buukSbtaVG8I5HwIWh8m1Yk5HjNQ6C7diLf6M3J6ZDgLnyXCSay2Vnh7bGiexyKlkuGJor9v15NC+CMpJ0=
x-served-by
cache-iad-kjyo7100158-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.753106,VS0,VE3
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"Tp/cRgp1OLvSyEpXn79+H/L4wMAOXfDyvxNYxJ6iAzk"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
1338, 1
1a89b0d948d2ad468ae531aedd721e86.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/1a89b0d948d2ad468ae531aedd721e86.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da6b8f81a839e7f05011aed39252b2fb9ed2e8bd7ab8a012522d16b002e3b2c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
PkPeXW4L_f8htK2vNtyTvRuk8aOlEA9y
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
7PC99PJBQY03TQQN
age
296269
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=831855 idim=2000x1125 ifmt=jpeg ofsz=6664 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
6664
x-amz-id-2
HotnIML4h0VTeuCHQ66AJeizU3Y6+y5tXCEPxuhJ4xOUWFQTZwSaEJVdVriBVBJKOoaNqUKiUu0=
x-served-by
cache-iad-kjyo7100036-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.753552,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"zacPHTltpnuZW3CZTmLV41Bz4HOh4I9UpfzokRnkzZs"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
58, 1
41d5e64e43557f105797d74f82375305.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/41d5e64e43557f105797d74f82375305.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
466ec679712d74fc59ddb8a10193696b87f17e2a2d0aae8fc14037e68669161f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
HDnhnygv75gZQpfi1wo2mW9l53xVy0ZM
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
V2N9MNK71A2MV60Z
age
746542
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=1102345 idim=2000x1125 ifmt=jpeg ofsz=20344 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
20344
x-amz-id-2
H7jamkd4QSbasqig0xAUcap8Ro5XjRVzpWv0JU3/2f/HxfrAf1ey89Fv3X23WPj+tIlCba6ErUg=
x-served-by
cache-iad-kcgs7200163-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.753567,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"0kr0u320MqpIIgX0d11MzBO/Q29sffkJLOR2xUBv2i8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
8, 1
b7a84773288e1c4b2ef90058367201c2.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/b7a84773288e1c4b2ef90058367201c2.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa2fd69109467c1dcbf65856c4e4fcafe0ea616b822f1a0a584c4bf17233711a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
AUKIcsU1_dsv1Oa3DfVhU6BQwT6di0yo
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
C8H7M80S2X78MG19
age
933819
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=653776 idim=2000x1125 ifmt=jpeg ofsz=8178 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
8178
x-amz-id-2
nDFLmv2Xw7faTAk2ABeiW/spTG+VE0PAbZ3WjqFFNUnIr8u/YKmi5vLF1tr8eCxmELyhiIrI2s4=
x-served-by
cache-iad-kjyo7100042-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.755947,VS0,VE0
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"2S7Ulf6K/yTIXWedNDPfIuj/sU65ceU/4+Hvq/lGLn8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
8505, 1121
jyxeuuxqnjlavheqcfip.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/jyxeuuxqnjlavheqcfip.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66c2ca052cc2afc4c8597a3fe5eeab18b9015b7459479b51cf5c0339232ab7ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
multipartBody101719895076102893asTemporaryFile
x-amz-version-id
null
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-meta-cld-transformation-id
10000011314925
x-amz-request-id
B9CFATMDBZTWQ9S8
age
759106
x-amz-meta-cld-version
1594321528
x-cache
HIT, HIT
fastly-io-info
ifsz=1476233 idim=2000x1125 ifmt=jpeg ofsz=6734 odim=340x191 ofmt=webp
x-amz-storage-class
STANDARD_IA
x-amz-meta-cld-surrogate-key
338745180170660163006858923386595053794
fastly-stats
io=1
content-length
6734
x-amz-id-2
Sr5FBzj3bLemKW23+1Vx+4EkVtzHdQbfLk7zlUkuofYGifdZ3YGb7W+s7q1n632OyXHSK8iuOcc=
x-served-by
cache-iad-kcgs7200079-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.767838,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"hAK5ABnZxUwn9SdDAsirHAMh5PafNcArS0n/Gs1Rv3Y"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
38, 1
e2fa2b7172b3f249f76c33b7a0f4dd4c.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/e2fa2b7172b3f249f76c33b7a0f4dd4c.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2f18e323c05e7d360cf00265052d209269399380524365256f420f1e0b57238

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
sfS4vLfQMKHRBohpRbxV.PE9jLxEy7Rs
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
QSTHZA3598K0B2YY
age
574160
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=624696 idim=2000x1125 ifmt=jpeg ofsz=9342 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
9342
x-amz-id-2
H/KG8vjPXO7TGE9T1idsdnBfQcuePU+sLfCAJRb0xt3UqfbTG5v3aXd696Pjxa8g1y7o6XE1V24=
x-served-by
cache-iad-kcgs7200098-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.767947,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"VNC/OlU3ZmQkklIsJbto9wQAIHAscF7SC+Ak8Hj4hj0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
124, 1
8be0ecfd01659ecc6670ca2604a4cc15.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/8be0ecfd01659ecc6670ca2604a4cc15.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08bd6c4c57896830d2259ecb46fea03cdf9250899afa7c1f767047d39f663ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
db8_8WN5WC6WaRDvvxqE.Artx13Zj5f_
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
67PHAH7KHAR6W4B4
age
241995
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=495935 idim=2000x1125 ifmt=jpeg ofsz=6904 odim=340x191 ofmt=webp
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
6904
x-amz-id-2
cgrxJQ9RDaC//k4hWLypi684njS9JtaFlQ60kQZ3b7+Qr6afEjrMBq/xajzGsZNRlNzgJBEfA0I=
x-served-by
cache-iad-kcgs7200055-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.768341,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"oQVFIybAxb88EFIAnibVjAKNtmWR3xTpenY4CCDsV6U"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
18, 1
abwm6w3prjmdcyvoqfxn.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/abwm6w3prjmdcyvoqfxn.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b630399dc87169c912b553c7dc294e6a7af0ca96a3186f27086566d7dd87ca41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
AmericanVoice_OG_FINAL_2
x-amz-version-id
null
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-meta-cld-interesting
{"eyedea":[[719,0,433,578],[440,57,358,477],[28,96,351,468]]}
x-amz-meta-cld-transformation-id
10000011314925
x-amz-request-id
B2W20JPD43MRWGDG
age
4981377
x-amz-meta-cld-version
1513026540
x-cache
HIT, HIT
fastly-io-info
ifsz=837776 idim=1200x627 ifmt=jpeg ofsz=9144 odim=340x191 ofmt=webp
x-amz-storage-class
STANDARD_IA
x-amz-meta-cld-surrogate-key
388542581494185918882418185766411367189
fastly-stats
io=1
content-length
9144
x-amz-id-2
8HnJITSEdIC8EhLg8f4fjkrWrT4DAFVrceiY6XcHJTngasYTDYf2n+z/YbFChuQnw//pbUVKSIs=
x-served-by
cache-iad-kjyo7100157-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.768331,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"y7SPZ2SgZOpy1XS+3sgmR1gOf2pXElDkczkCG+3fIU0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-meta-cld-original-extension
jpg
x-cache-hits
4548, 1
543575a712cb11966fb597e9832130df.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/543575a712cb11966fb597e9832130df.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ccd4a90154c172e94060e77b9c8e785e40ded811f684c39088a0257a0e3af67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
qU.wlbD2VBNW0SuGKiMEVw5Rqtr__P3L
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
6741QHM8KG8RSR3W
age
575852
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=1769932 idim=1500x1500 ifmt=jpeg ofsz=4638 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
4638
x-amz-id-2
CuTKqGRqeEDbjQhZ4bDIOJe1RQoJNYZ2tpUeaEcujmQWJny4iilOLU59wA2xhmhMocAZLV7en7V/XAZzO4qZ9Q==
x-served-by
cache-iad-kiad7000152-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.768326,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"EBGeQIdEsaOGs40drHIqwnYJQ7ejeUXuyVdYpqmaWS0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
4766, 1
4f3446adf28888e5d64c777d507cec4b.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/4f3446adf28888e5d64c777d507cec4b.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e1bdb3b7614b869d4809c32ad96367004162c9ebc07d7c9d0ac3ae5cfe22c856

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
AZ3dGcx4z_1P6F465VUwqWH5LCgxEYzM
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
8ZK165SAM9E45M8Q
age
52934
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=189476 idim=1920x1080 ifmt=jpeg ofsz=3164 odim=340x191 ofmt=webp
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
3164
x-amz-id-2
yN5RLoiW6DlQwRvmMdHy1cUv/D2cPPAsVjEuk300PA45gs2cnTh+jQLsiCcQF7AE9egTWupf8UcPWDbS14UlYTHp047MsKwaOox983tqBs0=
x-served-by
cache-iad-kiad7000102-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.768314,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"ZY2wydJPqnmH0+MqXL2Uey+bGBfG5VT8HU7dzxTqO5E"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
12, 1
726522531004c331b814c73fcf8f26d8.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/726522531004c331b814c73fcf8f26d8.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f396581d8bad1a5b8ca3f0485106c790f289acdde0cb92e1f84dbed2e3fd22c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
pCEXZjTIgnxnKVej.56gZOfaCu.biX6_
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
MAJR9PBFEM7YNEY9
age
69460
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=3353972 idim=1567x2000 ifmt=jpeg ofsz=5116 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
5116
x-amz-id-2
MXLPSzL440TIpDxWVQsBi7QQ7f1rCkpj6NH/45b98CP+NL4Z8r4YVMckrRqPCs6yZQ2LA6NlI/g=
x-served-by
cache-iad-kcgs7200033-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.781171,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"lkZ91VpL6QRXVVBOqO+YOIn7cvg/ZOuTUSBMggv3dNM"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
12, 1
99caa9a43376e729ac0772011156fdeb.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/99caa9a43376e729ac0772011156fdeb.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33fe3b4004d16bf0d20454ae5c1c8b60926fef40bd562485ccf0bc11dd13215c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
zAfVVRXVnLP0HG5q4_HDxOnec.7VjnoE
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
7SHJZGBSA8A05QYP
age
137884
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=270193 idim=1920x1080 ifmt=jpeg ofsz=3698 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
3698
x-amz-id-2
i8v1oB7TYVfUw+zV+eEkssHOckgLHuX07EqhbzBWlW/b/Q9ld4/q6APPxVueT81yqtC85Ms+2ME=
x-served-by
cache-iad-kiad7000084-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.782801,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"DvxzB3DwnvwxFr0xBYk3fNNKPp9cZiiQqcB0J4Bp/RU"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
20, 1
3017b8842c44df7617117850aecd256a.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/3017b8842c44df7617117850aecd256a.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16943102ea475725090051cf03612718f855e1c54c4200292fd5e032e8c8f9df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
nMy11AYh92kNLlO1a9NHC8sux9c7D2TO
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
M2ZPEF0KBQC130MA
age
225080
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=143995 idim=1920x1080 ifmt=jpeg ofsz=2252 odim=340x191 ofmt=webp
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
2252
x-amz-id-2
n1WJtXCRSWZptLU6sV5FBfhs8YSnQ6g/biesUIWTLY1NKI/NK6IBM4udmiSWvKWEWd5QGr0rL9w=
x-served-by
cache-iad-kiad7000144-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.782366,VS0,VE3
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"I7jGOIKuSXfWbS18e1Eaz5ZjLbB+xr7HMZMwZsLj+gY"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
2673, 1
26f5b228cebee20df4acd9d103017d7d.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/26f5b228cebee20df4acd9d103017d7d.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d13565005e90d679e3586b26ce4983e89bbf09bf5a51225bcee24822936c895f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
AoWVf_o5Plzjn0AwvIaMAxmwQ1Y8P2MC
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
MDTF3AWE2C82VJQG
age
325391
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=466370 idim=2000x1125 ifmt=jpeg ofsz=9964 odim=340x191 ofmt=webp
x-amz-storage-class
STANDARD_IA
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
9964
x-amz-id-2
MZ1Tcm/aoDfqVOa0gA/FBSB9uDg0Hy7WrsfLGtJzKwd+UXYSlFJzhvcw0zO3Q+hj+Ek+B84pCdU=
x-served-by
cache-iad-kjyo7100119-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.782005,VS0,VE6
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"dIRBr12T9XkTotDQ7wrQJf6rB1J2uq0gQOGQ+aCtcT4"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
1272, 1
630261d8b8877eb8006c76cf9f6a9b72.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/630261d8b8877eb8006c76cf9f6a9b72.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
789f27eedfe5af29121f07d1dc20832357c3660482cc11a7652639bc03d7d0c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
nyNyQD5ymlY.LQYoGcrF6XTfkHZoPrfu
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
C2ZRBX5CT64GG9BJ
age
771639
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=772295 idim=929x704 ifmt=jpeg ofsz=8678 odim=340x191 ofmt=webp
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
8678
x-amz-id-2
FnZU2Jn3BfBY0ryVBY16KpUw4Y9aD+Qemhx6xoMZWk+iWHGetP68Qv8tvPamjD+nQ4Od4OmmDfA=
x-served-by
cache-iad-kiad7000042-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.781988,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"VFv1/Y0cj1K+s3lMShecHO11JeOJUoMXtWxvArAOHPg"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
9296, 1
471ac409919762d136137f8867c41ab8.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/471ac409919762d136137f8867c41ab8.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
649d7e12233b46ac9a47751bc38b54c4d57e164f998d00e5e75e93aab5efe71c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
g5xitT7KN7TKCFiHfNJ5z2M5W33xH1Sv
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
93KYJX1V3E0H19YF
age
2011508
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=953775 idim=2000x1516 ifmt=jpeg ofsz=9046 odim=340x191 ofmt=webp
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
9046
x-amz-id-2
KdZK/y1y3QVNKEhHSiHIWPbE2xVZ6vyoUA1VQKRtdjpdVjzZ80O30Do60LC6FrScR6JzAqSmy7Y=
x-served-by
cache-iad-kjyo7100060-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.781974,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"vCssAsoIsu6z84auAogVqIUnorZLkjzMFCBk/C1x66c"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
8173, 1
c635f828a968fb470ce70e3715fdf4b7.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/c635f828a968fb470ce70e3715fdf4b7.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
865f62e6d5fd6f5cb9deabe7a779f6df95daac2c6036f0ecd8ece5473652aaba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
i_zZ8Iza8wfmfARVqpbVZWdeVLhkyQnc
via
1.1 varnish, 1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
68PQ046SBWCM9CYQ
age
2026990
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=857482 idim=2000x1516 ifmt=jpeg ofsz=8638 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
8638
x-amz-id-2
D17odxkAkl6pOX1lwz3SgXANxYjsRMcYcmwHf5j2AIo2P9QN4M4c8XDX20P2O3FOWitZMHRLKxw=
x-served-by
cache-iad-kjyo7100031-IAD, cache-fra-eddf8230111-FRA
server
AmazonS3
x-timer
S1684480867.789675,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"q3HmFztn9joNJhsYFLOeMplCkP97/BfA8voW9glzH4s"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
1718, 1
runtime~adManager.7f63f5a5211f21065884.js
www.theonion.com/x-kinja-static/assets/new-client/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.7f63f5a5211f21065884.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
827d01994d2e286d12a6b00b7f411ff2d54a29bd8b1ba01e357f48cdd5f05b82
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
99F2MDN4SKHZ20YX
age
141360
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
2003
x-amz-id-2
KmqdU7VZCoUwsCZ62Abg/JNmV8bHZXbpDA9iRqiyydCq0p2hdElLTh8emrQukOOeYbBuU6deKC8=
x-served-by
cache-fra-eddf8230043-FRA, cache-fra-eddf8230111-FRA
last-modified
Wed, 17 May 2023 16:02:22 GMT
server
AmazonS3
x-timer
S1684480867.736681,VS0,VE1
etag
"668dd8578f7dbf486e16faa00e21abac"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
adManager~video-html5-playlist~videoHtml5.2b2422de03ece058fd53.js
www.theonion.com/x-kinja-static/assets/new-client/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adManager~video-html5-playlist~videoHtml5.2b2422de03ece058fd53.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8413176dd89287beafbd21e4fa5586f3d5db9aefa37b1350b34bc7533ca5ef34
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-kinja-gdpr
true
x-amz-request-id
4VWP9BE4T1PBDMQN
age
199936
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
2234
x-amz-id-2
RZnpv1siAny1NsQDQnADiBGWCpWtatMtnULj9e/R6JzZly/Z7KoJJPoyFQgtw6z5eJnearYEY7TH3YQtQRO4kw==
x-served-by
cache-fra-etou8220104-FRA, cache-fra-eddf8230111-FRA
last-modified
Tue, 16 May 2023 21:57:01 GMT
server
AmazonS3
x-timer
S1684480867.751613,VS0,VE1
etag
"16aa057b72959400f9902e832edd0648"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0, 1
adManager.6a9d9d91d693ed1f30bb.js
www.theonion.com/x-kinja-static/assets/new-client/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adManager.6a9d9d91d693ed1f30bb.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1063c185d2ba098c3c38deeaa02f320ce4850364758330aa5a511441bd313d22
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-kinja-gdpr
true
x-amz-request-id
AVZR6MXR7T4837NF
age
1406198
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
8801
x-amz-id-2
WyIEYoJPLtm71TJuAkwAycvdpLLotL/PG2lBrSCISBZJOXrV27oGcgWFgr4n9DBae8AyddBTzLw=
x-served-by
cache-fra-eddf8230036-FRA, cache-fra-eddf8230111-FRA
last-modified
Tue, 02 May 2023 18:50:52 GMT
server
AmazonS3
x-timer
S1684480867.752284,VS0,VE1
etag
"af67733e6ec5929b31f5e219919c2b1a"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0, 1
adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~6b32d66e.ed6234f1c36e167fd42a.js
www.theonion.com/x-kinja-static/assets/new-client/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~6b32d66e.ed6234f1c36e167fd42a.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ed375278b06c36ab8b2da5f18e09677565b827177abdffe343b8b274a70c08b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
BZGKKTXAJR3SZGZW
age
200039
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
2360
x-amz-id-2
0jD8XiYwOXT9qXazQqfjooLuB5WYf7TqiArPdi2xX07IaII5cesMvk8C8bqci5ynYfdYOGuiXtM=
x-served-by
cache-fra-etou8220094-FRA, cache-fra-eddf8230111-FRA
last-modified
Tue, 16 May 2023 18:22:10 GMT
server
AmazonS3
x-timer
S1684480867.752882,VS0,VE1
etag
"31c8c11625e3f5d8c0f7975061fb849a"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
runtime~taboolaLoader.8539e99055799d7f071f.js
x.kinja-static.com/assets/new-client/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/runtime~taboolaLoader.8539e99055799d7f071f.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e9975431ab3558981df8a558a765319f7268c3d8acfe26b973a5963657f24ce0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
YRNQ85CTWW2XY9B8
age
24
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
688
x-amz-id-2
h3v8xZPSbyYpizN6KWQXh1WG/IbC7X5kAMO/u0xLq5qFr49EP9tDwTJDkZOFJ1+1vBjxPStqGzeIrcwdPt227isLPutXUukigxKw3cnTFoA=
x-served-by
cache-fra-eddf8230047-FRA
last-modified
Thu, 27 Apr 2023 16:04:19 GMT
server
AmazonS3
x-timer
S1684480867.767879,VS0,VE1
etag
"27f043f95ae2764c07794196a83ca0bc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
taboolaLoader.fc80ecb9335e3a4b01bd.js
x.kinja-static.com/assets/new-client/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/taboolaLoader.fc80ecb9335e3a4b01bd.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2347c57b7e6770755b35e6897d912ba7252bee3db684caa7b1773b74db19e96
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
QDJAABB1JN1ZQEMP
age
91
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3105
x-amz-id-2
NA7BxqxGv14n82S3p0/G2hxjharRjSs//NgTTdsLWjlnnlhteH+xZJ/ubHvwsqcYMNYm6iC5sIuhUAXHl45j4wtIRzvndRmvK4HmjOnlals=
x-served-by
cache-fra-eddf8230047-FRA
last-modified
Tue, 16 May 2023 21:57:05 GMT
server
AmazonS3
x-timer
S1684480867.767929,VS0,VE1
etag
"074d02faf1c6bfcefa748d4a65fe1231"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
runtime~videoMediaQuerySupport.87053d08d5634a107c35.js
www.theonion.com/x-kinja-static/assets/new-client/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoMediaQuerySupport.87053d08d5634a107c35.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
DHP11Q9N1VX8E56B
age
197951
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
774
x-amz-id-2
TwN4iYxHe+Te96SUhEALd0zzR7EdPfDcG5qMb84Ouf9Q3gn03mlPAsGeGJ/PXqT41eWcxZ/cKDE/nmfKNsrKXakhblNXQjCUsSVtj5B4jek=
x-served-by
cache-fra-eddf8230083-FRA, cache-fra-eddf8230111-FRA
last-modified
Tue, 16 May 2023 21:57:05 GMT
server
AmazonS3
x-timer
S1684480867.752599,VS0,VE1
etag
"df042ee2742c71b59300a1b35069e3aa"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
videoMediaQuerySupport.b68e2424feab32dd0c91.js
www.theonion.com/x-kinja-static/assets/new-client/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/videoMediaQuerySupport.b68e2424feab32dd0c91.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-kinja-gdpr
true
x-amz-request-id
4VWX6HES1WZJ9P15
age
199936
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
683
x-amz-id-2
r+tnufO/Gngr3p7nsoU47GYhKmjVG3DaRJcKe99mWLOrd3Z3aaYhtqqfb0V+PFW9RsHEhczumPM=
x-served-by
cache-fra-etou8220112-FRA, cache-fra-eddf8230111-FRA
last-modified
Tue, 16 May 2023 21:57:07 GMT
server
AmazonS3
x-timer
S1684480867.752594,VS0,VE1
etag
"cd8a0c9965106e2f8e59fd060ddad4f1"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0, 1
accountwithtoken
kinja.com/api/profile/ 		243 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kinja.com/api/profile/accountwithtoken?jsonp=_fasttoken&newFollows=true
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
264447bf80f04ae69febd723d270354d5ede73672184d6c67a8286c3e0bd6a39
Security Headers
Name Value
Content-Security-Policy default-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 May 2023 07:21:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
master-only
x-kinja-gdpr
true
x-cache
MISS, MISS, MISS
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-ua-device
desktop
x-kinja-superheroloaded
true
x-kinja-continent
EU
x-cdn-fetch
mantle-setcookie
content-length
223
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200039-IAD, cache-iad-kcgs7200039-IAD, cache-fra-eddf8230111-FRA
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-timer
S1684480867.773724,VS0,VE111
x-frame-options
DENY
vary
Accept-Encoding,Origin
content-type
application/javascript; charset=UTF-8
cache-control
no-cache, no-store, private
accept-ranges
bytes
x-kinja-country
DE
x-robots-tag
noindex, nofollow
x-cache-hits
0, 0, 0
ad-units-default.9f0c48194230dbb8795a.js
x.kinja-static.com/assets/new-client/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/ad-units-default.9f0c48194230dbb8795a.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.7f63f5a5211f21065884.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6058ab016bbd6df17f42d9b24cc8488be67b85ea6099e699d3f61466375c467b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
WCN8Q82GEW17MCS1
age
113
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
2995
x-amz-id-2
3221EdiqEA2BSNTBESkKl8hQeARauakdPHyqAvGL+po+ATD7zHgnTj9iQ3vgHUKA//YZKfB4ZZs=
x-served-by
cache-fra-eddf8230111-FRA
last-modified
Mon, 01 May 2023 20:51:51 GMT
server
AmazonS3
x-timer
S1684480867.818920,VS0,VE0
etag
"8670f2c364df966a0dd1a1af6f463812"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
display-theonion-desktop-config.5ab5847a5280d85ddbab.js
x.kinja-static.com/assets/new-client/ 		15 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/display-theonion-desktop-config.5ab5847a5280d85ddbab.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.7f63f5a5211f21065884.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a66a45787e47ab5de0d1ed07d185f9ce9aa0907b60070c2e5af7f321eb11208f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
C28CNQJ1FEX6RRPD
age
110
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1457
x-amz-id-2
0LtUaIk4MhNZWrK22u8j5i1RN6hJAg/uVOhshsGDmvgpml+fwSxmNWUvQ2418cDs6bqhckpBrFgls4qvKLNBXGtXWow5zU5D+75qsxY7QZc=
x-served-by
cache-fra-eddf8230111-FRA
last-modified
Mon, 08 May 2023 20:29:08 GMT
server
AmazonS3
x-timer
S1684480867.819242,VS0,VE1
etag
"b4734303f497736db5de02d20c759ef0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
apstag.js
c.amazon-adsystem.com/aax2/ 		230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/adManager.6a9d9d91d693ed1f30bb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 06:38:59 GMT
content-encoding
gzip
via
1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront), 1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
2528
etag
W/"e6af4658ab1a6fdde1f0066b27d5372e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
bGKojJDAmSNmX6CUoC0jepfaEr9yINCcQV52a6Nz_6v1vxSIY9589A==
prebid-js-prod.71664cf4fdde6f76a812.js
x.kinja-static.com/assets/new-client/ 		433 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.7f63f5a5211f21065884.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f5f3be3dcd8039c166b39b0ebbf825484c57373c781f5fb67f29b70e91eea89
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
649SFMJ0K6EXR2JA
age
23
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
111685
x-amz-id-2
mLGNjCoSpNOqffIWVz3N2V6lmOwznOFaF76Ac/johUJgFP3+6dJqv1cufP85Wl3N2GJ6Cpp/6qU=
x-served-by
cache-fra-eddf8230111-FRA
last-modified
Mon, 08 May 2023 20:29:09 GMT
server
AmazonS3
x-timer
S1684480867.820596,VS0,VE1
etag
"1923b924651c8f275c430a10f8b695ed"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
/
www.theonion.com/
Redirect Chain
  • https://www.theonion.com/undefined
  • https://www.theonion.com/
394 KB
394 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theonion.com/
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-kinja-server
kinja-magma-kube02-f697ccd8b-zwl62
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
content-encoding
gzip
date
Fri, 19 May 2023 07:21:06 GMT
age
56
x-kinja-build
4113
x-powered-by
Express
x-cache
MISS, HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-kinja
kinja-magma-kube02-f697ccd8b-zwl62 #4113
x-kinja-gdpr
true
x-cdn-fetch
mantle-default
content-length
63353
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000116-IAD, cache-iad-kiad7000116-IAD, cache-fra-eddf8230111-FRA
x-googlenews-bot
false
x-timer
S1684480867.840565,VS0,VE0
etag
W/"6288f-wkK8YXDWddJGpm3rgWlpohsrdYo"
vary
Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Authorization
content-type
text/html; charset=utf-8
cache-control
stale-if-error=86400, stale-while-revalidate=300
accept-ranges
bytes
x-kinja-revision
24aa977b9ed6940301536d921e202aaec851e913
x-cache-hits
0, 11, 2

Redirect headers

x-kinja-revision
24aa977b9ed6940301536d921e202aaec851e913
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
date
Fri, 19 May 2023 07:21:06 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
age
106
x-kinja-build
4113
x-powered-by
Express
x-cache
MISS, HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-kinja
kinja-magma-kube01-6c7cfc7d95-7zpzm #4113
x-cdn-fetch
mantle-default
content-length
35
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000128-IAD, cache-iad-kiad7000150-IAD, cache-fra-eddf8230111-FRA
x-googlenews-bot
false
x-timer
S1684480867.829178,VS0,VE1
vary
Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Accept, Authorization
content-type
text/plain; charset=utf-8
location
/
cache-control
stale-if-error=86400, stale-while-revalidate=300
accept-ranges
bytes
x-kinja-server
kinja-magma-kube01-6c7cfc7d95-7zpzm
x-cache-hits
0, 6, 1
b
sb.scorecardresearch.com/ 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6770184&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684480866826&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2F&c8=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&c9=
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-21.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
EU0Ck82jJswAhOQrvMe3hgTFO7Km0Aon0vet0K0LRVtT8Fs07_hu5g==
x-cache
Miss from cloudfront
loader.js
cdn.taboola.com/libtrc/gomedia1-network/ 		158 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
821fe308bbe540e46346b25f7beec5e2b785557bb00c2f9ee3b8e7c9cb8a80c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
T5WCMzWEfQbybILtcAKXUx3QYSMVXsVs
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
1T3T1941C8EX4CG5
age
92
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
41496
x-amz-id-2
iBtbaQW9bNhQ5GEnoxRL8KKmIJ7pUQR/xY2IaDTSIcX3IqEs7W0KVa9+7jCcMYOKF0uFubIsZCw=
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Thu, 18 May 2023 20:12:39 GMT
server
AmazonS3
x-timer
S1684480867.923290,VS0,VE1
etag
"044d5ca889c3cc431faf1600e56fd85c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
62
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
config
c.amazon-adsystem.com/cdn/prod/ 		937 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3076&u=https%3A%2F%2Fwww.theonion.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d7d8eda923854d45e87c11183868b806aff279a82906f1226d8752793a17ab67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:26:21 GMT
via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
14084
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
937
x-amz-cf-id
5TxVzKY9Fyi5Mi12P3eom5PBFBzvXaTN26hWdS3F7vlkLKhMpbi0jg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
date
Fri, 19 May 2023 04:07:24 GMT
x-amz-cf-pop
FRA56-P3
age
36185
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
nhd2QQehMMWTuhJZ1fSWGouaH1ZFdsFEvEXf87l0GXcpDCtRj2LVdA==
gtm.js
www.googletagmanager.com/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
996533b6c73e13f6e7f489ce44fd689c7217636e5d6b186ac41aea2a1c8ced8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50955
x-xss-protection
0
last-modified
Fri, 19 May 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 May 2023 07:21:06 GMT
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.213.190.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-190-84.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.theonion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 19 May 2023 07:21:07 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
ats.js
ats.rlcdn.com/ 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-16.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9dd295f1b8047318855e74e81dbeb02d463452670f2997dd64764a6ad88f3884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
FdZQKnEndO3mqmnRp7XQ3uMfeJERmMlw
content-encoding
gzip
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
date
Thu, 18 May 2023 09:11:51 GMT
x-amz-cf-pop
FRA50-C1
age
79756
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:96f94076-69de-4a4b-8bd0-6fb739c06860
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
e16bd58aa55fcc98af3b10870aad5974
last-modified
Thu, 19 Jan 2023 10:03:36 GMT
server
AmazonS3
etag
W/"0820c3a8da5dbe428619a7328c53b95f"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
3efbae2e7f7f574316dfc685479946d213531c0b483ab4a61e653a0088f0cae8
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
RqCGEXdC7_5sj_Kkt8_qeoUT_xRWac-Q264tdgEXMUwHIxBr-bvrOg==
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.213.190.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-190-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 07:21:07 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
impl.20230518-8-RELEASE.js
cdn.taboola.com/libtrc/ 		765 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230518-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9f8436738716d8dc738dbdb896a1634ce8bc9403d2a70e13d32b64d1766ee50d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
22kzlXkOKo_CDQO_Y4_mn1EfrRXIljyz
content-encoding
br
via
1.1 varnish
date
Fri, 19 May 2023 07:21:06 GMT
x-amz-request-id
HRQVYWVBHDY6SRZ4
age
22301
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
162982
x-amz-id-2
hTsnQcI78loX9ZW1vsZRWNBkDavOIGYsoDQvZ/18CEYv6rNyP78UgBwGKW2Lz+3c0zvlibJxj/Y=
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Thu, 18 May 2023 09:08:18 GMT
server
AmazonS3-br
x-timer
S1684480867.963800,VS0,VE0
etag
"9bb10a17397d53dd918cb9488a52492f"
vary
Accept-Encoding
content-type
application/javascript
abp
15
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
31493
/
geo.privacymanager.io/ 		30 B
611 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 19:40:44 GMT
via
1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront), 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1, FRA60-P3
age
42023
x-amzn-requestid
43e35517-d257-473c-8639-1146555265d5
x-amzn-trace-id
Root=1-64667f3c-71da5a5b63d1a9b24c17455c;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
FIjRcE8vjoEFl5A=
content-length
30
x-amz-cf-id
VP24vKtllYBBNHcJq0tO92mHgpbJimbOTs0TfDiU9mWWC6Clc2XpqQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
optimize.js
www.googleoptimize.com/ 		117 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-W523ND3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
11a2ecf45a901a08d0bddac8396f4547d5a061febbed7739c338184e0f5c101e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46650
x-xss-protection
0
last-modified
Fri, 19 May 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 May 2023 07:21:07 GMT
tag.aspx
ml314.com/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?194
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 06:23:10 GMT
content-encoding
br
age
3477
x-guploader-uploadid
ADPycdtLj7aiI9Phm7bGbTWJjtyT4RqtMRNj5xXUtmBzgSzvYtwb0cbaA3PlqolHF5F1gbZ_mKgV9IOUiedKUxpXB2rdJtWqSrIX
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10518
last-modified
Mon, 10 Apr 2023 17:13:24 GMT
server
UploadServer
etag
W/"b0965f051977c0dd95ffe2c736cac352"
vary
Accept-Encoding
x-goog-generation
1681146804366265
x-goog-hash
crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type
application/javascript
cache-id
AMS-cba56054
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
32213
accept-ranges
none
js
www.googletagmanager.com/gtag/ 		250 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f7c6b7e1a097cb5ac93dbd6d6f20d8b8eded40183acd7ec3c581066ac932b65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86613
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 May 2023 07:21:07 GMT
gomedia_015a5_the_onion.js
cdn-magiclinks.trackonomics.net/client/static/v2/ 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7600:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash
5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:09:16 GMT
content-encoding
gzip
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
last-modified
Thu, 23 Jun 2022 11:07:33 GMT
server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
x-amz-cf-pop
FRA60-P1
age
18711
etag
W/"17c61-5e21b75ea5252"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-id
9ytfhitylbiYHB9kW58f0rdsjz6URn12BonmfrLPydAtZtJm18dlug==
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230518-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:06 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
291177
expires
60
utsync.ashx
ml314.com/ 		62 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=90810&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.theonion.com%2F&pv=1684480867084_twahkhvbo&bl=en-us&cb=6569733&return=&ht=&d=&dc=&si=1684480867084_twahkhvbo&cid=&s=1600x1200&rp=&v=2.5.3.49
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:06 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
914f6586e0dedc9503c45004112c60e26330477104224f4b03e91b60737e6a23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25345
x-xss-protection
0
server
cafe
etag
289 / 19496 / 31074665 / config-hash: 333621245310265565
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 19 May 2023 07:21:07 GMT
op.js
tagan.adlightning.com/gomedia/ 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/gomedia/op.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb8868fc32945760add8b3a5b3cdbfe45a57ea6e509484152fe8bf003b37fc50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
U5eMmyay38ihHM0L.U.iQicu82wp4FGb
content-encoding
gzip
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
date
Fri, 19 May 2023 06:46:02 GMT
x-amz-cf-pop
FRA60-P4
age
2106
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
16426
x-amz-meta-git_commit
8db6969
last-modified
Thu, 18 May 2023 17:27:24 GMT
server
AmazonS3
etag
"f506c262898985026e5cf22c0fc77d0e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
rfm2zRTZM3x9UHChoNRBFKyeXTBq-YAKp3ZAfGGauFTC90CPPAp0XQ==
vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~05df41a3.363d300fb78faf229ed7.js
www.theonion.com/x-kinja-static/assets/new-client/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~05df41a3.363d300fb78faf229ed7.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
582fd9b394fd8aacd37da7ff532062c5b1d274b20441e35601f1ae44f6b9d340
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-kinja-gdpr
true
x-amz-request-id
PGE6E955YZVN32VM
age
1294137
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
4324
x-amz-id-2
TugkQ6x23CKkhgM1Nmz6DMMLDpIEPCeLHVgCgCnnm2jk3xMwCa/jqRnJuPRH9laLJ3O4CblflNo=
x-served-by
cache-fra-eddf8230126-FRA, cache-fra-eddf8230111-FRA
last-modified
Thu, 04 May 2023 07:48:47 GMT
server
AmazonS3
x-timer
S1684480867.300564,VS0,VE1
etag
"24a9498d1213a702146f438367e2d1c0"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
runtime~videoHtml5.f908bc0cadffd5234cc5.js
www.theonion.com/x-kinja-static/assets/new-client/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoHtml5.f908bc0cadffd5234cc5.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0620cf7101c8bffac1843e723ab638b45b6ebb65a05fd8e9a552db452668f259
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
GS712A60063SQGNE
age
274306
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
2291
x-amz-id-2
aKQ7SP9pYWMTImnhxMyGuunEh5yf7OjSPamYqa25zhcb7of76VlwvOoRQzftxjvXfyhHTuLZ/Fs=
x-served-by
cache-fra-eddf8230043-FRA, cache-fra-eddf8230111-FRA
last-modified
Mon, 15 May 2023 22:07:16 GMT
server
AmazonS3
x-timer
S1684480867.301021,VS0,VE2
etag
"15881914fb0a3677f5a79565796df29a"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
vendor~video-html5-playlist~videoHtml5.3404bd78c2138beb1abe.js
www.theonion.com/x-kinja-static/assets/new-client/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~video-html5-playlist~videoHtml5.3404bd78c2138beb1abe.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8390791fab3a4f38a41db5a1965adb8979102262b3ffbfb12d504b262b6f823
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
V002TQK5V7P8W6RJ
age
114908
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
2219
x-amz-id-2
6s/RwSiUWjyVkVh+YVoezfdmWgoPZX1swQV8PmoulzklcATCXvv3Dg4qkQ64uRN3IZIoA9YKmIbtOiQiyMRhk6rxGUXRQ7VxzKotS1wEGTU=
x-served-by
cache-fra-etou8220091-FRA, cache-fra-eddf8230111-FRA
last-modified
Wed, 17 May 2023 23:22:53 GMT
server
AmazonS3
x-timer
S1684480867.301641,VS0,VE2
etag
"eb3014d73b920f7615361db363eba89c"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
video-html5-playlist~videoHtml5.448fdaf3b9c359dd0799.js
www.theonion.com/x-kinja-static/assets/new-client/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.448fdaf3b9c359dd0799.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aaa4d392749a5faf96a224a63a8221c3384b15a44a6b13ba3256c6deacfc2fb0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-kinja-gdpr
true
x-amz-request-id
3G03VQ7A2Y6WFMJT
age
1343487
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
13444
x-amz-id-2
NmbTA8/RPOiSdAJUE/lN8xCTskOhSim4xMqGyB0kaV+SJ7recxmy1YzdSHY5+uQyiv9o3XxMp40=
x-served-by
cache-fra-etou8220024-FRA, cache-fra-eddf8230111-FRA
last-modified
Wed, 03 May 2023 18:03:01 GMT
server
AmazonS3
x-timer
S1684480867.301180,VS0,VE1
etag
"3f39cc382dcfbb2bda40cb0e66e15fb8"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
3, 0, 1
videoHtml5.e757d5ad26575b2fd5f4.js
www.theonion.com/x-kinja-static/assets/new-client/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/videoHtml5.e757d5ad26575b2fd5f4.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
638cb175b6c9d489fd461421a80dd74569f0873de513aec695e34aa1d2b75304
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
E2HPKA2QDWGE1CBS
age
200046
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
4377
x-amz-id-2
qi3Yi9FPZ4Ews6bKjqQXDmUwyOEXEuoucc8Zp/j91MMA6aWHQv+7BDDSwW/wMQUx9HiIUw+2Oos=
x-served-by
cache-fra-etou8220094-FRA, cache-fra-eddf8230111-FRA
last-modified
Tue, 16 May 2023 21:57:07 GMT
server
AmazonS3
x-timer
S1684480867.301164,VS0,VE1
etag
"0aa96367538d47c90a966deefe23e9f2"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		359 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.448fdaf3b9c359dd0799.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77851be5afb51840c7809b09bcaf75d2220513c2d5a3ac5fb66b173cd3032c34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122524
x-xss-protection
0
expires
Fri, 19 May 2023 07:21:07 GMT
b-8db6969-11fd6bfd.js
tagan.adlightning.com/gomedia/ 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30d6dfd42b9a5f0be38020e3fe03042fe88b4931993c6c63c0b8061e934d727f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 19:33:08 GMT
content-encoding
gzip
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-version-id
HQt7ZtDt1P5TOrLzwiKvyGrv1Hhamfho
x-amz-cf-pop
FRA60-P4
age
2461680
x-cache
Hit from cloudfront
content-length
33634
x-amz-meta-git_commit
8db6969
last-modified
Mon, 31 Oct 2022 20:36:51 GMT
server
AmazonS3
etag
"e4052d126a40ba70c16eb758095d1d13"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
oo0IItNboM0ZEhzQd6qytbzv2VFm9oLCx46ZY9aTKz-BvCSx19b5IQ==
bl-e09f10f-0d1cecf0.js
tagan.adlightning.com/gomedia/ 		50 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/gomedia/bl-e09f10f-0d1cecf0.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
125e539173a50a3dea5c5fdf369e3823754d7bab90fb9107a0088854f676d9b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 17:45:55 GMT
content-encoding
gzip
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-version-id
Hp7s15JqMPjjWdVanor5jo_ZdS7QA.e.
x-amz-cf-pop
FRA60-P4
age
48913
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21784
x-amz-meta-git_commit
e09f10f
last-modified
Thu, 18 May 2023 17:26:50 GMT
server
AmazonS3
etag
"cec4bab0149bb18cab5154697d21d74f"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
zOxuYmQ9kqGqkgzsaxPwSXQVQfABos8KSPm7flJ3274Esod-_R-I9Q==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/ 		407 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074665
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c909c28a92bf7b48807218b7eb333d2e6700bd123064a9625b63e36764ae3d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 18:26:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
46507
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128419
x-xss-protection
0
server
cafe
etag
9945815184239927542
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 17 May 2024 18:26:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		219 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.theonion.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fae5e1f0ad241683e0138a7442b5cab53b0cbad0687c5fc5933aacfb961e12c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140
x-xss-protection
0
expires
Fri, 19 May 2023 07:21:07 GMT
bridge3.574.0_en.html
imasdk.googleapis.com/js/core/ Frame 60F7 		708 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.574.0_en.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f29b2ceedb4715f748435499d0ecb6e642d03e40a30c3cefe1633da65937cfe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
550
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231178
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 07:11:57 GMT
expires
Sat, 18 May 2024 07:11:57 GMT
last-modified
Wed, 17 May 2023 20:24:47 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 May 2023 07:21:07 GMT
ad-manager-bulbs.9314c5be0fc977aeb462.js
x.kinja-static.com/assets/new-client/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/ad-manager-bulbs.9314c5be0fc977aeb462.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
adcaa82dccaaa3cecdc503fc6531653947d6204a997edcbd4d796033fe49751d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
JSFV3VCTCDS52EF7
age
13
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
890
x-amz-id-2
BvN3IGiyiUzp7MxRdNQjmJ/CckdG7ixkO3HP/vfD95MnEV5pnOOe/Z9xZYn4iYbCkV/2+ElfWyg=
x-served-by
cache-fra-eddf8230111-FRA
last-modified
Wed, 17 May 2023 16:02:17 GMT
server
AmazonS3
x-timer
S1684480868.700663,VS0,VE1
etag
"60cc980aa15c3a25170f779267f90ea6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
pub
pixel.adsafeprotected.com/services/ 		556 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-1,ss:%5B1280.720,970.252,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.103.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-103-77.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
eae5bc1041cbcc9e532f14e3fd68c77f0c1fa8e8a7459343cb46252e80af0d84

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
server
nginx
x-server-name
app06.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=YJsrQBaQTm5QW&cb=0&ws=1600x1200&v=23.505.1627&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-2%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_top-banner%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
1GYGCA200MGYNCNEZ7NH
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
-LS28b394lMwByLBYCns-o7fN30NrLaP1LigJ3F_Fee-oCGUw5aHFA==
pub
pixel.adsafeprotected.com/services/ 		537 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-2,ss:%5B970.250,970.251,970.90,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.103.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-103-77.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1142e754f323937fbcf1d75502cb5d49eaef6791d1f0ca9ec7dc8089be3934fe

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
server
nginx
x-server-name
app15.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pbjs
htlb.casalemedia.com/openrtb/ 		35 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=727144
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab09761c22469d661cf56ef6f2a18c29233d98b7422de8cb60ecee68abd86ddf

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMstNtRKW5vfucQwdDQAu8tRxCeI35cFLiq0%2B%2B%2FEK4IfZAYnM%2B3gZEHQtXFc8xV%2FTj6MvzH7F2qaR8uzls%2BO6foDQj1TzexLHUe8wgEuEBVVuUX5l%2FbxG9XrMXgx1YSZXjUt0usA"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c9a94cfab562be2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
expires
0
/
ads.resetsrv.com/ 		0
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.resetsrv.com/
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.197.55.50 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 19 May 2023 07:21:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-methods
GET, POST
content-type
text/html
prebid
ib.adnxs.com/ut/v3/ 		37 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
96d53086746a2d649511ec921c973d81197d3450ed226be5a6bdadeb76d8d4b6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 19 May 2023 07:21:07 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
44f354ca-2f4b-4625-b290-9c0c0da8c19a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.theonion.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
krk.kargo.com/api/v2/ 		2 B
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2244388dd8-31ef-4541-bcd7-328d27e64e40%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1684480867748%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2281f92329fb7918%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%2281f92329fb7918%22%3A%5B%5B970%2C250%5D%2C%5B970%2C251%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%2204bed6a9-129e-45fc-a309-33c83c0c110e%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F2%2Ftop%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F2%2Ftop%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C251%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-2%22%2C%22transactionId%22%3A%2204bed6a9-129e-45fc-a309-33c83c0c110e%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C251%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%2281f92329fb7918%22%2C%22bidderRequestId%22%3A%227ae137a09eb20b%22%2C%22auctionId%22%3A%22b2eda157-6d3b-4f7a-bfb3-80ec0cd60c54%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B0.7999992370605469%5D%2C%22userId.mods.uid2.init%22%3A%5B0.7999992370605469%5D%2C%22userId.init.modules%22%3A%5B4.200000762939453%5D%2C%22requestBids.usp%22%3A0.10000228881835938%2C%22requestBids.userId%22%3A0.20000076293945312%2C%22requestBids.rtd%22%3A19.200000762939453%2C%22requestBids.validate%22%3A0.2999992370605469%2C%22requestBids.makeRequests%22%3A3.6000022888183594%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D%7D%5D%2C%22prebidVersion%22%3A%227.44.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.34.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-34-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:07 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Accept-Ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
Nbr
508
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.theonion.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Krk-No-Bid-Reason
consent
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/ 		18 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=8503939467&lsavail=0
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
gomedia
direct.adsrvr.org/bid/bidder/ 		0
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/gomedia
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.71.161.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac9557e2e67bd8033.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
arj
fusion-media-group-d.openx.net/w/1.0/ 		73 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theonion.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=04bed6a9-129e-45fc-a309-33c83c0c110e&nocache=1684480867753&aus=970x250%2C970x251%2C970x90%2C728x90%2C1600x520&divids=dfp-ad-2&aucs=%252F4246%252Ffmg.onion%252Ffrontpage%252F2%252Ftop&auid=545727625
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ec48043517696a7ea09023e535c5f5c3882c77b5605a39e07f51f57d9f13e955

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.theonion.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb-multi
hb.yellowblue.io/ 		105 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.77.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-77-0.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
557b13c1e04fc36797af23f9e0f94fdad816c0a61d8b32aa50370158b32b6393

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
server
istio-envoy
x-reason
maxmind anonymous vpn
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theonion.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
hbjson
grid.bidswitch.net/ 		24 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.189.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-189-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
87ee9a3c89d4d206e59a11a01c13f43db4bb9a6d39289fd876cc05179431b2d9

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
49
content-type
application/json
auction
tlx.3lift.com/header/ 		19 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.44.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.0.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-0-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:07 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.180.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-180-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 19 May 2023 07:21:07 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		375 B
937 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=392270&zone_id=2189722&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww.theonion.com%2F&kw=TheOnion&tg_v.iab_segments=1-4&tg_i.domain=theonion.com&tg_i.page=https%3A%2F%2Fwww.theonion.com%2F&tg_i.pbadslot=%2F4246%2Ffmg.onion%2Ffrontpage%2F2%2Ftop&tk_flint=pbjs_lite_v7.44.0&x_source.tid=04bed6a9-129e-45fc-a309-33c83c0c110e&l_pb_bid_id=24de7c933177d5d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=04bed6a9-129e-45fc-a309-33c83c0c110e&rp_maxbids=1&p_gpid=%2F4246%2Ffmg.onion%2Ffrontpage%2F2%2Ftop&slots=1&rand=0.3722615551690036
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b76b4acb661d440629c4dd862ef591f99036f473e843d27becc67536deecb9a7

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:07 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theonion.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
375
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 19 May 2023 07:21:06 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.theonion.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.theonion.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 May 2023 07:21:07 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		674 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3797107814779183&correlator=1239546624039493&eid=31072879%2C31074474%2C31074665%2C31074682%2C31074686%2C31074722%2C31074764%2C31070233&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1280x720%7C970x252%7C1600x520&ifi=1&adks=353826005&sfv=1-0-40&prev_scp=article_position%3Dnone%26pos%3Dsplashytop%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dsplashytop-01&eri=1&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1684480867779&lmt=1684480867&dlt=1684480866692&idt=995&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&psz=1280x0&msz=0x0&fws=132&ohw=1600&ga_vid=472714348.1684480868&ga_sid=1684480868&ga_hid=661066023&ga_fc=false&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGL37iJeDMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074665
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3349033a3d8b8e1eb9d4ff54ecd780854a88778979cf8a88a0a74dab4b611614
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
348
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305160101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074665
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
842f87986e3a876c9ae2996c366ae5ef4acb76d887e71196291b4063aa57051f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11204
x-xss-protection
0
container.html
2b77319d7650ed6fda932114414ab49f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B643 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2b77319d7650ed6fda932114414ab49f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074665
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 07:21:07 GMT
expires
Sat, 18 May 2024 07:21:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sync
gum.criteo.com/ 		46 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230518-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
423984
expires
60
json
trc.taboola.com/gomedia1-theonion/trc/3/ 		59 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gomedia1-theonion/trc/3/json?tim=07%3A21%3A07.899&lti=deflated&data=%7B%22id%22%3A660%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1684440757261%2C%22vi%22%3A1684480867896%2C%22cv%22%3A%2220230518-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6027%2C%22nsid%22%3A%22gomedia1-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dgomedia1-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A6027.0625%2C%22mw%22%3A1300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Dgomedia1-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230518-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d56d67f545c960e3dd429f398a4a3e97372f96db2973928e39e562c636fb68fc

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
497
date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230045-FRA
server
nginx
x-timer
S1684480868.906810,VS0,VE497
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.theonion.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=YJsrQBaQTm5QW&cb=1&ws=1600x1200&v=23.505.1627&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-7%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
AN32FYVYATZFCY2HR9JK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
GotfnE4DQi118PJkMSwh05lJN4eycVfGfgPf9uQN2_VBEWCL5G2Hwg==
pub
pixel.adsafeprotected.com/services/ 		285 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-7,ss:%5B970.250,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.103.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-103-77.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2294f133e2353c2abc81238c3db189bf063e27888886a17831e58e0026d4b846

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
server
nginx
x-server-name
app03.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=YJsrQBaQTm5QW&cb=2&ws=1600x1200&v=23.505.1627&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-9%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
27SEZZP9CY2C2HNRNB5K
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
BWlcFsNj2f2oQPXqxZVugZfgrXezM5HaLNSxmbPKqhE0u-tiLOy5ow==
pub
pixel.adsafeprotected.com/services/ 		556 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-9,ss:%5B970.250,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.103.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-103-77.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e40290f01d30182b08170c35cbd3fe0f3754ba69f1756bdda0327fa8d845a546

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
server
nginx
x-server-name
app12.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
hb-multi
hb.yellowblue.io/ 		105 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.77.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-77-0.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
69463b35705eb329709a36bb30991b7d624f8e42df321952efc56c398af2e088

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
server
istio-envoy
x-reason
maxmind anonymous vpn
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theonion.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
bid
krk.kargo.com/api/v2/ 		2 B
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2244388dd8-31ef-4541-bcd7-328d27e64e40%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1684480867924%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22301a1f8697ee285%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%22301a1f8697ee285%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22cd1cb37c-9ab5-40fc-a4cf-855fbefe615c%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F7%2Fmid_banner%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F7%2Fmid_banner%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-7%22%2C%22transactionId%22%3A%22cd1cb37c-9ab5-40fc-a4cf-855fbefe615c%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%22301a1f8697ee285%22%2C%22bidderRequestId%22%3A%22291084e6f20db9d%22%2C%22auctionId%22%3A%22e33794a3-188f-4aaf-aafe-b7503d99cf58%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B0.7999992370605469%5D%2C%22userId.mods.uid2.init%22%3A%5B0.7999992370605469%5D%2C%22userId.init.modules%22%3A%5B4.200000762939453%5D%2C%22requestBids.usp%22%3A0.20000076293945312%2C%22requestBids.userId%22%3A0.09999847412109375%2C%22requestBids.rtd%22%3A7.899997711181641%2C%22requestBids.validate%22%3A0.10000228881835938%2C%22requestBids.makeRequests%22%3A1.7999992370605469%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D%7D%5D%2C%22prebidVersion%22%3A%227.44.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.34.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-34-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:07 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Accept-Ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
Nbr
508
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.theonion.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Krk-No-Bid-Reason
consent
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
hbjson
grid.bidswitch.net/ 		24 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.189.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-189-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3dce887db1a635eb83afd0a0026f485d2b641867ee7cfd20b44de4d94e5080bc

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 19 May 2023 07:21:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
49
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fb067083342028daebc9dc9f31a64a76b8072e39cb58ed1ccfcad56285cdba2d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:08 GMT
AN-X-Request-Uuid
77b18e02-3d6a-4785-aeb8-68b7025ebd64
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.theonion.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		338 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU74RYRS
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
74543d1a2b7e25578c866b57cf25d70e405265c19c2d2616916d18fcfc1cad67

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Fri, 19 May 2023 07:21:07 GMT
cdb
bidder.criteo.com/ 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=58060613753&lsavail=0
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
gomedia
direct.adsrvr.org/bid/bidder/ 		0
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/gomedia
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.71.161.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac9557e2e67bd8033.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
ads.resetsrv.com/ 		0
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.resetsrv.com/
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.197.55.50 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 19 May 2023 07:21:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-methods
GET, POST
content-type
text/html
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 19 May 2023 07:21:07 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.44.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.0.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-0-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:07 GMT
accept-ch
sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
fusion-media-group-d.openx.net/w/1.0/ 		73 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theonion.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cd1cb37c-9ab5-40fc-a4cf-855fbefe615c&nocache=1684480867931&aus=970x250%2C728x90%2C1600x520&divids=dfp-ad-7&aucs=%252F4246%252Ffmg.onion%252Ffrontpage%252F7%252Fmid_banner&auid=545727615
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3a4fc90cf97714d3e6f5cf38b8d73ff238d03f73f6f6e4262e7d0e97774743e4

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.theonion.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.180.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-180-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 19 May 2023 07:21:07 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
gomedia
direct.adsrvr.org/bid/bidder/ 		0
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/gomedia
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.71.161.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac9557e2e67bd8033.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
auction
tlx.3lift.com/header/ 		19 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.44.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.0.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-0-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:07 GMT
accept-ch
sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=24149353356&lsavail=0
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 19 May 2023 07:21:06 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb-multi
hb.yellowblue.io/ 		105 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.77.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-77-0.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
1e2b080a93bf722726efe005d49bb3b2bef59607afa9afcd84c8a743eca76757

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:07 GMT
server
istio-envoy
x-reason
maxmind anonymous vpn
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theonion.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
14
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid
prebid.media.net/rtb/ 		338 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU74RYRS
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
50e9e22760a26e8963522fb08fd2537cd1dd95b6ed9fd608e942440781b15423

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Fri, 19 May 2023 07:21:07 GMT
bid
krk.kargo.com/api/v2/ 		2 B
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2244388dd8-31ef-4541-bcd7-328d27e64e40%22%2C%22requestCount%22%3A2%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1684480867945%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22706cbac38886c73%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%22706cbac38886c73%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22f60814ec-85aa-419c-be27-235a6e2a83f1%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F9%2Fmid_banner%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F9%2Fmid_banner%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-9%22%2C%22transactionId%22%3A%22f60814ec-85aa-419c-be27-235a6e2a83f1%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%22706cbac38886c73%22%2C%22bidderRequestId%22%3A%2269ce81145088927%22%2C%22auctionId%22%3A%222b69924d-23e8-4cde-aac1-60962e010a48%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B0.7999992370605469%5D%2C%22userId.mods.uid2.init%22%3A%5B0.7999992370605469%5D%2C%22userId.init.modules%22%3A%5B4.200000762939453%5D%2C%22requestBids.usp%22%3A0%2C%22requestBids.userId%22%3A0.09999847412109375%2C%22requestBids.rtd%22%3A20.900001525878906%2C%22requestBids.validate%22%3A0%2C%22requestBids.makeRequests%22%3A1.2000007629394531%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D%7D%5D%2C%22prebidVersion%22%3A%227.44.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.34.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-34-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:07 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Accept-Ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
Nbr
508
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.theonion.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Krk-No-Bid-Reason
consent
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.180.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-180-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 19 May 2023 07:21:08 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
arj
fusion-media-group-d.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theonion.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f60814ec-85aa-419c-be27-235a6e2a83f1&nocache=1684480867947&aus=970x250%2C728x90%2C1600x520&divids=dfp-ad-9&aucs=%252F4246%252Ffmg.onion%252Ffrontpage%252F9%252Fmid_banner&auid=545727615
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
29ec1dc4b9f47cf133fc2470982fcaa69d2fef0835492f47d7877bc21e021f30

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:07 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.theonion.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.189.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-189-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6b7c982d0dbbc8a1fa903e68d1daf7476f27fbd2ca8cd044b5e2053cc52d75e5

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 19 May 2023 07:21:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
content-length
49
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		37 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ea4371f89ead55d5300810bb55e29ca76618284d6d68dfb99d3d17e9725f7df2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 19 May 2023 07:21:08 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
43dc5264-f6ad-49a1-88e6-880b364cdcad
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.theonion.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.resetsrv.com/ 		0
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.resetsrv.com/
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.197.55.50 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 19 May 2023 07:21:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-methods
GET, POST
content-type
text/html
syncframe
gum.criteo.com/ Frame F575 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.theonion.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 07:21:07 GMT
server
Kestrel
server-processing-duration-in-ticks
509537
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 19 May 2023 07:21:08 GMT
sid
mug.criteo.com/ Frame F575
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=theonion.com&sn=ChromeSyncframe&so=0&topUrl=www.theonion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=xKgqsnxpeTBtMWhGbU13SEhZOGhVMVlhOEVORlRqbm9tUDNYSFMrRm8wd0thRTJ2cGs5dDQyUHU2dWF6MDlneVpJakNqK09JN01zMGZqaDVsY0ZzdEZ5T09jVEk1WW50T25KejNtZDhJdTJ3VDhEc21RdHdSK2xVTzR5ZH...
433 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=xKgqsnxpeTBtMWhGbU13SEhZOGhVMVlhOEVORlRqbm9tUDNYSFMrRm8wd0thRTJ2cGs5dDQyUHU2dWF6MDlneVpJakNqK09JN01zMGZqaDVsY0ZzdEZ5T09jVEk1WW50T25KejNtZDhJdTJ3VDhEc21RdHdSK2xVTzR5ZHVGcWJZcitFM2w4RUpSWkhaeGxjKzBmTXdFdlc0OTJqUGRSTG9hR0c5RklqYnI1Z09aTU51R0FmZEVNbkhNZkpDSjFGVnUrRlBQd2NjVVBHbmZhNFEwMUFEY3N6VDJRdGlKOWRXZDRXdzRNelE4Z0JqV1pBVnFxQ2Q0OXZRSzJMOGxaems0U1VDTTMyWi9STDZPZTFTWW5JYm9yTEJQZz09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e21c63610abcf91b0a94282ac15072de46d583a99f48a5fa562503a214900f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:08 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1622906
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=xKgqsnxpeTBtMWhGbU13SEhZOGhVMVlhOEVORlRqbm9tUDNYSFMrRm8wd0thRTJ2cGs5dDQyUHU2dWF6MDlneVpJakNqK09JN01zMGZqaDVsY0ZzdEZ5T09jVEk1WW50T25KejNtZDhJdTJ3VDhEc21RdHdSK2xVTzR5ZHVGcWJZcitFM2w4RUpSWkhaeGxjKzBmTXdFdlc0OTJqUGRSTG9hR0c5RklqYnI1Z09aTU51R0FmZEVNbkhNZkpDSjFGVnUrRlBQd2NjVVBHbmZhNFEwMUFEY3N6VDJRdGlKOWRXZDRXdzRNelE4Z0JqV1pBVnFxQ2Q0OXZRSzJMOGxaems0U1VDTTMyWi9STDZPZTFTWW5JYm9yTEJQZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
333537
content-length
0
expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.theonion.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.theonion.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3797107814779183&correlator=1239546624039493&eid=31072879%2C31074474%2C31074665%2C31074682%2C31074686%2C31074722%2C31074764%2C31070233&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x251%7C970x90%7C728x90%7C1600x520&ifi=2&adks=2283483005&sfv=1-0-40&prev_scp=article_position%3Dnone%26pos%3Dtop%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dtop-01%26amznbid%3D2%26amznp%3D2%26fr%3Dfalse%26ias-kw%3DIAS_UNSCORED_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D2.50%26hb_adid_appnexus%3D53da9da2766127d%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D2.50%26hb_adid%3D53da9da2766127d%26hb_bidder%3Dappnexus&eri=1&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&sc=1&cookie=ID%3D65ca2c478d80b716%3AT%3D1684480867%3AS%3DALNI_MY9VxLtKzGJdUGHHsoT5NQra4mQFg&gpic=UID%3D00000c19c0420eca%3AT%3D1684480867%3ART%3D1684480867%3AS%3DALNI_MYxIyQzQglqtb3wMGQvBlzLk54RVA&abxe=1&dt=1684480868096&lmt=1684480868&dlt=1684480866692&idt=995&adxs=315&adys=303&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&psz=1600x290&msz=1600x290&fws=4&ohw=1600&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=472714348.1684480868&ga_sid=1684480868&ga_hid=661066023&ga_fc=false&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGL37iJeDMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074665
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0b1d493856023146a367b1111108bfd1cac71133fa403f9e7a9b260a9ec686c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11663
x-xss-protection
0
google-lineitem-id
4601588782
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138271807375
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 822A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
47744
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 May 2023 18:05:24 GMT
expires
Fri, 17 May 2024 18:05:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 37D3 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d8ce97fa3bd8cff499767a40e24e028e5ecafe0f07dbd15dbd575067afff98e8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1LQzOgbT8Eks478L-ZENiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-1LQzOgbT8Eks478L-ZENiw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 07:21:08 GMT
expires
Fri, 19 May 2023 07:21:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
pagead2.googlesyndication.com/bg/ Frame 822A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rGx2DEvyTJUcTI8TMyI5e4cGeqSZnDc_BhsxSP5O2IU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 16:03:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
141458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14627
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 May 2024 16:03:30 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.theonion.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.theonion.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		381 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3797107814779183&correlator=1239546624039493&eid=31072879%2C31074474%2C31074665%2C31074682%2C31074686%2C31074722%2C31074764%2C31070233&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x520&ifi=3&adks=753366804&sfv=1-0-40&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-01%26amznbid%3D2%26amznp%3D2%26fr%3Dfalse%26ias-kw%3DIAS_UNSCORED_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow%26id%3Db9255154-f615-11ed-901d-0a6fa201f3de%26vw05%3D40%26vw%3D40%2C50%2C60&eri=1&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&sc=1&cookie=ID%3D65ca2c478d80b716%3AT%3D1684480867%3AS%3DALNI_MY9VxLtKzGJdUGHHsoT5NQra4mQFg&gpic=UID%3D00000c19c0420eca%3AT%3D1684480867%3ART%3D1684480867%3AS%3DALNI_MYxIyQzQglqtb3wMGQvBlzLk54RVA&abxe=1&dt=1684480868314&lmt=1684480868&dlt=1684480866692&idt=995&adxs=0&adys=1399&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=472714348.1684480868&ga_sid=1684480868&ga_hid=661066023&ga_fc=false&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGL37iJeDMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074665
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8deed6228178598479b4573d043840919ea989332514bcf88284f565eaf0fa88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
183957-47751755686051.js
js-sec.indexww.com/ht/p/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 19 May 2023 07:10:18 GMT
server
cloudflare
age
446
etag
W/"901b8c-bde7-5fc069d0d551f"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
7c9a94d369db5b2c-FRA
expires
Fri, 19 May 2023 11:21:08 GMT
runtime~trackers.72ff5fb7f8166ed35204.js
www.theonion.com/x-kinja-static/assets/new-client/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~trackers.72ff5fb7f8166ed35204.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7fa261298e7430c764efe74a192a4bb2b3c975032be043c0402d23d800ca438
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
Z5FNT9F98BPQ9J12
age
20136
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
1240
x-amz-id-2
duSgu1TQyN+5uXZz8y9GKrGSem2eZUw3TgmHd4pSbQldmqp72k4Q7bVIQjdookbJz45/2VJFByE=
x-served-by
cache-fra-eddf8230061-FRA, cache-fra-eddf8230111-FRA
last-modified
Thu, 18 May 2023 18:28:03 GMT
server
AmazonS3
x-timer
S1684480868.331059,VS0,VE1
etag
"28ce9e853d973730f3213e688dbbab3d"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0, 1
vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~f03f75f6.85d1e73595bfdd5ac1fb.js
www.theonion.com/x-kinja-static/assets/new-client/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~f03f75f6.85d1e73595bfdd5ac1fb.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b14301c6e55453137555d78d96f03fbfe06dfd5f7b648228770384f9d05b257
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-kinja-gdpr
true
x-amz-request-id
PGEAQDJ0R4HZJZ0X
age
1294138
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
14556
x-amz-id-2
Q1qSTk3NrYsdrkeDxd20GSs4Ar3CW54WgdoM76Kf+KIcRKsVHfROihwKEhK9KyfNbgA6CDiXUL44sOnvcpw8Ug==
x-served-by
cache-fra-eddf8230120-FRA, cache-fra-eddf8230111-FRA
last-modified
Thu, 04 May 2023 07:48:47 GMT
server
AmazonS3
x-timer
S1684480868.336698,VS0,VE1
etag
"75f3ef47af5ef4469b4a4fc23ab3c921"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~f45c433b.4f60635980d0538e6e73.js
www.theonion.com/x-kinja-static/assets/new-client/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~f45c433b.4f60635980d0538e6e73.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d998c7ddc798f324ab6863a89d6900a05201ccc351d8a69dffc3e0820d37a590
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
6777DZMCJWDERWS4
age
276295
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
30788
x-amz-id-2
82QT6nBrbxD8sEyw9SdpsXgVpouwMfm5hx+9JxoRpJVBg7weXz+R/KjLUQEduDdUqjGBaIVN51X5ow7AXpGW8RoSdTVSjBdhsBYjn7/wHxg=
x-served-by
cache-fra-etou8220059-FRA, cache-fra-eddf8230111-FRA
last-modified
Mon, 15 May 2023 22:07:17 GMT
server
AmazonS3
x-timer
S1684480868.336920,VS0,VE1
etag
"e9283107ac6f50052c7505cb86ab7de5"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0, 1
vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~f904d832.b047e35293b44330410c.js
www.theonion.com/x-kinja-static/assets/new-client/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~f904d832.b047e35293b44330410c.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c51a9f78fdccbfbd0c6bf58c7146bf7ea7a6e9c0e27795f07f1247c4c682dd6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-kinja-gdpr
true
x-amz-request-id
PGEEKZBP08FFJRMR
age
1294138
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
29208
x-amz-id-2
FA9uB2y8E2+0w9iond7cbKxANhp9k0CVwTwO0pSe7bDF1d1E9Px90xgV+ZjfGxG3k5LtDNhEOBcvsr8+/L/VFSA++XEEvij4
x-served-by
cache-fra-eddf8230130-FRA, cache-fra-eddf8230111-FRA
last-modified
Thu, 04 May 2023 07:48:47 GMT
server
AmazonS3
x-timer
S1684480868.336874,VS0,VE1
etag
"156025c8b74f9f7dea90404359cb5d0a"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~70ca869d.d5d5e9de972cca1476c3.js
www.theonion.com/x-kinja-static/assets/new-client/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~70ca869d.d5d5e9de972cca1476c3.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98c115c8f099e933183fb18adb4c9f7c5d2b552d1d025d9f90a6a21d2e00dc63
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
3YSZ1S901P03AATG
age
195742
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
1521
x-amz-id-2
3ZVQIlJt/h6BRqvNOhWwGb6lSRCNLHWGW8eC+MbsNy/w99igNZ59AwJYZDrs+DEi6y0NekL76CgJrcH+owH8TQ==
x-served-by
cache-fra-eddf8230103-FRA, cache-fra-eddf8230111-FRA
last-modified
Tue, 16 May 2023 21:57:06 GMT
server
AmazonS3
x-timer
S1684480868.343755,VS0,VE1
etag
"f8f5ee04824fbd9edad156ea80bf6720"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0, 1
vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~040a7305.4a2115a7136db1a38532.js
www.theonion.com/x-kinja-static/assets/new-client/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~040a7305.4a2115a7136db1a38532.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a198440fa540fd8de0dfe887ae1bf7890e4c17b2c99989ff42e6efba7b06361f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
HZHDC4KEJRHZ7S3X
age
270661
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
1045
x-amz-id-2
V6dg5ADcQ3TM9u3LwYzvhuS3o6j0q7redxWQu+IrPDOgTEkTxOrKES6D45isAhojryYK4zh3+snbGzdrMi5lNac0WWx1EVhtdRSJLdyLU8Y=
x-served-by
cache-fra-eddf8230091-FRA, cache-fra-eddf8230111-FRA
last-modified
Mon, 15 May 2023 22:07:17 GMT
server
AmazonS3
x-timer
S1684480868.343695,VS0,VE1
etag
"9e1ebe7611aa4f191b5498ff28184112"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
vendor~curatedHomepage~featureSwitchPageClient~frontPage~modify-commerce-links~renderThumbsModal~sea~f37cf8a0.88978f37716afab12513.js
www.theonion.com/x-kinja-static/assets/new-client/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~curatedHomepage~featureSwitchPageClient~frontPage~modify-commerce-links~renderThumbsModal~sea~f37cf8a0.88978f37716afab12513.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9708fbfcf504ef77c5c4170d1e9db38c159049f8ab47d04f6a452e689cf696aa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-kinja-gdpr
true
x-amz-request-id
V03WNRYADX7JB7VF
age
2065775
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
7001
x-amz-id-2
I0eJLTbsntpcr2fkhfJ5aQoFOoqGFUti215tG2FjMbI80nKKQBck014HLjg+2Y5nmZtbRVNtI7SU/SYllq4S86lJmTffGskW
x-served-by
cache-fra-eddf8230106-FRA, cache-fra-eddf8230111-FRA
last-modified
Tue, 25 Apr 2023 05:32:43 GMT
server
AmazonS3
x-timer
S1684480868.346996,VS0,VE1
etag
"01f64ef2b8592ef8b13bd1f3bfeba967"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
vendor~trackers.9fb1351ec6bf73140995.js
www.theonion.com/x-kinja-static/assets/new-client/ 		112 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.9fb1351ec6bf73140995.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4227e7808bb153943a5c2f8fbb6e877dc2ebea70934f7b223ee112124f8f8d61
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-kinja-gdpr
true
x-amz-request-id
PGEEZVQ9VCCW4Z98
age
1294138
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
40218
x-amz-id-2
5jifpsZjtZv0rrOi/akEG4E0D7MZjKxR5YPm5um5YpK9BLw2lGscx8SJOa3BVjPYudSjY/Hif+8=
x-served-by
cache-fra-eddf8230116-FRA, cache-fra-eddf8230111-FRA
last-modified
Thu, 04 May 2023 07:48:48 GMT
server
AmazonS3
x-timer
S1684480868.347894,VS0,VE1
etag
"d23e3dc6ce53d9a54501bb981fe30a5b"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~c95cfa11.e37af1917240467a37fa.js
www.theonion.com/x-kinja-static/assets/new-client/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~c95cfa11.e37af1917240467a37fa.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea2884cc810612616bee4d3ce0ee4123102e85eee5ee05053d184d8551f79b80
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
9HTGMWXK5TH0YDH4
age
313767
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
4163
x-amz-id-2
4sUfFbTAl8BhNE4Xj/56YGWjIPc6KsDhSfJrSqy3D07hxzfBSG6WAC53ot8JSORpxC1m8u2RMdY=
x-served-by
cache-fra-eddf8230124-FRA, cache-fra-eddf8230111-FRA
last-modified
Mon, 15 May 2023 16:08:23 GMT
server
AmazonS3
x-timer
S1684480868.347506,VS0,VE2
etag
"1ae06c9ce0636b959907228c65b34bce"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0, 1
adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~476ce8d4.e0038f1cc792e3e1f599.js
www.theonion.com/x-kinja-static/assets/new-client/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~476ce8d4.e0038f1cc792e3e1f599.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a59fb3b16429d5ba9bb966f4b60761352a52a95a8874138001559296c687bc9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-kinja-gdpr
true
x-amz-request-id
PGE1YE8KE000VNFA
age
1294138
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
5931
x-amz-id-2
XOXAR36HFX0CDFePIjovwS+RXqrNvVYCVqcnUfULzbPEwU8HhJOgNLSvQ42F6JqdVHAPwV7/5Z4S5aplp3Yuzw==
x-served-by
cache-fra-eddf8230102-FRA, cache-fra-eddf8230111-FRA
last-modified
Thu, 04 May 2023 07:48:42 GMT
server
AmazonS3
x-timer
S1684480868.347492,VS0,VE1
etag
"77164b69386d17b0784417c76adcbcee"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~0306840d.2da1d88e0efdd61fee24.js
www.theonion.com/x-kinja-static/assets/new-client/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~0306840d.2da1d88e0efdd61fee24.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cfbb185b57de51b612c207ebaad5d9f8e49a4103d6c94cb5259281f66e7ebc5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-kinja-gdpr
true
x-amz-request-id
5B4TVGBZJ2NQ9EGC
age
760438
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
9014
x-amz-id-2
3rO95hHGEoaFNSbvHvswm0xHMz1yllxAnuxKWAKUA5coB4jKowVWhYk5VToC0n22i0p5TFFMfqY=
x-served-by
cache-fra-etou8220030-FRA, cache-fra-eddf8230111-FRA
last-modified
Wed, 10 May 2023 12:07:10 GMT
server
AmazonS3
x-timer
S1684480868.347489,VS0,VE2
etag
"619e3a90a9bfc951a817ceaf1fa87609"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~eeddd51f.2a01509de445418880f9.js
www.theonion.com/x-kinja-static/assets/new-client/ 		108 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~eeddd51f.2a01509de445418880f9.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acb40f0e0250a0b0b61278541a84c0fd936728dbd16316f3a4695b7cf576147e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-kinja-gdpr
true
x-amz-request-id
R4J2BQ9YBHNAGGVM
age
726431
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
45003
x-amz-id-2
tlhGPpdnVoxukT1EULcbgaxhga4o3c+ImdcSXeZDOrbUaGsrfaYweAPygZ/BHIdDvL04FN8g4L0=
x-served-by
cache-fra-eddf8230030-FRA, cache-fra-eddf8230111-FRA
last-modified
Wed, 10 May 2023 21:29:41 GMT
server
AmazonS3
x-timer
S1684480868.347483,VS0,VE1
etag
"bd4f39a26d3e92dcd6cb8b2315aaeb07"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~72064dd3.9e8001d0d97e1f2bd9cf.js
www.theonion.com/x-kinja-static/assets/new-client/ 		84 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~72064dd3.9e8001d0d97e1f2bd9cf.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b4d7f0e2316e5817ad26ef504acd2791226ebbf2e9fe1a7fbfa92fa4ed5c7a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-kinja-gdpr
true
x-amz-request-id
PGE4DDSPRMRQTTHJ
age
1294138
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
13092
x-amz-id-2
fvliML0WIRs4OQV1YygkkAauwfcIZx5i0xkImMpN6JItu9Z1VCT81wy4fJ3208uo3jOS2Xe09rA=
x-served-by
cache-fra-eddf8230130-FRA, cache-fra-eddf8230111-FRA
last-modified
Thu, 04 May 2023 07:48:42 GMT
server
AmazonS3
x-timer
S1684480868.348152,VS0,VE1
etag
"efd51344b6bca74a73d53a79b9b537df"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.6f6cb90bc1205838d8d0.js
www.theonion.com/x-kinja-static/assets/new-client/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.6f6cb90bc1205838d8d0.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01c61fa8398bb360b7a71e2e36392400568e53e0c560ac795294826134e58495
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
ZCJ3HG4B8F88RC3W
age
288201
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
5059
x-amz-id-2
7PDOgzzLch6UiQD/F2HKlCwPbb4chayPWqlSAFcX2vurA+J5m700opgOu53HZp8qoaYGowvkjddrdqHfA7En2vGXKRX6BQEVVyZ01FlEA6Q=
x-served-by
cache-fra-etou8220023-FRA, cache-fra-eddf8230111-FRA
last-modified
Mon, 15 May 2023 18:06:11 GMT
server
AmazonS3
x-timer
S1684480868.348162,VS0,VE1
etag
"4e950e325096c1d0a28c13eea6bcbf29"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
trackers.0eef6e830a2831703717.js
www.theonion.com/x-kinja-static/assets/new-client/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/trackers.0eef6e830a2831703717.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f183ae165bdd51639e9d3f3d1a8f48f0cb5853af1ec99ed28854f49d06bbd88d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
26X2RES9Q09HV5KW
age
61297
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
3746
x-amz-id-2
LahoCsFOfdPTPrEEBwSbtHafql364rwFEf2AvUYDCmZFCoz/ivJBpc7+Bguapxb5Z4dUvQyCnTQ=
x-served-by
cache-fra-etou8220050-FRA, cache-fra-eddf8230111-FRA
last-modified
Thu, 18 May 2023 14:17:14 GMT
server
AmazonS3
x-timer
S1684480868.351081,VS0,VE1
etag
"f9cb40b5924fb96aca416f153777a230"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 1
runtime~curatedHomepage.3fbfc1bcea77bcff0c97.js
x.kinja-static.com/assets/new-client/ 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/runtime~curatedHomepage.3fbfc1bcea77bcff0c97.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3260793cefa28c184a57cd6241e48167e21d8ac279ec2f879ed00244bcd83cda
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
RFASG748PFKEEGWZ
age
39
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
5463
x-amz-id-2
QiOI8dZKOSh2Y0aL1XKzbLSjbtc4qkXpLbCEX1VWVnFQGij8tULYSSvbOGwTCNQSG37zT1hS1KTpuPfrl0zgIwZNGwKC5xN0v+0CJeYJKfY=
x-served-by
cache-fra-eddf8230111-FRA
last-modified
Wed, 17 May 2023 23:22:51 GMT
server
AmazonS3
x-timer
S1684480868.351470,VS0,VE1
etag
"af0ba7671b1be18c05d5ef907931c598"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
vendor~adEditor~alertsUnsubscribePage~biztoolsPage~celebrityPage~channelSectionPage~commerceDashboar~8d04fbb7.a43694a389c65fb3e763.js
x.kinja-static.com/assets/new-client/ 		119 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~celebrityPage~channelSectionPage~commerceDashboar~8d04fbb7.a43694a389c65fb3e763.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70cf567f57e13e91d4c7b2442eb95f49764108be111f38589109249933960bb5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
WH83JB69TK930YAY
age
100
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
33702
x-amz-id-2
JAlwzjGHj37O8xb5ecVaiZSm/gJJNB7TGe88Rs8GtV6Uwpio1hE9W+77T3irqW/kmdJ78CSbO5T6XW3diBt9pQ==
x-served-by
cache-fra-eddf8230111-FRA
last-modified
Mon, 15 May 2023 22:07:17 GMT
server
AmazonS3
x-timer
S1684480868.351094,VS0,VE0
etag
"ec60ce99ad7486d0e62544c35712308b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
vendor~PlaylistCarousels~YMALModule~adEditor~alertsUnsubscribePage~biztools~car-comparator~car-selec~1e23358a.76dcf4a78395f7e74ea6.js
x.kinja-static.com/assets/new-client/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendor~PlaylistCarousels~YMALModule~adEditor~alertsUnsubscribePage~biztools~car-comparator~car-selec~1e23358a.76dcf4a78395f7e74ea6.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
221c51d6190d8c5cf2217bc17bc7ed47c99c31528fb2b8800c4c0233742a5038
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
A89G6R39VA17CA3D
age
56
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1692
x-amz-id-2
XJRFviSDNtPUNhpFIBUnzIryf8sh+8c19tGENwPighJWXZ2Ts3VYXhUCX00lmWY0Jh5T+kPrCJQ=
x-served-by
cache-fra-eddf8230111-FRA
last-modified
Mon, 08 May 2023 20:29:11 GMT
server
AmazonS3
x-timer
S1684480868.350856,VS0,VE1
etag
"9ed40de431b082343b1a463413baf555"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~54efeee3.605ac1163a45afc6e8cb.js
x.kinja-static.com/assets/new-client/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~54efeee3.605ac1163a45afc6e8cb.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5db6dc59e662741fc2c7cd4961e31ab13a1afa0bc8efac1ed7fe8aab6ed242eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
3H942A7GD5JSP28E
age
77
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
805
x-amz-id-2
0ua4l3u4phM0+bJvOJcKM1h92XBJhFm0X033eiK93BMBSVPdpiPZ65wFnUF8bY0qZ01cHyC8s1lhWGCyb0YpeA==
x-served-by
cache-fra-eddf8230111-FRA
last-modified
Thu, 04 May 2023 07:48:47 GMT
server
AmazonS3
x-timer
S1684480868.350831,VS0,VE0
etag
"ac36be15eeac89620b4a85d865597139"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
vendor~curatedHomepage~frontPage~modify-commerce-links~searchPage~tagPage.77f11d3d0d583d537b53.js
x.kinja-static.com/assets/new-client/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendor~curatedHomepage~frontPage~modify-commerce-links~searchPage~tagPage.77f11d3d0d583d537b53.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3f483b4c4f941a7cc1860356329639370e23b643ba93da4be31500be0b4c1ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
T4H07JVYFZ8F82G6
age
53
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
6518
x-amz-id-2
hNhhllsOOax/9ym3VcUG2G6K7XAtH3E/tyZAUKo7x4UwB7IyOyHyhTqvx8mSFvro/wcSC7VlRWE=
x-served-by
cache-fra-eddf8230111-FRA
last-modified
Thu, 04 May 2023 16:32:59 GMT
server
AmazonS3
x-timer
S1684480868.350826,VS0,VE1
etag
"c7097200d8bc0d095ace2acc71d445ea"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
vendor~curatedHomepage.d9da915b21ff1bbca473.js
x.kinja-static.com/assets/new-client/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/vendor~curatedHomepage.d9da915b21ff1bbca473.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e654dc4aa833a34b4871aa86e91240fe6b88560fdffcd9b1023d9cc31d1753d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
4V86SB01TEXC81QS
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1283
x-amz-id-2
HCAR1Lf7o5ukw4VQ43fiiZrUnIc3QBdDPZtFZMP+wzJ1wS+P2s51i5B/OH/pvjujFOkYbGW4EgM=
x-served-by
cache-fra-eddf8230111-FRA
last-modified
Mon, 15 May 2023 22:07:18 GMT
server
AmazonS3
x-timer
S1684480868.350828,VS0,VE1
etag
"63343bc59af456cf511770e8acf1469d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
PlaylistCarousels~YMALModule~alerts-form~alerts-modal~biztools~car-comparator~car-selector~car-shopp~c138c134.5300d4e7905bdd642bf7.js
x.kinja-static.com/assets/new-client/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/PlaylistCarousels~YMALModule~alerts-form~alerts-modal~biztools~car-comparator~car-selector~car-shopp~c138c134.5300d4e7905bdd642bf7.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e575bd6b4933326a8991eb95f551350b3cca9169b7c131313fdc0178453d77b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
DPGMHMK79VNWKXFS
age
115
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
6737
x-amz-id-2
J/pi11ItmNMXJTPx58UDQGE/nJWcbo1tMk794zWB6jdrQkaEyCLEcXcnEepaHNEV1boPKn4j07c=
x-served-by
cache-fra-eddf8230111-FRA
last-modified
Mon, 15 May 2023 18:06:11 GMT
server
AmazonS3
x-timer
S1684480868.368706,VS0,VE0
etag
"e5eff1f65b42285b52244b802701cc80"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
curatedHomepage.62c0a21eb5a89d9fdccd.js
x.kinja-static.com/assets/new-client/ 		108 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/curatedHomepage.62c0a21eb5a89d9fdccd.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
231212e9802fc94bc932e88ab63103b2f2f54772ced3d01b873383e4c9c05be6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
RFANDNTYXSZZE2WB
age
39
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
22289
x-amz-id-2
RrIXie5hDh5TKSof29dCiU5V69bBfgoN8lRGNTu89QK9pGEQSazk91h7Xorvp3M4UseB2XhIhAbGnUgL6Puez1VS/WvLu0KyV06U2q8MChg=
x-served-by
cache-fra-eddf8230111-FRA
last-modified
Wed, 17 May 2023 23:22:47 GMT
server
AmazonS3
x-timer
S1684480868.368810,VS0,VE1
etag
"a3e5c69a72b672ecad85a54344aa2064"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3797107814779183&correlator=1239546624039493&eid=31072879%2C31074474%2C31074665%2C31074682%2C31074686%2C31074722%2C31074764%2C31070233&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x520&ifi=4&adks=3426865480&sfv=1-0-40&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-02%26amznbid%3D2%26amznp%3D2%26fr%3Dfalse%26ias-kw%3DIAS_UNSCORED_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D1.75%26hb_adid_appnexus%3D81ccad9611037ad%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D1.75%26hb_adid%3D81ccad9611037ad%26hb_bidder%3Dappnexus&eri=1&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&sc=1&cookie=ID%3D65ca2c478d80b716%3AT%3D1684480867%3AS%3DALNI_MY9VxLtKzGJdUGHHsoT5NQra4mQFg&gpic=UID%3D00000c19c0420eca%3AT%3D1684480867%3ART%3D1684480867%3AS%3DALNI_MYxIyQzQglqtb3wMGQvBlzLk54RVA&abxe=1&dt=1684480868368&lmt=1684480868&dlt=1684480866692&idt=995&adxs=0&adys=1970&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=472714348.1684480868&ga_sid=1684480868&ga_hid=661066023&ga_fc=false&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGL37iJeDMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074665
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
660bfebc886cf156f4131562f7c6fdf32e5b976bbdaa54ff13a9782b1d404cfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11664
x-xss-protection
0
google-lineitem-id
4601587669
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138271807375
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 37D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305160101&jk=3797107814779183&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
publisher:getClientId
ampcid.google.com/v1/ 		74 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FBJXBGD4M8&gtm=45je35h0&_p=661066023&cid=472714348.1684480868&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684480868&sct=1&seg=0&dl=https%3A%2F%2Fwww.theonion.com%2F&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&uid=none&en=page_view&_fv=1&_ss=1&ep.site_section=1636079510&ep.content_channel=none&ep.content_section=none&ep.content_subsection=none&ep.content_role=&up.adblock=false&up.user_type=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pid
www.theonion.com/api/magma/veritas/ 		40 B
861 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/api/magma/veritas/pid?cb=1684480868487
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.9fb1351ec6bf73140995.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
1438700bc5c08c81bbc8eab227772b9898a6cc68a8e66a2fb8b366a663a29b74
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-kinja-server
kinja-magma-kube03-5c8f7ddbb7-plzq6
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
date
Fri, 19 May 2023 07:21:08 GMT
x-kinja-gdpr
true
x-kinja-build
4113
x-powered-by
Express
x-cache
MISS, MISS, MISS
x-ua-device
desktop
x-kinja-superheroloaded
true
x-kinja
kinja-magma-kube03-5c8f7ddbb7-plzq6 #4113
x-cdn-fetch
mantle-nocache
content-length
40
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200151-IAD, cache-iad-kcgs7200058-IAD, cache-fra-eddf8230111-FRA
x-googlenews-bot
false
x-timer
S1684480868.488549,VS0,VE117
etag
W/"28-fPHMXDOQ+nKv3xsMugZz1zawKR8"
vary
Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location
content-type
text/html; charset=utf-8
cache-control
private, no-store, no-cache
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-kinja-revision
24aa977b9ed6940301536d921e202aaec851e913
x-cache-hits
0, 0, 0
tag
btloader.com/
Redirect Chain
  • https://kinja-com.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=kinja-com&upapi=true
15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=kinja-com&upapi=true
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0372641a363eeb5b3cc18cd2e859319fa47e8f20f39313f73ebf9b8fa757e2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 May 2023 07:03:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
943
etag
W/"c205a81d1ade9aed8e0f314690fba7dd"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BU02aCafFmue3FQdA122RrH3ihw2%2FXppaLaaqJ53BHzroi7AvVH1q1Hh7dc96qihM2FdyCm3MWzLN3ItuaOdP6PJC5lX7hli4kYNCYPXqREaHqFA4HmoY1ktU4RpZ5bNT8w4G1zUbkF%2FIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7c9a94d77bcf1c28-FRA

Redirect headers

date
Fri, 19 May 2023 07:21:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4bmLcGyYXrJpXMQ6IYLXmIdOdcS6xikvCO2iIsuJFC%2BBzGHkYmXr4BMiACZj73uyZau5YlFssNLqopHusYOiNn7T6JcmrsmdTmCZh8HoEwGAftC66qDNxI8O%2BSdDFLvpueqj75FqVtEddHWCC1HkFA4sdXk1x2c%2FkU%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=kinja-com&upapi=true
cache-control
max-age=3600
cf-ray
7c9a94d45b273814-FRA
expires
Fri, 19 May 2023 08:21:08 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 01:10:22 GMT
content-encoding
gzip
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
22246
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
oJUvDnz4S94YZ6-jkVGf8bHcm5g5Cj5qVeOuN8oESLmkxQmnjreFiQ==
expires
Sat, 20 May 2023 01:10:22 GMT
/
insight.adsrvr.org/track/evnt/ 		70 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 19 May 2023 07:21:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
iframe-communication.b8862d0cd27d574861d9.js
x.kinja-static.com/assets/new-client/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/iframe-communication.b8862d0cd27d574861d9.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dbca21de82ba69b1bc23cd1c49721d7b763db98007a74397ad196d494e552f19
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
CWGJ5P5Z7F9DVQBZ
age
23
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1218
x-amz-id-2
sPgt7pWc4f5+4kHKU0wuRguPUsu0JQ2NeDjVsVujMzrjik6N9zo2bQP4g6v0OrAId0Av1BQgyzM=
x-served-by
cache-fra-eddf8230111-FRA
last-modified
Mon, 08 May 2023 20:29:09 GMT
server
AmazonS3
x-timer
S1684480869.509884,VS0,VE2
etag
"aa0ce04290e2a01380cb9b1ab0a85b3f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
next-video-loader.d46c5121ebeea651b02b.js
x.kinja-static.com/assets/new-client/ 		2 KB
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/next-video-loader.d46c5121ebeea651b02b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5499c873a87eb32edcdf9e4591b91193a980cc9ed71ae80d56466f20ac33980
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
3H952SKEDPX9RB64
age
22
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
709
x-amz-id-2
kxCVotVfNx22SxYtUSI6tSKChn3y45xPaArinw+mQhLhppPzu4AnuSqPaTppV0Hjv5mpQPsKIanvR8rRqOiP5VP29Tkhk9IC
x-served-by
cache-fra-eddf8230111-FRA
last-modified
Thu, 04 May 2023 07:48:45 GMT
server
AmazonS3
x-timer
S1684480869.515274,VS0,VE1
etag
"6494b5ed31d4500afb848ec5a1ef4c7d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
adEditorComponent~api-video-meta~feed-stream-load-more~getShowBrowserData~in-article-selector~render~352baa22.6071083b0d296c14c828.js
x.kinja-static.com/assets/new-client/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/adEditorComponent~api-video-meta~feed-stream-load-more~getShowBrowserData~in-article-selector~render~352baa22.6071083b0d296c14c828.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73e0b4849267d52ad5b7ec2770d92fb24b85b127aa7ae835700f6d5d0e755c0f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
4BJ6F6SWX6GRDM7D
age
34
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1899
x-amz-id-2
qTnXRtX7ejoyyPVbUW4dA/a3QfmcX6M5i0p0K0IaVGJb6McksTvrD9Qu4yK8ijRJzANjt9ioUHw=
x-served-by
cache-fra-eddf8230111-FRA
last-modified
Tue, 09 May 2023 18:26:35 GMT
server
AmazonS3
x-timer
S1684480869.515859,VS0,VE1
etag
"5cf61bd843998ad94ef5b09e6853d38b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
api-video-meta.0f24c8b17bc45e467906.js
x.kinja-static.com/assets/new-client/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.kinja-static.com/assets/new-client/api-video-meta.0f24c8b17bc45e467906.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7ebec103c04aedd9c1b8e8136c0afc3d979b46c8d1cc92f8a4a9ea62dc6f3aa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
DRS7YD0BTC56RS4M
age
100
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1699
x-amz-id-2
RLDdwnQLDo25cMSwxeLgF5QJ3pO+9lJLNTo9XMLabCZUxb74AoQnHZCXxAl0uroIN+5vFhnj5qs=
x-served-by
cache-fra-eddf8230111-FRA
last-modified
Tue, 16 May 2023 21:57:01 GMT
server
AmazonS3
x-timer
S1684480869.516056,VS0,VE0
etag
"7dff80ea9d7a867ec9f469e1ff8843e5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
roboto_condensed_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_bold-webfont.woff2?11012022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
KDZQWEDHPT69FPD2
age
60
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
15660
x-amz-id-2
FwduhEeOoE85CNAs3+ck8e8W7bOdc8BkTVIUkm3d6ZzzI0q/SJTgFXitTXMBDdHyexpiYhNPqZ8=
x-served-by
cache-fra-eddf8230047-FRA
last-modified
Fri, 13 Jan 2023 15:40:57 GMT
server
AmazonS3
x-timer
S1684480869.527725,VS0,VE0
etag
"d7b0b953a50fddaa88089b5b787cf719"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
3
roboto_condensed_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_reg-webfont.woff2?11012022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
563YCJKW05V1F2RY
age
42
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
15700
x-amz-id-2
AOKxzz7KSbFSOyL3zNGyVkWEUqPiBupH3OftBYWSJZHKHUSOjz1C4hDPF5kql0C5GChjPyVv8j21pmB3FP+uCktlL1r9aUcS
x-served-by
cache-fra-eddf8230047-FRA
last-modified
Fri, 13 Jan 2023 15:40:59 GMT
server
AmazonS3
x-timer
S1684480869.528693,VS0,VE0
etag
"3d7f7413fca69bff4d231ebdc50aaab0"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
3
libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
RH7Z9QBPZWY74SJ8
age
25
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
17984
x-amz-id-2
eAmZTngXZqKd7eCKSQLSNd4IPWfqZcPz7aUqtmmS1NSy6XX6aMfMfC0toSsVdi6PPyWM38Aiq7M=
x-served-by
cache-fra-eddf8230047-FRA
last-modified
Tue, 16 May 2023 21:52:45 GMT
server
AmazonS3
x-timer
S1684480869.530054,VS0,VE0
etag
"0518781cd45a71291d17ea1febfcc5fe"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
3
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.0.1/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
857658
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
31023
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Tue, 09 May 2023 09:06:26 GMT
server
AmazonS3
x-timer
S1684480869.592237,VS0,VE0
etag
"f42b894e197d2128ee7d3b438e0ac56d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Vhm6dOEKajN0FRv5wq0rnJkAbon7mYzOuY27F6XguPOQ7eVWctdV0A==
x-cache-hits
96161
feed-card-placeholder.20230518-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230518-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e0965136e734301a52949c28baca0805656c2f10c760df1bff1f1c77adca2f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
24VOG_407KKCv5MlYdKGfDqed2N7lgcO
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 07:21:08 GMT
x-amz-request-id
EFF54CT2VSJMET7M
age
79189
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
wDqEP+XbHHm4hHEU8c/8iAPaQJuwGxoXf+Q4irNyKLjKrmd3R3ENkdPyipJSqNectBVEcdCeogQ=
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Thu, 18 May 2023 09:21:20 GMT
server
AmazonS3
x-timer
S1684480869.593202,VS0,VE0
etag
"3227529fecd4f73c0897564641aecf94"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
15
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
102571
userx.20230518-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230518-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c11a0a8024a93ad645ce69ca93cfa8bd0054ae75f5ca36a24e1e448257d5dab8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
RArzGiLUn3wCwrqgb8Xi9pnIOzkTQdqf
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 07:21:08 GMT
x-amz-request-id
MHEAAZNV38ZB76NG
age
79208
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
tqTCES84KqRVi7b5VsT82bjbYffZICn41uTt4xwxWSqHcDsllu5lyt3HhBDSLtzOC4REOzB3+fA=
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Thu, 18 May 2023 09:21:01 GMT
server
AmazonS3
x-timer
S1684480869.610538,VS0,VE0
etag
"ee026d2d010dee59f1b9ad943b815f82"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
15
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
21065
distance-from-article.20230518-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230518-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e55ca76e105c30a8de2bd2b139abc4fdfa427006463089b50cc1b10b239129b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
ShlPRe8H11jQc7yIWY7KwqEnIv6rP4ep
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 07:21:08 GMT
x-amz-request-id
NEJCSX8BSN0S70CY
age
79172
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1135
x-amz-id-2
QFLTpdJpLuhfsvBIgtEXdK5WXxTsB+MVcRuVofkVYCpKV0yyscvPYl+LiaX/JxT72OfKE96wGNc=
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Thu, 18 May 2023 09:21:37 GMT
server
AmazonS3
x-timer
S1684480869.610949,VS0,VE0
etag
"932efecd9af20727d5c178fbc31974e2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
15
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
113306
article-detection.20230518-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230518-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
259481fa6cfdf7020f1881da103ea0c9b7b0cdaa973b540a38562610b431fc89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
Vzoa1IIspc_sVTs51ACYO.rW2Sm4.Odv
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 07:21:08 GMT
x-amz-request-id
321JJYF95SYHWA96
age
79153
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1236
x-amz-id-2
gr71wzLu5id9GwuHTsR7xAjIVn8DdH63bWkuV4AnKmJKqCDkQbYWOEfJElr/qb/aLCcR+0KUfPU=
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Thu, 18 May 2023 09:21:55 GMT
server
AmazonS3
x-timer
S1684480869.611140,VS0,VE0
etag
"4b754fb87a86aa832f9afb70da675578"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
15
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
141187
share-buttons-detection.20230518-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		1 KB
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/share-buttons-detection.20230518-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c9ece454c486d93962d0c5defd04da41bbf7d347e047f466cb7425937f42fd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
jyXwo0ZAXVcBXdkRYv_Pfpo4RfXXAxCp
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 07:21:08 GMT
x-amz-request-id
B9WRJKVPH9K60V4W
age
79232
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
679
x-amz-id-2
8JSLw2RSChal09bW6n3NHyDUgnOr+qw/qh24L/8uJUxlq5kVHV2B/Q2zRE/I+GVwZXYpLRZLF00=
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Thu, 18 May 2023 09:20:37 GMT
server
AmazonS3
x-timer
S1684480869.611488,VS0,VE0
etag
"a820c665139b9bb9c53e139ff388254e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
15
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
141103
abtests
am-trc-events.taboola.com/gomedia1-theonion/log/3/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/gomedia1-theonion/log/3/abtests?route=AM:AM:V&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1684480868635%7D&tim=07%3A21%3A08.635&id=7367&llvl=2&ri=f9249782bb216387cd329a32be903c02&sd=v2_e713ea3da7d860728fff9fee3660ff5f_6be555f6-58fa-4d87-8679-5ee521b7d5ea-tuctb60a8e3_1684480867_1684480867_CIi3jgYQ5LxeGLj8iJeDMSABKAEwODib4wlAiYoQSMOz2QNQ____________AVgAYABoju2OwMrc5JWsAXAA&ui=6be555f6-58fa-4d87-8679-5ee521b7d5ea-tuctb60a8e3&pi=/&wi=3642577999104193222&pt=home&vi=1684480867896&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230518-8-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
https://www.theonion.com
pragma
no-cache
date
Fri, 19 May 2023 07:21:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/gomedia1-theonion/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/gomedia1-theonion/log/3/abtests?route=AM:AM:V&lti=deflated&ri=f9249782bb216387cd329a32be903c02&sd=v2_e713ea3da7d860728fff9fee3660ff5f_6be555f6-58fa-4d87-8679-5ee521b7d5ea-tuctb60a8e3_1684480867_1684480867_CIi3jgYQ5LxeGLj8iJeDMSABKAEwODib4wlAiYoQSMOz2QNQ____________AVgAYABoju2OwMrc5JWsAXAA&ui=6be555f6-58fa-4d87-8679-5ee521b7d5ea-tuctb60a8e3&pi=/&wi=3642577999104193222&pt=home&vi=1684480867896&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1684480868601%7D&tim=07%3A21%3A08.601&id=7848&llvl=2&cv=20230518-8-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 19 May 2023 07:21:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 07:21:08 GMT
x-amz-request-id
TVRHNHYBPQ9HMG0X
age
77
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
uFbaSJk9yktyAUFgMlgPkVbCzqgaR0HXe4qprVaC8AF1ppw4MYEqjVCkDKZnUzIdcOL0Pli8bIw=
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1684480869.651415,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
15
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
121
b-8db6969-11fd6bfd.js
tagan.adlightning.com/gomedia/ Frame 55A7 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30d6dfd42b9a5f0be38020e3fe03042fe88b4931993c6c63c0b8061e934d727f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 19:33:08 GMT
content-encoding
gzip
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-version-id
HQt7ZtDt1P5TOrLzwiKvyGrv1Hhamfho
x-amz-cf-pop
FRA60-P4
age
2461681
x-cache
Hit from cloudfront
content-length
33634
x-amz-meta-git_commit
8db6969
last-modified
Mon, 31 Oct 2022 20:36:51 GMT
server
AmazonS3
etag
"e4052d126a40ba70c16eb758095d1d13"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
LUkS0uAgvKM8z0osVcRMgCqtrFmX5jTDqFVfAT1IXIwrJDfXzbJspg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 55A7 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 May 2023 07:21:08 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 55A7 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&seltag=1&sadv=4531748607&ord=2260375129&litm=4601588782&scrt=138271807375&unit=970x250&splc=152253218&adu=22405397127&adsrv=104&btreg=4601588782138271807375&btadsrv=4601588782138271807375&cb=463759132&region=70dvtagver=6.1.src
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:2030:0:4e::d59b:9dc8 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d2a873aa95722b428af0c085721321a67a0f0a996ef2ba9d4e78a1b8d3af20e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 07:21:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 May 2023 07:00:22 GMT
Server
Microsoft-IIS/10.0
ETag
"087d6695689d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3371
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=YJsrQBaQTm5QW&cb=3&ws=1600x1200&v=23.505.1627&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-12%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
62S2EPHFZ3Z3G2SN77A0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
4JQVvuW9G3atfwAINQQzPohGk2amEFwycxN_wumhdmtxY-4OYoiCVg==
pub
pixel.adsafeprotected.com/services/ 		557 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-12,ss:%5B970.250,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.103.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-103-77.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7214ee722d990c931bbd2536e69544b75b0171213b01be556afd65a842f81011

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
server
nginx
x-server-name
app12.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
publisher:getClientId
ampcid.google.de/v1/ 		3 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
hbjson
grid.bidswitch.net/ 		24 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.189.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-189-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
9342c689c622d3721614af2d4ac5d707f92e3862cb91756f73ba7390de19d9dd

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 19 May 2023 07:21:09 GMT
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
49
content-type
application/json
gomedia
direct.adsrvr.org/bid/bidder/ 		0
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/gomedia
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.71.161.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac9557e2e67bd8033.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
ads.resetsrv.com/ 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.resetsrv.com/
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.197.55.50 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 19 May 2023 07:21:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-methods
GET, POST
content-type
text/html
arj
fusion-media-group-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theonion.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a1a03970-2178-49d2-8294-7c4be58ee66e&nocache=1684480868979&aus=970x250%2C728x90%2C1600x520&divids=dfp-ad-12&aucs=%252F4246%252Ffmg.onion%252Ffrontpage%252F12%252Fmid_banner&auid=545727615
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7c69059108d0ff02e4ff45fe0d583a4fb79b5ae96abb12e0c9390f7156084def

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.theonion.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		338 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU74RYRS
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
97432e526af0b3fa4ae90e92f280d03252b835d011575db0ad784cbe07e7578d

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Fri, 19 May 2023 07:21:08 GMT
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=4934833169&lsavail=0
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
39d8155e730f6f3306f4aef38abc2011f1c8d8a99d1ca0ea1989a34522c56057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1658
auction
tlx.3lift.com/header/ 		19 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.44.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.0.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-0-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:08 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb-multi
hb.yellowblue.io/ 		105 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.155.77.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-77-0.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
924c1e29dd61419934bf5c2c33646c53c428fe1ae74360d3a879303440f7ac2b

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 07:21:08 GMT
server
istio-envoy
x-reason
maxmind anonymous vpn
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theonion.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
v1
btlr.sharethrough.com/universal/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.180.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-180-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 19 May 2023 07:21:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		37 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0dc504b96b65395ceeed5dba1f184d42c2927e97bae9d744e54d9f8a4ab464d0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 19 May 2023 07:21:09 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
207fa465-a926-4924-b0c6-14613b24fcb7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.theonion.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 19 May 2023 07:21:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
krk.kargo.com/api/v2/ 		2 B
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2244388dd8-31ef-4541-bcd7-328d27e64e40%22%2C%22requestCount%22%3A3%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1684480868986%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%221089f80dddd25a8a%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%221089f80dddd25a8a%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22a1a03970-2178-49d2-8294-7c4be58ee66e%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F12%2Fmid_banner%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F12%2Fmid_banner%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-12%22%2C%22transactionId%22%3A%22a1a03970-2178-49d2-8294-7c4be58ee66e%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%221089f80dddd25a8a%22%2C%22bidderRequestId%22%3A%221075c433027bb36c%22%2C%22auctionId%22%3A%22d7d9f7cb-3214-4072-bef5-488313c572b9%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B0.7999992370605469%5D%2C%22userId.mods.uid2.init%22%3A%5B0.7999992370605469%5D%2C%22userId.init.modules%22%3A%5B4.200000762939453%5D%2C%22requestBids.usp%22%3A0.20000076293945312%2C%22requestBids.userId%22%3A0.10000228881835938%2C%22requestBids.rtd%22%3A121.9000015258789%2C%22requestBids.validate%22%3A0.10000228881835938%2C%22requestBids.makeRequests%22%3A1.5%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D%7D%5D%2C%22prebidVersion%22%3A%227.44.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.34.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-34-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:08 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Accept-Ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
Nbr
508
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.theonion.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Krk-No-Bid-Reason
consent
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
identity
api.rlcdn.com/api/ 		44 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
id.sv.rkdms.com/identity/ 		2 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=GOMEDIA&sv_domain=www.theonion.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.211.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-211-92.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.theonion.com
date
Fri, 19 May 2023 07:21:09 GMT
access-control-allow-credentials
true
server
nginx/1.22.0
content-length
2
vary
Origin
content-type
application/json
any
idx.liadm.com/idex/ie/ 		121 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/ie/any
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.73.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-73-107.compute-1.amazonaws.com
Software
/
Resource Hash
381a36dedfb411e7e88cfe6ab8f387e5773f30361b80aa61fbc4eac8bf99a9cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
1
content-type
application/json
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
trace-id
9272c2df165ff48d
content-length
121
rid
match.adsrvr.org/track/ 		63 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183957&gdpr=0
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
07fc122acefea6b2acb769a0fe6d936d22e2a0bc1abd1022ff750296ae5d86b0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sun, 18 Jun 2023 07:21:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 55A7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugDGEk5-1oFTOnfBiHk4Vjrhl1Fq778mWrJQhS1awS2hcd478tM1eQHaaDf-5xJfx9s6mCVxlizXR28y0xRxj7ldl2S7qFTxgK7Nd-nFNFvxGWoY5KksZtcEy1_Q_l9foI0pwO2GbUQe5VweDbmLI8vOf9SaYu2edb3aCWHzQrrSYzK1kvMw-vSWlV-yTXwyjoKhn9vhOGaPGLTmvXrFpO_2WvlvCP80F8OHwOlTpoxYoJXemPBMmwLKDf4gZNl_j-e8YxuWJsj-h92ipCOxR0r1TYD_TooDP4KhEJ9lVeA_CPJ3zDtOrSDhNFKm_dvyS5S9oP2yI6&sai=AMfl-YSRneMyuMnyo9QeAz9_R4oSknghe795AKK3ffYtlFvjiLb8sJ8utaeiz80cHdX4t5BuYEuVxNaCDLFachyGh-mkPWlB7UzQ7sbEogQfWOzfxaHBijh5OszOvzwdRg&sig=Cg0ArKJSzEkenZWIXUOUEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
style_banner_970x250_standard_7d44cb.css
cdn.mediago.io/js/template/style/ Frame 55A7 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.mediago.io/js/template/style/style_banner_970x250_standard_7d44cb.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-60.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98064d94d7266ad7e3b0eafe11c086fe605a2582834d7268ae8897e44e9111b1

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
CYQhTnkSg4IVJLN80WCXbtWqILD_zxqE
date
Thu, 18 May 2023 08:30:53 GMT
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 09:05:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
82217
x-amz-server-side-encryption
AES256
etag
"a8714a8ee39a4091ddf09bccbe3d4a09"
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
2125
x-amz-cf-id
Ex448RhBfZYaWzSQ5r6EqAK1X_E7ny_4iDYumeK4g0N7PRva8Aih1A==
trk.js
cdn.adnxs.com/v/s/232/ Frame 55A7 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 07:21:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27631
Expires
Sat, 18 May 2024 07:21:09 GMT
it
fra1-ib.adnxs.com/ Frame 55A7 		0
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.theonion.com%252F&e=wqT_3QLeF-jeCwAAAwDWAAUBCOPGnKMGEO7j_cC93rvSehgAKjYJ3eo56X3DBkARCl6ZXDEIBEAZAAAAgBSuGEAhCg0SACkRJNAxAAAAoEfh8j8w_tjzCjjoO0C4aEiRBFC3w_bOAViegnhgAGi6pmR4mdgFgAEBigEDVVNEkgUG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqA88TCqMTaHR0cAEv8NB0cmFjZS1ldS5tZWRpYWdvLmlvL2FwaS9sb2cvd2lubm90aWNlP3RuPTM5OTM0YzJiZGE0ZGViYmU0YzY4MGJlMWRkMDJmNWQzJndpbmxvc3M9MSZpZD1kY2QyMzIzZGQwN2NiYWUwNGVkYzVmMmRiNTczMTQ1OSZzZWF0X2lkPSR7QVVDVElPTl9TRUFUX0lEfSZjdXJyZW5jeT0ke0FVQ1RJT05fQ1VSUkVOQ1l9JmJpZF9pZD0ke0FVQ1RJT05fQklEX0lEfSZhZF9pZD0kexFPAEEJFwWTgCZpbXBfaWQ9ODgzNzQ1MTA5OTg3ODE1ODgzMCZwcmljZR1r8E9QUklDRX0mdGVzdD0wJnRpbWU9MTY4NDQ4MDg2NyZkcD1tMnMwY2ozeU9VWkNvZnl0NTJQampiQ2JVbWY4UktLVFNjX3ViLU1OVFhrJmRzcAF49D0IMjImdXJsPVNadWplODc5dTRJWWRpTUtzUS01dFF4RXN6LURHMFlnMnFLVXZBNzNqRnlmVmZHV0dYYUhuVGh2M0Rxb0VaN0o5d3VCNG1qQW1vNXZDaTRCcHFVX1ZRZWduazF3aEM2bHhQSi1zZGJjcnhJY3pDcVk4ZVVTNS1kSkxDVWN4ay1xZHE4M0c2RWt1M1hwZ1lNLThud21PejZTWUdNdGV0dDcwanhQSE10a2UtMEs5amUyRS1UVjZ1R1ltZzktc0hZdklWVG5tRVJmMHZZM0xIZ0cybXFJYWxXUXBHT05zRWRDN0RXdjRlVnA0ZGhzaVBkV20xcEJqeWxCeTBXQ1l6OF8tMFdnMFFSYlJaWTJwdE42a3MxbG1OQW9FMU5zM3BmRlprTzZZVDZlLWpZMHFJbkE1LVVGMkpyalgwbXgwLXd0VGNNUk1XZ0FtU2lKTDRndjhDV2xmaUthc3RXNjhpVWJuWVpmcXJKdmdwZTVNNzI1ZWlCNzhfRDc1SGFubHBKdWN6WUhSRWVYQ3lEWVpXeXRycGtIWE1wZHRjSndGQkpCMUkxdHllMWtuRFQzSE02VGk0bTZQY19VaG8yYUhMLUdRVDF4LW9PZTM4OW42Qk03ZUpQTlprV3phXzlreDdRazg5cElUUDlWaU9YNklWQ00tV0R1WWNqQVVKNVRDS0oxV0NLZ2NCLVpDdGJxQk80ZU5jT2k3bjBBeU5sd0RBWVBxWHFfTnpHQTRMNGdNelRhTE9wU2xjTms3YnlwUDZ2cnhmN3RDRnBrZVB2RmNIWW52b01MRVI3UEVJcHBwS1kxRHI5bTNlbDlNMVZlYnV2MHhYamJ1eDZJR0VvcHZTci1PNWw3M0N6aGdYRENwSVhjYWRHT2M3eUl2aFlOM0duQlJtOW1uZjV4U1NublR5MklUeXVoY2tRZlNaclNwUFRpMWJnVEN0NkNiTzFhb1hhdkw2RndBbW9iLVVGUVlnMlBVamQ0ZHpINUVzdU13ZkM3RXc1Nks3ajAzNGY0VnRZTFVzSkNJMUUyQV9vUGtORjBMN2wxU0FDRExaZDdGWGk5SlhkMW1hNFZvdlFlYW1xWk1zelllZGluZUhKMmRVNXRheklkWWtWeGdzelZabnprVnlGZnVfdU9Bd3pNOFl3ZFpGc0VtVzJIYU55MnVEaHhSTkVwVktnN1hyazVLVllleUpCX2xRZl9jWm01ckpJd0dUQTVIdUoxajRVZ2FuclUxTXpncW5ZcWFxRTAxS0VEcERaVmtHd0V0Mkl1aGw0cVVvaEpQbnJuY3p4VU94WjJTQnFsQ2lJM09oWVBIZVZVeDFldWhxR05VRkxzcUp3SGNIMGNpbHJDV2hoS2paME93eDNIYl9IcVlqbWIyd21qeDZCZ1d4ZFVtYUd4VzE1ZjRPRVU4TjduRTlMNTBkNlp1bG5QNWRJUFpjaGVHTGFqaVR5U3ZaVUVESHdyRWVQRzJHX0UxZXhFQkpNNmVQVE1MWVVZODl3ZXZpVHcxMm85U1dNREhSM0t5cEt3MzFHM3QwX3lLQUhOOGk2RFJFN1JHS3BLMFQ4VE9nelZOaDh2NmJQaFk3MHlGLWNzVGFlOWF0TGNfUlFVeGJSX3l0VjBXaFlQc2FMbjVjblRSdEZydllfdEw4NkI5MlBCVUxnRHZXUVVKOXd1ZXY4Mzhsa3dybXN0MzlWUm9Wc0pYVk5mWUVFa0xlM1JETVk3czdrZ0VKX2VwOHNjdm5BVC1xMTFRY0tOLWdXYVNjUVRsbEc4TWVnRDgwajF2d3lQTkNxZ0xKdFVoQzMtTEhCUi1lV2Y3bkVReGowT1FFQnJ0bzdTVjl0TlNnS2oxMXA0Q0hGNC1zM0tfV1VHeE1QVzFPWHZuN2ljU3dtNU0wdVcxbzRObmFOSFdocy1SNFZaTzZrUXhhMFl4aEwySDF1MGR4ek5RT2lCM25QX0V2c3ZFR1F5WWxfZ3dPSVBEVUU5bkN1NElBUURMV1VRbXRITEdkTXRLZlNHVzBCX21fOGdEYW9BcndtWC1CbEJnT3duSERNUy1PVzVkNFcyem96cHItWHdtNnpobG5oLTd0OUJYV0tKQU5IbVlLVlBiTTR4eXZUMklwaTJnRXhKTFJXRnQxVUFiam1lMGNGRHpYY2pGaGVTQXoteFhiYTE2US1ubDYtb2JVOHpqcC1ab0owMTlkQTZTdFZQZ2psc01GU1FoRUYwd3dNWmRvNUx6VnJrUkxPSEpONFpwZTNXSkVEdW5Oa2tOMy10QmxHaGU2Rl84MEttN2hmMEx0c3g5ODBYSlBiTWxhczJZVUJESzdsR2pEaXBhejRVem4yb05rVlIxdTk4dUgxblllSGVmUWtjREtfRVVQZFNBVTFYMkFnVmRFOFVyaHVHWXR0THB1NjkzckYxeTZ0TDYtNUFyVl9OeFIwTUdDSy1uNWQzUEszMktkZ2cyNmZZaE1pM0RFb3ZXU09PQXdrN3ZVekEwa0RWV0hFWk5DU0JQNnBYTEczQkZJamZrTThfR1RxMExCQ2drbDlpZ05CLWQ2TDFKY3E1VUlTcVpKZWktNlZHOVhMVmFBQUhZb1FuNFUtWHExNjdXME9rQlNicHBYdzZDeDR1a0xvLXhGUndBZndleWp3SHJ5WGxzU3BnUjN4QmRXUm5pSmRlM1FyamdhMjlDVTkzSzFRV0JvbU9QeTN6SGFKbTJwcXlDX1BoczZUck9QbGpNYkwyJnNwPW1pVFllaXYzVW5UMUZJYV9zOFN4VzB0SXlQOTBoeHRzdFNzSzVLb0s4cXcaEzg4Mzc0NTKwCDQiCTQzMzk1NTI1NSoHTQ60CfCVR2_AA6wCyAMA2AOOsSTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTQ2qAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEp425IsgEANoEAggB4AQB8AS3w_bOAYgFAZgFAKAF-ZfYz96b1vpnwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ9w2AUB4AUB8AXum1b6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbVrwXaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcHMTc0MjQ0OcgHmdgF0gcNFW8BMAjaBwYBaHAYAOAHAOoHAggA8Ae5yQKKCAIQAJUIAACAP5gIAQ..&s=80c621e7c4ae8a269e7914faca5c48eb73d67442
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:09 GMT
AN-X-Request-Uuid
0bfc96eb-9d6a-4f88-a843-e18f4ac112a6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=661066023&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABFAQCACAAI~&jid=1924364648&gjid=1471386799&cid=472714348.1684480868&tid=UA-223393-1&_gid=2001772137.1684480869&_r=1&_slc=1&cd34=none&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=frontpage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=frontpage&cd134=1&z=1049030344
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=661066023&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABFAQCACAAI~&jid=1549290324&gjid=1393268299&cid=472714348.1684480868&tid=UA-142218-33&_gid=2001772137.1684480869&_r=1&_slc=1&cd34=none&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=frontpage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=frontpage&cd134=1&z=1052345635
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
b-8db6969-11fd6bfd.js
tagan.adlightning.com/gomedia/ Frame 668E 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30d6dfd42b9a5f0be38020e3fe03042fe88b4931993c6c63c0b8061e934d727f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 19:33:08 GMT
content-encoding
gzip
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-version-id
HQt7ZtDt1P5TOrLzwiKvyGrv1Hhamfho
x-amz-cf-pop
FRA60-P4
age
2461682
x-cache
Hit from cloudfront
content-length
33634
x-amz-meta-git_commit
8db6969
last-modified
Mon, 31 Oct 2022 20:36:51 GMT
server
AmazonS3
etag
"e4052d126a40ba70c16eb758095d1d13"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
sieAL7nfSrFa4hR9VHInt5ri5yvXvQ13daeiAg8C90kHcnVdTFhQFw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 668E 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 May 2023 07:21:09 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 668E 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&seltag=1&sadv=4531748607&ord=2260375129&litm=4601587669&scrt=138271807375&unit=970x250&splc=152253218&adu=22405397127&adsrv=104&btreg=4601587669138271807375&btadsrv=4601587669138271807375&cb=498864057&region=70dvtagver=6.1.src
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:2030:0:4e::d59b:9dc8 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d2a873aa95722b428af0c085721321a67a0f0a996ef2ba9d4e78a1b8d3af20e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 07:21:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 May 2023 07:00:22 GMT
Server
Microsoft-IIS/10.0
ETag
"087d6695689d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3371
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=theonion.com&p=%2F&u=tlgsJBh3idxB4LKGY&d=theonion.com&g=3012&g0=www.theonion.com&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=7492&o=4000&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.theonion.com%2F&b=561&t=Danil5D6Y4XvD4JgKyDwiRfqBBprZ6&V=139&i=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&tz=0&sn=1&sv=CtmCE7FGpzCWc4UKDBKPBfDzxjc0&sd=1&im=067b2ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.12.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-12-114.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 19 May 2023 07:21:09 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
abtests
am-trc-events.taboola.com/gomedia1-theonion/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/gomedia1-theonion/log/3/abtests?route=AM:AM:V&lti=deflated&ri=f9249782bb216387cd329a32be903c02&sd=v2_e713ea3da7d860728fff9fee3660ff5f_6be555f6-58fa-4d87-8679-5ee521b7d5ea-tuctb60a8e3_1684480867_1684480867_CIi3jgYQ5LxeGLj8iJeDMSABKAEwODib4wlAiYoQSMOz2QNQ____________AVgAYABoju2OwMrc5JWsAXAA&ui=6be555f6-58fa-4d87-8679-5ee521b7d5ea-tuctb60a8e3&pi=/&wi=3642577999104193222&pt=home&vi=1684480867896&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%2272.0625%22%2C%22eventTime%22%3A1684480869388%7D&tim=07%3A21%3A09.388&id=6954&llvl=2&cv=20230518-8-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 19 May 2023 07:21:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
stats.g.doubleclick.net/j/ 		1 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-223393-1&cid=472714348.1684480868&jid=1924364648&gjid=1471386799&_gid=2001772137.1684480869&_u=aCDACEAAFAQCACAAI~&z=1548589298
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 19 May 2023 07:21:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-142218-33&cid=472714348.1684480868&jid=1549290324&gjid=1393268299&_gid=2001772137.1684480869&_u=aCDACEABFAQCACAAI~&z=426028588
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 19 May 2023 07:21:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 May 2023 07:21:09 GMT
e2d5850a1036b5e3c57f1c27464420b0__scv1__300x175.png
d2cli4kgl5uxre.cloudfront.net/ML/ Frame 55A7 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2cli4kgl5uxre.cloudfront.net/ML/e2d5850a1036b5e3c57f1c27464420b0__scv1__300x175.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4e00:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c904d482d63252752df2063bec93a6f15bc1b899e2e9496f31ccab45af45762b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
RZt9HMz1RAg17g2pqttiTopfcg8UKdid
date
Fri, 19 May 2023 06:08:07 GMT
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
4722
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
63623
last-modified
Mon, 08 May 2023 15:49:37 GMT
server
AmazonS3
etag
"7aadbce0155aa8afa3965d50b4271429"
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
k99QpDMrbUPPa3u22lfuecaWLdYy5ZuGZuHAG63f-Jl9I77AH028Jg==
blue-arrow.png
onlinertb-us.s3.us-west-2.amazonaws.com/js/images/ Frame 55A7 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinertb-us.s3.us-west-2.amazonaws.com/js/images/blue-arrow.png
Requested by
Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/template/style/style_banner_970x250_standard_7d44cb.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.153.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
bf282b4ef41bf52ed9cb27a33190fdcf162f28a2c126beabaad623eef16148d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mediago.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 07:21:10 GMT
x-amz-version-id
null
Last-Modified
Thu, 10 Feb 2022 06:05:51 GMT
Server
AmazonS3
x-amz-request-id
0217X4YPGC0CB7HC
ETag
"3da1ac71a612038f43614f4891129b18"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
28511
x-amz-id-2
2JVuHEprDTrJv0AMqyMRj7wTgWP0bN4wXHVaXCACLrA50kLFKY0d3hiMyn/LuhadCjf8kdqgh60=
ic
trace-eu.mediago.io/ju/ Frame 55A7 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace-eu.mediago.io/ju/ic?tn=39934c2bda4debbe4c680be1dd02f5d3&trackingid=e62513cb3d604ae465b1e44c7cde03bb&acid=23882&data=1sYHK3CoJNddltB0PfuAaQ9J4Gv4fCUUri1alJSirLWzQebreLW8xtX_UV2a6QBuNT-rDcXeMYP6Tn1CqXuYazBV3ovHyYjLpszyRygFtCxY0qMD2F8nCwfIwetf0aZOwV5b2OSLSJ9oTQnkg69oBaKwkYbtUqud7D0Aj_skmmfbIICBYNAo8NZNW5siRVRTDhIo-ivJ8X3epOCMiPF33L8GDrZ2Upbsml6bucCXkG_Eq8XEh32PaT5GA8yamCEkNFmOEmfjfi0wnNs4sSrpUdxgvfsJ6eBcp616Arn2upvBE4DLBxtnZlYYxMu_lPMnoBZl1t8WwYXyrfa_aBX6apSSKtg2Huh0aboiBlizItrRP9SLdVhFnMS0eBmpAQQe1lpHOlnBuK5Q1qaK0sYr-hNLNwmMcLujh271_dE2MSHYbgLn7XSstVap3cZ9KFiBjYRmZTGny1x0_R7sU2Q-HUXZEcBis5v1wf48_8CZcc_GgHwOwWEKRWyrDxMtEn1ZC9ylp5ThzHA3vVcEwtbuLMR64Z3FDq6rOZlraEA3sS9dyG1ypDoYZpbJOzEZwkoY6yysrlzFtDxpzRH43-wU3sLi_AgNfPtZCkQD5fNAmaWiCkHRnVa_a6IzAJi5Vb35_msSc1-XT_nvQTEDt3M6xqbkQDtkzDrxmBKNFrgYOHimBiXvw9RvBCJveg-altEuooqE0rOOnkxrtAAWUNLw8VJ-7F1C_kR-t3g0x0NaaeRhDkybx4g0MG6PpXVB7M-whd0WvoKN2MZsOto2_PqqT_EYE8OSSfYnS9d4CoGtZdnMOM0TsB_g7_ZYyQjobsdqWHFwQt80n90yc5_uVnl0PUakAVtPImr92SBsFTMZIiSsxPJwl3OISfo0y7JKI4NeK_kvL9oFJGWZHeKTeNYCYjKZQwR-ZpK0QFEohD_rtLKriUxKpjYFBpyrjGTP_RZdYowrVNPygA30WOHuiTsFI6WMj0FQy6nt0W6oa07N-NLE7g6stUlqkmBxS2WTD14UZp9uH5HH8Lo8khUsdT3gxORBN2AB0qKwh6C1DP2jNaSvjyHxubR02qJPgYnKfX9t7TleU3uiCJI1v3TB685T4a-DVJBPte-Y2ezhzPVZYJDlyNstB6xTkaWGE6fiC1ZCNsLc41eNdVEnCnV5dONYxNEzvTxHNnQC5UK6FY__K8OpuF9itt0DuJz7NggB0DQTD570OVY6eJ2dwlLlAT40wSgqXXH7-mtgVVYDvErSfLW8bD-toOZ7J8Y4oyhdeV_H&uid=mid_5782153cd76a6937b3128d65c3d7d563&mguid=&ap={AUCTION_PRICE}
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
80.168.214.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
setuid
ib.adnxs.com/ Frame 55A7
Redirect Chain
  • https://trace-eu.mediago.io/cs/xandr?rdid=dcd2323dd07cbae04edc5f2db5731459
  • https://ib.adnxs.com/setuid?entity=529&code=6353e3be9a6184a972875fe1388ff414
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=529&code=6353e3be9a6184a972875fe1388ff414
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
HTTP/1.1
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:09 GMT
AN-X-Request-Uuid
574fb8eb-d5bd-44ca-b1f4-f0f795b94292
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/setuid?entity=529&code=6353e3be9a6184a972875fe1388ff414
date
Fri, 19 May 2023 07:21:09 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103
content-type
text/html; charset=utf-8
rd_log
fra1-ib.adnxs.com/ Frame 55A7 		0
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.theonion.com%2F&e=wqT_3QKdBOgdAgAAAwDWAAUBCOPGnKMGEO7j_cC93rvSehgAKjYJ3eo56X3DBkARCl6ZXDEIBEAZAAAAgBSuGEAhCg0SACkRJNAxAAAAoEfh8j8w_tjzCjjoO0C4aEiRBFC3w_bOAViegnhgAGi6pmR4mdgFgAEBigEDVVNEkgUG8MKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOOsSTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTQ2qAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEp425IsgEANoEAggB4AQB8AQF5ViIBQGYBQCgBfmX2M_em9b6Z8AFAMkFAAUBFPA_0gUJCQULRAAAANgFAeAFAeoFDAoIVGhlTwHCYBIA8AXum1b6BQQIABAAkAYAmAYAuAYAwQYBMDQAAPA_0AbVrwXaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcHMTc0MjQ0OcgHmdgF0gcNFX4BMAjaBwYBaHAYAOAHAOoHAggA8Ae5yQKKCAIQAJUIAACAP5gIAQ..&s=118d80d720f59394affce2bab36ac1d98042618d&bdref=https%3A%2F%2Fwww.theonion.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.theonion.com%2F,https%3A%2F%2Fwww.theonion.com%2F&
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:09 GMT
AN-X-Request-Uuid
7786d99b-2211-42d2-a7c1-87e9e4896cb0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px.gif
ad-delivery.net/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
751383
x-guploader-uploadid
ADPycdtIuxbh6TcOfJc6CQHXK8x0ql3PMeDtBJXU-MC_l17kqANJLaGJTX7WDwUwA1KANx3faXES2t6ZCGwRvtbhYmup
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0w4aFOPBrkg3WTYxv4%2BF9AvS81CCSvO6ewpi%2BPVMKDczilHHKLJJDM5GELiYFuQFRfaF4iLScVCKUyvDJT2j3rWgskjDcE7JFkF8%2BMoW3XiDh4gGb5M82vHLbIQudZYDwk8jgxGJmDCf05XNtg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7c9a94dc18d41e58-FRA
expires
Wed, 10 May 2023 14:47:16 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 17:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50613
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 May 2023 17:17:36 GMT
px.gif
ad-delivery.net/ 		43 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.3415044870383872
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
751383
x-guploader-uploadid
ADPycdtIuxbh6TcOfJc6CQHXK8x0ql3PMeDtBJXU-MC_l17kqANJLaGJTX7WDwUwA1KANx3faXES2t6ZCGwRvtbhYmup
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgG44qSD0pdXi1okWLBVdY0qGk0yQWFD4y%2BPhOe9JqnkNHuCKE%2FZ7Lyq7HiuMMjMgbEIc%2FJtOfwy99STawE8ceJ1BieooXY7rbRKM8TaJpU06FkW3gK%2FICusm%2BgZDqE5fYy%2FGK%2FIWtrjUcvFfw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7c9a94dc18d71e58-FRA
expires
Wed, 10 May 2023 14:47:16 GMT
headerstats
as-sec.casalemedia.com/ 		0
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=365217&u=https%3A%2F%2Fwww.theonion.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lg6cLaU6fgBnWMlY%2BkjSu3e5WBk%2BZKVjPYmYxpm3y6BnzDuZzGt%2BX8crqp0QDsUnZOFw66g%2B18eBGymyO%2BpGr8EsRkHSXNMxd0gLuF5wuc%2FztYz7JnK0cNO2I7bODeY5ZeUY2OqB7c%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c9a94dc08519162-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 668E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQX6ba5L-Ymvi-6_6kqKU-d-U1mmm6y_ynYAxguoITaakrYvXKWfdpRIMusGfFHDIdHO3x8B_Pxlc4hNpL1c4LruKV1ZQKAHXJuD8wRHyfE_pR-E6TBPnP5o4a9L5ZMl2zf1cSa9lj0BicbrrN4AhKeYe9SOBmY9S1HrzOmwijqZeGSPEZRnvw6Q8Ey_8S3IIMn0bp9MdlHSj_t5Y1k1582ZHb4f8f6-l_vlrPkmpS2nzhY-zfnFJhRK-H0Uwij8z4fe6b6gF49_hhG9U2ziR2Gw5dS54GU6doErmjlChpRYOTKST9NCCMT5qBtFuQIrEBA41J5m8R&sai=AMfl-YQzTi2FBFp9h06ZIzh9sJuUz4R8cpkJrdhVb4lEEAGl0UE6jkMVXsbTC6MYrjF0QBLPLb8c5wCym9NYvEbv1hEiB24vjH47VSl9G_6X44vWnBY4gOys-veFjRoLGA&sig=Cg0ArKJSzEalSENFXNjKEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
style_banner_970x250_standard_7d44cb.css
cdn.mediago.io/js/template/style/ Frame 668E 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.mediago.io/js/template/style/style_banner_970x250_standard_7d44cb.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-60.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98064d94d7266ad7e3b0eafe11c086fe605a2582834d7268ae8897e44e9111b1

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
CYQhTnkSg4IVJLN80WCXbtWqILD_zxqE
date
Thu, 18 May 2023 08:30:53 GMT
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 09:05:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
82217
x-amz-server-side-encryption
AES256
etag
"a8714a8ee39a4091ddf09bccbe3d4a09"
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
2125
x-amz-cf-id
wKY-jJm9590D3Lh44EiQeZhYsMEhj0TCxr-NFyw9Ws6bJz2ip660Rg==
trk.js
cdn.adnxs.com/v/s/232/ Frame 668E 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 07:21:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27631
Expires
Sat, 18 May 2024 07:21:09 GMT
it
fra1-ib.adnxs.com/ Frame 668E 		0
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.theonion.com%252F&e=wqT_3QK8F_BMvAsAAAMA1gAFAQjjxpyjBhDt8_7rk4X5tB4Y4OWolrLd_bd4KjYJOLpKd9c5AEARTgpv5sKO_D8ZAAAA4KNwGkAhTgpv5sKO_D8pOLoJJNAxAAAAwPUo9D8w-djzCjjoO0C4aEiRBFC3w_bOAViegnhgAGi6pmR4xIYGgAEBigEDVVNEkgUG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqA6UTCvkSaHR0cAEv8NB0cmFjZS1ldS5tZWRpYWdvLmlvL2FwaS9sb2cvd2lubm90aWNlP3RuPTM5OTM0YzJiZGE0ZGViYmU0YzY4MGJlMWRkMDJmNWQzJndpbmxvc3M9MSZpZD05Yjc3YThiYTE3OTcyYzBmNDM5ZjcyNzFkOWQ0YzIxNiZzZWF0X2lkPSR7QVVDVElPTl9TRUFUX0lEfSZjdXJyZW5jeT0ke0FVQ1RJT05fQ1VSUkVOQ1l9JmJpZF9pZD0ke0FVQ1RJT05fQklEX0lEfSZhZF9pZD0kexFPAEEJFwWTgCZpbXBfaWQ9MjE5MTUzMzU1OTQ2OTAyOTg2OSZwcmljZR1r8E9QUklDRX0mdGVzdD0wJnRpbWU9MTY4NDQ4MDg2OCZkcD04c0hCSGJhU1dWRFV3WnhKUzNFemIzaXNxN1g0ZkYtRmN1TUg4RWRDUEFVJmRzcAV49GIJMiZ1cmw9TGNubHduVTNLdjVfdzFjOGJUUHZyLWM3QVN5QW1HWjM4N3pfWjhVOWZGOGk4RDlkQUZpWFJEV1M1RnRyQnFMZFA0TnNYdWRCeVdqZ2J5TFA3bEVrNUFQTjk1RlNKenZ6dVZ5a2N5SnEwdW43bV85MWwtdXRyOUZXdkY2ekVvdVVUMFNmR1YzZFpfS2YtempnQXNPYVAzM3U5TnFFaHQ4clNPekc0ZDZSUFJOZk4yd2I2eU5BLWNaMjdXRE5jLTd2Vi01cTZjdUJEWU9NeGtuTHp0aWRyUWMySjdTS3VielZhdlFUNk5wbFk2TG1IOUwzWHduc0cyakgzaTJCSnpTYzFjMjBCRkgxYTFONW0xM3RPSTJPN1NrSjloTUxNNVdmV1VUUkc0eUpIak92SUg3SWNGUTdlT3Q0SVowdTc3OE1tc3NSQ0ZDUjkzSUd5Mm1vS2hZc29YYmxlQlJmZ05TUXgydFF3VTE2NV9hVnN6VXI3MmhOZlQxVk9LYTVBaUJNUjRuZVlPZ2k3dzFYa1dqRDJlUW4wTmJqcVZETUhnWl82ZTZmaVBTT1pZUWxyWEFoOURKXzVTanVTeDVvYjl1SENRbGFzUWlDYUJyOUFsbEx2Y3ZOSkQ1REhxNlFvSzdJVW1rQ1VnRHY1blJRUlVsdmZZR3ctUl81UHBxX1lZZ3dna1l6c05EQU1Ma1pLWkxNSlEtWlpicnUxeXJvQ0NId0tEdnctcU9LQnpDc096T21hMERHbHVwMExtbE9aTWJhclZha2J0dTJRZW80RDRUTHFPQWVzR3dpOUtoR0VEeGgxUzJlaFNTNmIxUk1FN1hqMXdPcmwyMHdaRjFlajBWcm44WjNZQk82UFlsazBRYkpVeVBuTm5jTERLQjUzVWd6SW5RUXBNYW1OOThGLUJlaVlkR3J0dWRYVFZGWVRyRXR6QW90ZTlZemlpTlI5bzR2bUFpVjVYQ2tzN3hDRHlmZkRVbnU3bVhtYlVENjV5Z3lEMWFDaXJJVERMdXViS05PTGtOWXM3OVAwdzN4b2ZycG44ZThGNFdNTy1SVV9sOVd4QTRmNG1wTWh0bXdmU0lFWml0ZHVTTFo1bjN2QndlWGg2a3FBRXEyNUNEX0V3TjNONmg5X244R3htX25SZzZLRGtLc1hQZUc2andzUU5fQ2NleklTTVJSOWxMT3Uya1RpTmRPS0hCNDdkUThCS0RzTlRmTHNZYVNfSVNKRk5EUHJuYW90UEJONkd3YWgySElIeDUtTDF3X29KQ2FOdkpkS3h2b0hob0U4X3ZIU1JMYWZGUXVjem9XRGxxb1JZYUdMMmFtTWs2Y1BRTWVNcHRTX3lWNWFaYVIxbms4M09Kc0ZucVFpSmRNNG9QZ05QVkVrSUZFTE5DS1JVNndDUy1xZkFBWDh5VVRiZkF1MExmaU5FWTBERW02MFlPa2pMaTUydVdBZl9IR3B2ak5RUlNaYnQyQ3lxR1F2LUlOellGT3NzTWZIclZKaTNYZnFuWFFoRkM1VDFCbC04NzUwX0oyeVUyY2N4alN1ZWtqM01odjYwNnVlVkp6S0ZLaGZNeW5zaUtKX1lIRmtGWE10WlBDeWdzVi10WWtQQ2d5SkRBc3lsVi1kZUxsWmVzdThfd3lmeWNaSENGVHMwY0x6b3Y5YUZ6M016MkZ4amdMQ0lGQlNaOHFPa0FIcUhLbXpDd1pRc3FxQTQtQ2taZW5tdGxoN2JIZWFqRkNWdEN6RktPZlUwb3FJbFZCZlFhSTd5ZDdoUGM2ajlNaWw5YTZTVEw4dUlkS0lVVG1tczMtYWJjSEwzNTE2TzFjMW9vYlFvS01ZNDdHb3k3clllYTN0dGt5cEhuM1NQUnFtTEVXX0xRbU5sZFhSdG9icFRhTEp5b0djOHV6RzNkVUxiaUo1QVhMUVBhVk4wVUg3ZE82WHU2OGo4MUg4b0lwTTVmTmF2Nk5SQlotaDZZbmtYX1QzRHFxd2FpMzFvVGZGc2RYWVVEcXc0X0lxTFAzVzlaRVZtM1AzTUNIbkxmYjluUXc5eGFJS2REaC1icVZXa1ppbU1FelRDbjlKRm9PQ2U0bWVVVGJQQ2FzN2lQcEt3RU1tRzVmZDNHTTMyS1QtNmw3T29wcjJJQnJGYV9XSGNnN0RJYnM5aEh2c0k2eWhxbXZOQzBjWXA2WWZkWlF5MzM4V2pMR3czRXlhSnJMbEdmZHk0M2MzVFBtcDBzcWVISkhPSndHeF83cFlwck5NR245NTJFSzR3YV9mbVN3YVBtd0gtaVlVelhsWWJlbVNBQWc1Z3JQTUlKTzZDbmFwV1VWY195NmtpMFBJdmVwOUxmeHEtQkpLdHdwSjZDVGJ0NzNxd3NYZmRGSVR0ZDNiUWwtY0hUYUY5NThISkxELXMyTDNTR3RLS3RmVS1MSEtYaXpoNHZGYWpBdFRpRU1RM0o1ZWx6WnVKNDhXa1IzZjhIeFdQcWJ2cnlSYl9NY3gxN3VZcmJqZ2laQm9wQ1FNbmxnbDcxamNPMVdKQWNpaWo3MUR6QV9mU0UwZEtlU2MxNkZyRi1FX0RNZ3R6M1hCUGVGeUdyU0Q2NXcxSzYtMWxGbGE5RE9vQmdXdVRFMlZlYUlkc1RNYmtHYkMxZk5fWTQ5SlEwb2RXZkpETFFGZy1YY3FXWE1ad3N4dHcmc3A9YjlKekFQY1dvM1padnpyQlUwQUFYM0QtaHBwVDlkbjZYdEwta0U0dWs5VRoTMjE5MTUzMzU1OTQ2OTAyOTg2OSIJNDMzOTU1MjU1KgdNZWRpYUdvwAOsAsgDANgDjrEk4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE4NS4yMTMuMTU1LjE0NqgEALIEEAgAEAEYygcg-gEoADAAOAK4BADABKeNuSLIBADaBAIIAeAEAfAEt8P2zgGIBQGYBQCgBfOr9tPYtILZdMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBe6bVvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbVrwXaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxNzQyNDQ5yAfEhgbSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB7nJAooIAhAAlQgAAIA_mAgB&s=f199b23da3f0a3755e1ac8d578354c4d3f5f179b
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:09 GMT
AN-X-Request-Uuid
76d8ddd8-0d5c-4bae-baf1-c869a3fa3aa2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.theonion.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.theonion.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3797107814779183&correlator=1239546624039493&eid=31072879%2C31074474%2C31074665%2C31074682%2C31074686%2C31074722%2C31074764%2C31070233&output=ldjh&gdfp_req=1&vrg=202305160101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x520&ifi=5&adks=546244911&sfv=1-0-40&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-03%26amznbid%3D2%26amznp%3D2%26hb_format_criteo%3Dbanner%26hb_size_criteo%3D970x250%26hb_pb_criteo%3D0.10%26hb_adid_criteo%3D10905d3e39fe2887%26hb_bidder_criteo%3Dcriteo%26id%3Db9b4240f-f615-11ed-9736-0ae3ea675541%26vw05%3D40%26vw%3D40%2C50%2C60%26fr%3Dfalse%26ias-kw%3DIAS_1508976_PG%2CIAS_1506828_PG%2CIAS_1509460_PG%2CIAS_3005058_PG%2CIAS_1507080_PG%2CIAS_1508967_PG%2CIAS_1507661_PG%2CIAS_1505819_PG%2CIAS_3005054_PG%2CIAS_1508986_PG%2CIAS_1500692_PG%2CIAS_1500903_PG%2CIAS_1500902_PG%2CIAS_1507654_PG%2CIAS_1507653_PG%2CIAS_1508285_PG%2CIAS_1508970_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D1.75%26hb_adid_appnexus%3D1109256f4de04bf8%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D1.75%26hb_adid%3D1109256f4de04bf8%26hb_bidder%3Dappnexus&eri=1&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&sc=1&cookie=ID%3D65ca2c478d80b716%3AT%3D1684480867%3AS%3DALNI_MY9VxLtKzGJdUGHHsoT5NQra4mQFg&gpic=UID%3D00000c19c0420eca%3AT%3D1684480867%3ART%3D1684480867%3AS%3DALNI_MYxIyQzQglqtb3wMGQvBlzLk54RVA&abxe=1&dt=1684480869708&lmt=1684480869&dlt=1684480866692&idt=995&adxs=1200&adys=3257&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=1028&ohw=4000&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhZs460I237_Xut604IpjFsdJvhMMoH2VYfDCrxnSvS5kWsIUBMGiyL4F6OzeowdOHoOtpTGN9mzD0AooE%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvh0FNSVcunm2rfnhX5K5wbwehk3FChhkGnhA8HEyiTpdcvJeSX-rfMBKKBpsZ8FkR9CpIS6afqPlNkCO2k&ga_vid=472714348.1684480868&ga_sid=1684480868&ga_hid=661066023&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGL37iJeDMUgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305160101/pubads_impl.js?cb=31074665
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c309943c3d8f6fee170056217752d554dd9b40d6b4ceb104f4f651338483b17d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11695
x-xss-protection
0
google-lineitem-id
4601587669
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138271807372
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 822A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?dn_DJg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
st
imprammp.taboola.com/ Frame 1676 		422 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eKECLAZ4NstnMC47qBPwbJbPYFx2UC8AAABgYID-AEnuRovRcGZyizyT5Vq0MC7WwtnC4RZNbIOJxbWbzTYuIyDJ3WgxGs5MbpFnslyLFsbFWjhbONyiiW0wsbh2s9nGZQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQ0A6n3foPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxR6vbx-kDZdCFSYFuEEQAAAIDc6k3JI5N0gopFlf___34rAFcAAAIQZcR9NrPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QkkJPmqCBwg81v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLDkErBoPVCYjZAQAAALjz____jwcvQ75KidowVQ9I-RablcMzcvhGxtlgNxnObDbnzOXyzGaDmc018x4uCAP1V5q0iz4iwjL7fQch3-0yPHwug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDZxuVarmW2tGs4cbtHIuFsLZ7vlWrVyuSaLiW_kWjncotfHdLENFsaVZ4sEA0z2InlapBOZczJa7oaTicWymG2Gu43JM1kuPJOJyznYbAyTiViiOVmkE9ll3_ItNiuHZ-TwjYyzwW4ynNlszpnL5ZnNBjOba-avTVyu1WpmW6uGM4dbNDLu1sLZbrlWrVyuyWLiG7lWDrfo9TFdbIOFceXZN2bD0Wg4GM52-8ZsOBoNB8PZbt9hMj1Tn7PRGhNfPjLVuLSyTGxOg8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-FbXZc97Uz6uKa_zIDYYFLFEcJFOdH63y-R0ONaio8tvd_rtFrFEabpIJ_qi3-0yPHwuf0UsEZwu0onQ73ZZ1H_0EMPVXLLYzBWr1Vwxmq0SAAAAAAAAAIAlmGa6CQAAAICTQQ2Xi8VsnQ5mMpwtRrPlArjwJNP1M7wjH_jGC7lLpjGB7EJIxrhYY49FnN_tMjkdjrXo6PLbnX67lQFceFox2-wzglir1bIGAAAggA0AAECAm268CUih4v7____HAQAAkJFDDwAAgH4f0NQzF0q98CM_ghzORvsHoEKs1Wp1u7FWqwU!&cmcv=&pix=undefined&cb=1684480869727&uv=3280&tms=1684480869727&abt=nonrv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=974148fd-d329-4a81-86aa-4b60bb5766ce&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a6d4d40119cc84ca14f2afc2cff377dd61caa0369c83bb663d5b71d6600435c7

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 19 May 2023 07:21:09 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230045-FRA
x-timer
S1684480870.761221,VS0,VE10
sync
am-match.taboola.com/ Frame EA11 		422 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8eKECLAZ4NstnMC47qBPwbJbPYFx2UC8AAABgYID-AEnuRovRcGZyizyT5Vq0MC7WwtnC4RZNbIOJxbWbzTYuIyDJ3WgxGs5MbpFnslyLFsbFWjhbONyiiW0wsbh2s9nGZQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQ0A6n3foPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxR6vbx-kDZdCFSYFuEEQAAAIDc6k3JI5N0gopFlf___34rAFcAAAIQZcR9NrPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QkkJPmqCBwg81v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLDkErBoPVCYjZAQAAALjz____jwcvQ75KidowVQ9I-RablcMzcvhGxtlgNxnObDbnzOXyzGaDmc018x4uCAP1V5q0iz4iwjL7fQch3-0yPHwug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDZxuVarmW2tGs4cbtHIuFsLZ7vlWrVyuSaLiW_kWjncotfHdLENFsaVZ4sEA0z2InlapBOZczJa7oaTicWymG2Gu43JM1kuPJOJyznYbAyTiViiOVmkE9ll3_ItNiuHZ-TwjYyzwW4ynNlszpnL5ZnNBjOba-avTVyu1WpmW6uGM4dbNDLu1sLZbrlWrVyuyWLiG7lWDrfo9TFdbIOFceXZN2bD0Wg4GM52-8ZsOBoNB8PZbt9hMj1Tn7PRGhNfPjLVuLSyTGxOg8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-FbXZc97Uz6uKa_zIDYYFLFEcJFOdH63y-R0ONaio8tvd_rtFrFEabpIJ_qi3-0yPHwuf0UsEZwu0onQ73ZZ1H_0EMPVXLLYzBWr1Vwxmq0SAAAAAAAAAIAlmGa6CQAAAICTQQ2Xi8VsnQ5mMpwtRrPlArjwJNP1M7wjH_jGC7lLpjGB7EJIxrhYY49FnN_tMjkdjrXo6PLbnX67lQFceFox2-wzglir1bIGAAAggA0AAECAm268CUih4v7____HAQAAkJFDDwAAgH4f0NQzF0q98CM_ghzORvsHoEKs1Wp1u7FWqwU!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
a6d4d40119cc84ca14f2afc2cff377dd61caa0369c83bb663d5b71d6600435c7

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 19 May 2023 07:21:09 GMT
machineid
3402
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eKECLAZ4NstnMC47qBPwbJbPYFx2UC8AAABgYID-AEnuRovRcGZyizyT5Vq0MC7WwtnC4RZNbIOJxbWbzTYuIyDJ3WgxGs5MbpFnslyLFsbFWjhbONyiiW0wsbh2s9nGZQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQ0A6n3foPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxR6vbx-kDZdCFSYFuEEQAAAIDc6k3JI5N0gopFlf___34rAFcAAAIQZcR9NrPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QkkJPmqCBwg81v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLDkErBoPVCYjZAQAAALjz____jwcvQ75KidowVQ9I-RablcMzcvhGxtlgNxnObDbnzOXyzGaDmc018x4uCAP1V5q0iz4iwjL7fQch3-0yPHwug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDZxuVarmW2tGs4cbtHIuFsLZ7vlWrVyuSaLiW_kWjncotfHdLENFsaVZ4sEA0z2InlapBOZczJa7oaTicWymG2Gu43JM1kuPJOJyznYbAyTiViiOVmkE9ll3_ItNiuHZ-TwjYyzwW4ynNlszpnL5ZnNBjOba-avTVyu1WpmW6uGM4dbNDLu1sLZbrlWrVyuyWLiG7lWDrfo9TFdbIOFceXZN2bD0Wg4GM52-8ZsOBoNB8PZbt9hMj1Tn7PRGhNfPjLVuLSyTGxOg8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-FbXZc97Uz6uKa_zIDYYFLFEcJFOdH63y-R0ONaio8tvd_rtFrFEabpIJ_qi3-0yPHwuf0UsEZwu0onQ73ZZ1H_0EMPVXLLYzBWr1Vwxmq0SAAAAAAAAAIAlmGa6CQAAAICTQQ2Xi8VsnQ5mMpwtRrPlArjwJNP1M7wjH_jGC7lLpjGB7EJIxrhYY49FnN_tMjkdjrXo6PLbnX67lQFceFox2-wzglir1bIGAAAggA0AAECAm268CUih4v7____HAQAAkJFDDwAAgH4f0NQzF0q98CM_ghzORvsHoEKs1Wp1u7FWqwU!&cmcv=&pix=31589837&cb=1684480869727&uv=3280&tms=1684480869727&abt=nonrv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1684480866636.6!ts:1684480869726&mntl=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
content-length
0
server
nginx
e2d5850a1036b5e3c57f1c27464420b0__scv1__300x175.png
d2cli4kgl5uxre.cloudfront.net/ML/ Frame 668E 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2cli4kgl5uxre.cloudfront.net/ML/e2d5850a1036b5e3c57f1c27464420b0__scv1__300x175.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4e00:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c904d482d63252752df2063bec93a6f15bc1b899e2e9496f31ccab45af45762b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
RZt9HMz1RAg17g2pqttiTopfcg8UKdid
date
Fri, 19 May 2023 06:08:07 GMT
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
4722
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
63623
last-modified
Mon, 08 May 2023 15:49:37 GMT
server
AmazonS3
etag
"7aadbce0155aa8afa3965d50b4271429"
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
7htGAmdgxWiTwJR8DegP-REXFMYEAIBE3KXsOwJFC2Pb5Qxo9AQyJQ==
blue-arrow.png
onlinertb-us.s3.us-west-2.amazonaws.com/js/images/ Frame 668E 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinertb-us.s3.us-west-2.amazonaws.com/js/images/blue-arrow.png
Requested by
Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/template/style/style_banner_970x250_standard_7d44cb.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.153.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
bf282b4ef41bf52ed9cb27a33190fdcf162f28a2c126beabaad623eef16148d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mediago.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 07:21:11 GMT
x-amz-version-id
null
Last-Modified
Thu, 10 Feb 2022 06:05:51 GMT
Server
AmazonS3
x-amz-request-id
9YK5APDZE9CWX6F7
ETag
"3da1ac71a612038f43614f4891129b18"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
28511
x-amz-id-2
e3erYIiYkDJ4eq0kcGD70uImoFyb5HcdFui214lg/ktQKfgb5fFlQuElfus0Wd4sga6yJuvs8qY=
ic
trace-eu.mediago.io/ju/ Frame 668E 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace-eu.mediago.io/ju/ic?tn=39934c2bda4debbe4c680be1dd02f5d3&trackingid=64d41c907e4281c16306deac8605bb7a&acid=23882&data=Vo9nQ6c-3T_34-tFJ5KYnLtpom8mtc2JNwzGBqChhednhV5tuKEE_UhIisv-nr0x37tQD-IxOkpHqZfb-FKpc5F-LgxGroPKHBpbfSKCtoFrYI9fG5AeETBoNRsfwnDprdpjFyr1Z3Ui7xcb5VItk76hwKNq-ug2Ih7gehLI4DqWPU6IrVOmdJLp5sBinZQjIPFP48qFlMvSZAgrq8iSHo1cLvy3b51i3lwP1s267RLpR6TBkGFDHZAsbzXhnANSaSH5iOadErI88Aid5BbqqjAxT9ftxCCy_OgMtjKqW-1EjjY299J_3dB6nHK4ztXVAgxXNiw3olTWcsxADet8Sbg4XZFhOsn6IpQYgvU1soPBbunVt_NJu2o9ORvK0ypVW2xJBHXOWlBpN8bE-ElGPPasS0h8edoMiLCA3G8m4TELbJ6nh0ndFnwnZtY_15WPaBiYUuKsTMoYl3L9HmsJHpXGN8Nmr7koNCLp6w6yakN3ZMU0_PE-0MuXD_-qGOgVKhcd-_58QJIeWZqYOMEc5_sNOYTD2bYOA-FmB2bPwO2-EI5umsjrUZoEohUWB3PLG-S4IAMIFDaxEzVVTDdHK9zWyy9WrZCz9SLPkpGuTW5EnCXP-CtpAApAaOSXdIHvT5ra1h5ez0EZ1LYyg5gASsAmZ5e5E7Uebx6qBbAB8l6E9uENPKWZDcWPAfgKJgDasOmdZi2kBWQyecEfpWzcDxbkgCUXVDrE0f1WDmt9_Wt3D4SROGOJXTUzJMhrqBjO0zyS91b_DkPGcXiWbyfVB3oBHvfzF-sVzYdFkTijJHqKTScCpJ2I5dZd-8EmpQmsKt2af5Yv73J5Cr8bYUs7JR4x67JJIjpC1sZL4G3m-tYf35bGFsqLh_KfRaX9jWYDMypBbD7K7kgqdx_2C0cWOhmFVtHX4oP_XJhxQUGlB7QGimNdkxee1ULgj-7auTSZChN6FcrGoA-kpM6N5_G3C1nG9j6M9LfeRDgdZXLWAlHU1v7jMFrpT8TD3X71KyJaHTODZy6jruprVH6VBosYpZ6GYuY4LNf6Kb7hYG-h2Mocpjo9pe2pdqcBlL-TV7bPQnQtj5T8LL0s2Wm3HBTQ4PEMY4uBkrAlqNtJIOQ8NVLGWGygGG_I3XlD_Xu1uQvMW38shEW2bCp4vwDBTcP1LmWrstFlOaukvL4E8-5yzVGkqa2cHgUNOtgVODnH5VIsRIjSZ0HHgYWGOQjowrdb0swwY7DrmYLE1WOR-naZWqc&uid=8678426496727659232&mguid=&ap={AUCTION_PRICE}
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
80.168.214.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
setuid
ib.adnxs.com/ Frame 668E
Redirect Chain
  • https://trace-eu.mediago.io/cs/xandr?rdid=9b77a8ba17972c0f439f7271d9d4c216
  • https://ib.adnxs.com/setuid?entity=529&code=6353e3be9a6184a972875fe1388ff414
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=529&code=6353e3be9a6184a972875fe1388ff414
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
HTTP/1.1
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:09 GMT
AN-X-Request-Uuid
a07b2546-c7aa-43e7-8ba4-37b97aa4fe0d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/setuid?entity=529&code=6353e3be9a6184a972875fe1388ff414
date
Fri, 19 May 2023 07:21:09 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103
content-type
text/html; charset=utf-8
async_usersync.html
acdn.adnxs.com/dmp/ Frame 654A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7656&pub_id=1573867
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 19 May 2023 07:21:09 GMT
ETag
"623de86a-cf34"
Expires
Sat, 20 May 2023 07:21:11 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
fra1-ib.adnxs.com/ Frame 668E 		0
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.theonion.com%2F&e=wqT_3QKlBPBMJQIAAAMA1gAFAQjjxpyjBhDt8_7rk4X5tB4Y4OWolrLd_bd4KjYJOLpKd9c5AEARTgpv5sKO_D8ZAAAA4KNwGkAhTgpv5sKO_D8pOLoJJNAxAAAAwPUo9D8w-djzCjjoO0C4aEiRBFC3w_bOAViegnhgAGi6pmR4xIYGgAEBigEDVVNEkgUG8MKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOOsSTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTQ2qAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEp425IsgEANoEAggB4AQB8AQF5ViIBQGYBQCgBfOr9tPYtILZdMAFAMkFAAUBFPA_0gUJCQULRAAAANgFAeAFAeoFDAoIVGhlTwHCYBIA8AXum1b6BQQIABAAkAYAmAYAuAYAwQYBMDQAAPA_0AbVrwXaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcHMTc0MjQ0OcgHxIYG0gcNFX4BMAjaBwYBaHAYAOAHAOoHAggA8Ae5yQKKCAIQAJUIAACAP5gIAQ..&s=0d782b1a0f8012a3caf0e1fab19813967702c192&bdref=https%3A%2F%2Fwww.theonion.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.theonion.com%2F,https%3A%2F%2Fwww.theonion.com%2F&
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:09 GMT
AN-X-Request-Uuid
932afd81-bd42-489b-aeb9-5b4d65db3057
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
info
www.theonion.com/api/veritas/ 		92 B
810 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/api/veritas/info?pi=50e5d5e8265421bfb3ffab5c5f5c5462422a4853&cb=1684480869790
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.9fb1351ec6bf73140995.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c9c3c0e5c963f8122f31d0d501e95e65fb4348af55a6aa6f6dd7c703c0957562
Security Headers
Name Value
Content-Security-Policy default-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 May 2023 07:21:09 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
master-only
x-kinja-gdpr
true
age
0
x-cache
MISS, MISS, MISS
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
107
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000057-IAD, cache-iad-kjyo7100170-IAD, cache-fra-eddf8230047-FRA
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-timer
S1684480870.791863,VS0,VE107
x-frame-options
DENY
vary
Accept-Encoding, Authorization, X-Valid-Scroll-User
content-type
application/json
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-cache-hits
0, 0, 0
b
www.theonion.com/api/veritas/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.theonion.com/api/veritas/b?debug=0
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.9fb1351ec6bf73140995.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-Veritas-Version
1.1.2
Content-Encoding
gzip
Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self'
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Fri, 19 May 2023 07:21:09 GMT
x-permitted-cross-domain-policies
master-only
x-kinja-gdpr
true
x-cache
MISS, MISS, MISS
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-nocache
content-length
0
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200115-IAD, cache-iad-kcgs7200115-IAD, cache-fra-eddf8230047-FRA
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-timer
S1684480870.797573,VS0,VE120
x-frame-options
DENY
cache-control
no-cache, no-store, private
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-cache-hits
0, 0, 0
generic
match.adsrvr.org/track/cmf/ Frame 1676 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eKECLAZ4NstnMC47qBPwbJbPYFx2UC8AAABgYID-AEnuRovRcGZyizyT5Vq0MC7WwtnC4RZNbIOJxbWbzTYuIyDJ3WgxGs5MbpFnslyLFsbFWjhbONyiiW0wsbh2s9nGZQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQ0A6n3foPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxR6vbx-kDZdCFSYFuEEQAAAIDc6k3JI5N0gopFlf___34rAFcAAAIQZcR9NrPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QkkJPmqCBwg81v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLDkErBoPVCYjZAQAAALjz____jwcvQ75KidowVQ9I-RablcMzcvhGxtlgNxnObDbnzOXyzGaDmc018x4uCAP1V5q0iz4iwjL7fQch3-0yPHwug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDZxuVarmW2tGs4cbtHIuFsLZ7vlWrVyuSaLiW_kWjncotfHdLENFsaVZ4sEA0z2InlapBOZczJa7oaTicWymG2Gu43JM1kuPJOJyznYbAyTiViiOVmkE9ll3_ItNiuHZ-TwjYyzwW4ynNlszpnL5ZnNBjOba-avTVyu1WpmW6uGM4dbNDLu1sLZbrlWrVyuyWLiG7lWDrfo9TFdbIOFceXZN2bD0Wg4GM52-8ZsOBoNB8PZbt9hMj1Tn7PRGhNfPjLVuLSyTGxOg8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-FbXZc97Uz6uKa_zIDYYFLFEcJFOdH63y-R0ONaio8tvd_rtFrFEabpIJ_qi3-0yPHwuf0UsEZwu0onQ73ZZ1H_0EMPVXLLYzBWr1Vwxmq0SAAAAAAAAAIAlmGa6CQAAAICTQQ2Xi8VsnQ5mMpwtRrPlArjwJNP1M7wjH_jGC7lLpjGB7EJIxrhYY49FnN_tMjkdjrXo6PLbnX67lQFceFox2-wzglir1bIGAAAggA0AAECAm268CUih4v7____HAQAAkJFDDwAAgH4f0NQzF0q98CM_ghzORvsHoEKs1Wp1u7FWqwU!&cmcv=&pix=undefined&cb=1684480869727&uv=3280&tms=1684480869727&abt=nonrv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=974148fd-d329-4a81-86aa-4b60bb5766ce&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 19 May 2023 07:21:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
6be555f6-58fa-4d87-8679-5ee521b7d5ea-tuctb60a8e3
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 1676 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/6be555f6-58fa-4d87-8679-5ee521b7d5ea-tuctb60a8e3?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eKECLAZ4NstnMC47qBPwbJbPYFx2UC8AAABgYID-AEnuRovRcGZyizyT5Vq0MC7WwtnC4RZNbIOJxbWbzTYuIyDJ3WgxGs5MbpFnslyLFsbFWjhbONyiiW0wsbh2s9nGZQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQ0A6n3foPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxR6vbx-kDZdCFSYFuEEQAAAIDc6k3JI5N0gopFlf___34rAFcAAAIQZcR9NrPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QkkJPmqCBwg81v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLDkErBoPVCYjZAQAAALjz____jwcvQ75KidowVQ9I-RablcMzcvhGxtlgNxnObDbnzOXyzGaDmc018x4uCAP1V5q0iz4iwjL7fQch3-0yPHwug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDZxuVarmW2tGs4cbtHIuFsLZ7vlWrVyuSaLiW_kWjncotfHdLENFsaVZ4sEA0z2InlapBOZczJa7oaTicWymG2Gu43JM1kuPJOJyznYbAyTiViiOVmkE9ll3_ItNiuHZ-TwjYyzwW4ynNlszpnL5ZnNBjOba-avTVyu1WpmW6uGM4dbNDLu1sLZbrlWrVyuyWLiG7lWDrfo9TFdbIOFceXZN2bD0Wg4GM52-8ZsOBoNB8PZbt9hMj1Tn7PRGhNfPjLVuLSyTGxOg8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-FbXZc97Uz6uKa_zIDYYFLFEcJFOdH63y-R0ONaio8tvd_rtFrFEabpIJ_qi3-0yPHwuf0UsEZwu0onQ73ZZ1H_0EMPVXLLYzBWr1Vwxmq0SAAAAAAAAAIAlmGa6CQAAAICTQQ2Xi8VsnQ5mMpwtRrPlArjwJNP1M7wjH_jGC7lLpjGB7EJIxrhYY49FnN_tMjkdjrXo6PLbnX67lQFceFox2-wzglir1bIGAAAggA0AAECAm268CUih4v7____HAQAAkJFDDwAAgH4f0NQzF0q98CM_ghzORvsHoEKs1Wp1u7FWqwU!&cmcv=&pix=undefined&cb=1684480869727&uv=3280&tms=1684480869727&abt=nonrv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=974148fd-d329-4a81-86aa-4b60bb5766ce&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:a280:fe7c:1c7c:7039 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 1676 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eKECLAZ4NstnMC47qBPwbJbPYFx2UC8AAABgYID-AEnuRovRcGZyizyT5Vq0MC7WwtnC4RZNbIOJxbWbzTYuIyDJ3WgxGs5MbpFnslyLFsbFWjhbONyiiW0wsbh2s9nGZQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQ0A6n3foPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxR6vbx-kDZdCFSYFuEEQAAAIDc6k3JI5N0gopFlf___34rAFcAAAIQZcR9NrPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QkkJPmqCBwg81v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLDkErBoPVCYjZAQAAALjz____jwcvQ75KidowVQ9I-RablcMzcvhGxtlgNxnObDbnzOXyzGaDmc018x4uCAP1V5q0iz4iwjL7fQch3-0yPHwug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDZxuVarmW2tGs4cbtHIuFsLZ7vlWrVyuSaLiW_kWjncotfHdLENFsaVZ4sEA0z2InlapBOZczJa7oaTicWymG2Gu43JM1kuPJOJyznYbAyTiViiOVmkE9ll3_ItNiuHZ-TwjYyzwW4ynNlszpnL5ZnNBjOba-avTVyu1WpmW6uGM4dbNDLu1sLZbrlWrVyuyWLiG7lWDrfo9TFdbIOFceXZN2bD0Wg4GM52-8ZsOBoNB8PZbt9hMj1Tn7PRGhNfPjLVuLSyTGxOg8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-FbXZc97Uz6uKa_zIDYYFLFEcJFOdH63y-R0ONaio8tvd_rtFrFEabpIJ_qi3-0yPHwuf0UsEZwu0onQ73ZZ1H_0EMPVXLLYzBWr1Vwxmq0SAAAAAAAAAIAlmGa6CQAAAICTQQ2Xi8VsnQ5mMpwtRrPlArjwJNP1M7wjH_jGC7lLpjGB7EJIxrhYY49FnN_tMjkdjrXo6PLbnX67lQFceFox2-wzglir1bIGAAAggA0AAECAm268CUih4v7____HAQAAkJFDDwAAgH4f0NQzF0q98CM_ghzORvsHoEKs1Wp1u7FWqwU!&cmcv=&pix=undefined&cb=1684480869727&uv=3280&tms=1684480869727&abt=nonrv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=974148fd-d329-4a81-86aa-4b60bb5766ce&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.71.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-71-228.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-142218-33&cid=472714348.1684480868&jid=1549290324&_u=aCDACEABFAQCACAAI~&z=339458493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-142218-33&cid=472714348.1684480868&jid=1549290324&_u=aCDACEABFAQCACAAI~&z=339458493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame EA11 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8eKECLAZ4NstnMC47qBPwbJbPYFx2UC8AAABgYID-AEnuRovRcGZyizyT5Vq0MC7WwtnC4RZNbIOJxbWbzTYuIyDJ3WgxGs5MbpFnslyLFsbFWjhbONyiiW0wsbh2s9nGZQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQ0A6n3foPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxR6vbx-kDZdCFSYFuEEQAAAIDc6k3JI5N0gopFlf___34rAFcAAAIQZcR9NrPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QkkJPmqCBwg81v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLDkErBoPVCYjZAQAAALjz____jwcvQ75KidowVQ9I-RablcMzcvhGxtlgNxnObDbnzOXyzGaDmc018x4uCAP1V5q0iz4iwjL7fQch3-0yPHwug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDZxuVarmW2tGs4cbtHIuFsLZ7vlWrVyuSaLiW_kWjncotfHdLENFsaVZ4sEA0z2InlapBOZczJa7oaTicWymG2Gu43JM1kuPJOJyznYbAyTiViiOVmkE9ll3_ItNiuHZ-TwjYyzwW4ynNlszpnL5ZnNBjOba-avTVyu1WpmW6uGM4dbNDLu1sLZbrlWrVyuyWLiG7lWDrfo9TFdbIOFceXZN2bD0Wg4GM52-8ZsOBoNB8PZbt9hMj1Tn7PRGhNfPjLVuLSyTGxOg8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-FbXZc97Uz6uKa_zIDYYFLFEcJFOdH63y-R0ONaio8tvd_rtFrFEabpIJ_qi3-0yPHwuf0UsEZwu0onQ73ZZ1H_0EMPVXLLYzBWr1Vwxmq0SAAAAAAAAAIAlmGa6CQAAAICTQQ2Xi8VsnQ5mMpwtRrPlArjwJNP1M7wjH_jGC7lLpjGB7EJIxrhYY49FnN_tMjkdjrXo6PLbnX67lQFceFox2-wzglir1bIGAAAggA0AAECAm268CUih4v7____HAQAAkJFDDwAAgH4f0NQzF0q98CM_ghzORvsHoEKs1Wp1u7FWqwU!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 19 May 2023 07:21:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
6be555f6-58fa-4d87-8679-5ee521b7d5ea-tuctb60a8e3
pr-bh.ybp.yahoo.com/sync/taboola/ Frame EA11 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/6be555f6-58fa-4d87-8679-5ee521b7d5ea-tuctb60a8e3?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8eKECLAZ4NstnMC47qBPwbJbPYFx2UC8AAABgYID-AEnuRovRcGZyizyT5Vq0MC7WwtnC4RZNbIOJxbWbzTYuIyDJ3WgxGs5MbpFnslyLFsbFWjhbONyiiW0wsbh2s9nGZQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQ0A6n3foPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxR6vbx-kDZdCFSYFuEEQAAAIDc6k3JI5N0gopFlf___34rAFcAAAIQZcR9NrPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QkkJPmqCBwg81v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLDkErBoPVCYjZAQAAALjz____jwcvQ75KidowVQ9I-RablcMzcvhGxtlgNxnObDbnzOXyzGaDmc018x4uCAP1V5q0iz4iwjL7fQch3-0yPHwug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDZxuVarmW2tGs4cbtHIuFsLZ7vlWrVyuSaLiW_kWjncotfHdLENFsaVZ4sEA0z2InlapBOZczJa7oaTicWymG2Gu43JM1kuPJOJyznYbAyTiViiOVmkE9ll3_ItNiuHZ-TwjYyzwW4ynNlszpnL5ZnNBjOba-avTVyu1WpmW6uGM4dbNDLu1sLZbrlWrVyuyWLiG7lWDrfo9TFdbIOFceXZN2bD0Wg4GM52-8ZsOBoNB8PZbt9hMj1Tn7PRGhNfPjLVuLSyTGxOg8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-FbXZc97Uz6uKa_zIDYYFLFEcJFOdH63y-R0ONaio8tvd_rtFrFEabpIJ_qi3-0yPHwuf0UsEZwu0onQ73ZZ1H_0EMPVXLLYzBWr1Vwxmq0SAAAAAAAAAIAlmGa6CQAAAICTQQ2Xi8VsnQ5mMpwtRrPlArjwJNP1M7wjH_jGC7lLpjGB7EJIxrhYY49FnN_tMjkdjrXo6PLbnX67lQFceFox2-wzglir1bIGAAAggA0AAECAm268CUih4v7____HAQAAkJFDDwAAgH4f0NQzF0q98CM_ghzORvsHoEKs1Wp1u7FWqwU!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:a280:fe7c:1c7c:7039 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame EA11 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8eKECLAZ4NstnMC47qBPwbJbPYFx2UC8AAABgYID-AEnuRovRcGZyizyT5Vq0MC7WwtnC4RZNbIOJxbWbzTYuIyDJ3WgxGs5MbpFnslyLFsbFWjhbONyiiW0wsbh2s9nGZQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQ0A6n3foPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxR6vbx-kDZdCFSYFuEEQAAAIDc6k3JI5N0gopFlf___34rAFcAAAIQZcR9NrPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QkkJPmqCBwg81v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLDkErBoPVCYjZAQAAALjz____jwcvQ75KidowVQ9I-RablcMzcvhGxtlgNxnObDbnzOXyzGaDmc018x4uCAP1V5q0iz4iwjL7fQch3-0yPHwug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDZxuVarmW2tGs4cbtHIuFsLZ7vlWrVyuSaLiW_kWjncotfHdLENFsaVZ4sEA0z2InlapBOZczJa7oaTicWymG2Gu43JM1kuPJOJyznYbAyTiViiOVmkE9ll3_ItNiuHZ-TwjYyzwW4ynNlszpnL5ZnNBjOba-avTVyu1WpmW6uGM4dbNDLu1sLZbrlWrVyuyWLiG7lWDrfo9TFdbIOFceXZN2bD0Wg4GM52-8ZsOBoNB8PZbt9hMj1Tn7PRGhNfPjLVuLSyTGxOg8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-FbXZc97Uz6uKa_zIDYYFLFEcJFOdH63y-R0ONaio8tvd_rtFrFEabpIJ_qi3-0yPHwuf0UsEZwu0onQ73ZZ1H_0EMPVXLLYzBWr1Vwxmq0SAAAAAAAAAIAlmGa6CQAAAICTQQ2Xi8VsnQ5mMpwtRrPlArjwJNP1M7wjH_jGC7lLpjGB7EJIxrhYY49FnN_tMjkdjrXo6PLbnX67lQFceFox2-wzglir1bIGAAAggA0AAECAm268CUih4v7____HAQAAkJFDDwAAgH4f0NQzF0q98CM_ghzORvsHoEKs1Wp1u7FWqwU!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.71.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-71-228.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
truncated
/ Frame 55A7 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e78a7f108384b6ee48701f160f51b6396c6174b6168be2fff9345841dcddbd42

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame E45E 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=931294&campId=970x250&pubId=4531748607&chanId=22405397127&placementId=4601588782&pubCreative=138271807375&pubOrder=2260375129&cb=463759132&adsafe_par&impId=&custom2=top&custom3=&custom4=&custom5=top-01
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.103.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-103-77.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c1d5f0ad52f72f1ca7a3e29776a40fdc9d81872fed64adcf4cd87c4c0275f7cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:09 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
dv-measurements3783.js
cdn.doubleverify.com/ Frame E269 		533 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3783.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:2030:0:4e::d59b:9dc8 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f7c270e257a1e2027a1a4ee15e169cb707f84cae9aed18260017f305c56c3838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 07:21:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 May 2023 08:31:08 GMT
Server
Microsoft-IIS/10.0
ETag
"0ae14c3d087d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
102948
vevent
fra1-ib.adnxs.com/ Frame 55A7 		0
959 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.theonion.com%2F&e=wqT_3QLeF-jeCwAAAwDWAAUBCOPGnKMGEO7j_cC93rvSehgAKjYJ3eo56X3DBkARCl6ZXDEIBEAZAAAAgBSuGEAhCg0SACkRJNAxAAAAoEfh8j8w_tjzCjjoO0C4aEiRBFC3w_bOAViegnhgAGi6pmR4mdgFgAEBigEDVVNEkgUG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqA88TCqMTaHR0cAEv8NB0cmFjZS1ldS5tZWRpYWdvLmlvL2FwaS9sb2cvd2lubm90aWNlP3RuPTM5OTM0YzJiZGE0ZGViYmU0YzY4MGJlMWRkMDJmNWQzJndpbmxvc3M9MSZpZD1kY2QyMzIzZGQwN2NiYWUwNGVkYzVmMmRiNTczMTQ1OSZzZWF0X2lkPSR7QVVDVElPTl9TRUFUX0lEfSZjdXJyZW5jeT0ke0FVQ1RJT05fQ1VSUkVOQ1l9JmJpZF9pZD0ke0FVQ1RJT05fQklEX0lEfSZhZF9pZD0kexFPAEEJFwWTgCZpbXBfaWQ9ODgzNzQ1MTA5OTg3ODE1ODgzMCZwcmljZR1r8E9QUklDRX0mdGVzdD0wJnRpbWU9MTY4NDQ4MDg2NyZkcD1tMnMwY2ozeU9VWkNvZnl0NTJQampiQ2JVbWY4UktLVFNjX3ViLU1OVFhrJmRzcAF49D0IMjImdXJsPVNadWplODc5dTRJWWRpTUtzUS01dFF4RXN6LURHMFlnMnFLVXZBNzNqRnlmVmZHV0dYYUhuVGh2M0Rxb0VaN0o5d3VCNG1qQW1vNXZDaTRCcHFVX1ZRZWduazF3aEM2bHhQSi1zZGJjcnhJY3pDcVk4ZVVTNS1kSkxDVWN4ay1xZHE4M0c2RWt1M1hwZ1lNLThud21PejZTWUdNdGV0dDcwanhQSE10a2UtMEs5amUyRS1UVjZ1R1ltZzktc0hZdklWVG5tRVJmMHZZM0xIZ0cybXFJYWxXUXBHT05zRWRDN0RXdjRlVnA0ZGhzaVBkV20xcEJqeWxCeTBXQ1l6OF8tMFdnMFFSYlJaWTJwdE42a3MxbG1OQW9FMU5zM3BmRlprTzZZVDZlLWpZMHFJbkE1LVVGMkpyalgwbXgwLXd0VGNNUk1XZ0FtU2lKTDRndjhDV2xmaUthc3RXNjhpVWJuWVpmcXJKdmdwZTVNNzI1ZWlCNzhfRDc1SGFubHBKdWN6WUhSRWVYQ3lEWVpXeXRycGtIWE1wZHRjSndGQkpCMUkxdHllMWtuRFQzSE02VGk0bTZQY19VaG8yYUhMLUdRVDF4LW9PZTM4OW42Qk03ZUpQTlprV3phXzlreDdRazg5cElUUDlWaU9YNklWQ00tV0R1WWNqQVVKNVRDS0oxV0NLZ2NCLVpDdGJxQk80ZU5jT2k3bjBBeU5sd0RBWVBxWHFfTnpHQTRMNGdNelRhTE9wU2xjTms3YnlwUDZ2cnhmN3RDRnBrZVB2RmNIWW52b01MRVI3UEVJcHBwS1kxRHI5bTNlbDlNMVZlYnV2MHhYamJ1eDZJR0VvcHZTci1PNWw3M0N6aGdYRENwSVhjYWRHT2M3eUl2aFlOM0duQlJtOW1uZjV4U1NublR5MklUeXVoY2tRZlNaclNwUFRpMWJnVEN0NkNiTzFhb1hhdkw2RndBbW9iLVVGUVlnMlBVamQ0ZHpINUVzdU13ZkM3RXc1Nks3ajAzNGY0VnRZTFVzSkNJMUUyQV9vUGtORjBMN2wxU0FDRExaZDdGWGk5SlhkMW1hNFZvdlFlYW1xWk1zelllZGluZUhKMmRVNXRheklkWWtWeGdzelZabnprVnlGZnVfdU9Bd3pNOFl3ZFpGc0VtVzJIYU55MnVEaHhSTkVwVktnN1hyazVLVllleUpCX2xRZl9jWm01ckpJd0dUQTVIdUoxajRVZ2FuclUxTXpncW5ZcWFxRTAxS0VEcERaVmtHd0V0Mkl1aGw0cVVvaEpQbnJuY3p4VU94WjJTQnFsQ2lJM09oWVBIZVZVeDFldWhxR05VRkxzcUp3SGNIMGNpbHJDV2hoS2paME93eDNIYl9IcVlqbWIyd21qeDZCZ1d4ZFVtYUd4VzE1ZjRPRVU4TjduRTlMNTBkNlp1bG5QNWRJUFpjaGVHTGFqaVR5U3ZaVUVESHdyRWVQRzJHX0UxZXhFQkpNNmVQVE1MWVVZODl3ZXZpVHcxMm85U1dNREhSM0t5cEt3MzFHM3QwX3lLQUhOOGk2RFJFN1JHS3BLMFQ4VE9nelZOaDh2NmJQaFk3MHlGLWNzVGFlOWF0TGNfUlFVeGJSX3l0VjBXaFlQc2FMbjVjblRSdEZydllfdEw4NkI5MlBCVUxnRHZXUVVKOXd1ZXY4Mzhsa3dybXN0MzlWUm9Wc0pYVk5mWUVFa0xlM1JETVk3czdrZ0VKX2VwOHNjdm5BVC1xMTFRY0tOLWdXYVNjUVRsbEc4TWVnRDgwajF2d3lQTkNxZ0xKdFVoQzMtTEhCUi1lV2Y3bkVReGowT1FFQnJ0bzdTVjl0TlNnS2oxMXA0Q0hGNC1zM0tfV1VHeE1QVzFPWHZuN2ljU3dtNU0wdVcxbzRObmFOSFdocy1SNFZaTzZrUXhhMFl4aEwySDF1MGR4ek5RT2lCM25QX0V2c3ZFR1F5WWxfZ3dPSVBEVUU5bkN1NElBUURMV1VRbXRITEdkTXRLZlNHVzBCX21fOGdEYW9BcndtWC1CbEJnT3duSERNUy1PVzVkNFcyem96cHItWHdtNnpobG5oLTd0OUJYV0tKQU5IbVlLVlBiTTR4eXZUMklwaTJnRXhKTFJXRnQxVUFiam1lMGNGRHpYY2pGaGVTQXoteFhiYTE2US1ubDYtb2JVOHpqcC1ab0owMTlkQTZTdFZQZ2psc01GU1FoRUYwd3dNWmRvNUx6VnJrUkxPSEpONFpwZTNXSkVEdW5Oa2tOMy10QmxHaGU2Rl84MEttN2hmMEx0c3g5ODBYSlBiTWxhczJZVUJESzdsR2pEaXBhejRVem4yb05rVlIxdTk4dUgxblllSGVmUWtjREtfRVVQZFNBVTFYMkFnVmRFOFVyaHVHWXR0THB1NjkzckYxeTZ0TDYtNUFyVl9OeFIwTUdDSy1uNWQzUEszMktkZ2cyNmZZaE1pM0RFb3ZXU09PQXdrN3ZVekEwa0RWV0hFWk5DU0JQNnBYTEczQkZJamZrTThfR1RxMExCQ2drbDlpZ05CLWQ2TDFKY3E1VUlTcVpKZWktNlZHOVhMVmFBQUhZb1FuNFUtWHExNjdXME9rQlNicHBYdzZDeDR1a0xvLXhGUndBZndleWp3SHJ5WGxzU3BnUjN4QmRXUm5pSmRlM1FyamdhMjlDVTkzSzFRV0JvbU9QeTN6SGFKbTJwcXlDX1BoczZUck9QbGpNYkwyJnNwPW1pVFllaXYzVW5UMUZJYV9zOFN4VzB0SXlQOTBoeHRzdFNzSzVLb0s4cXcaEzg4Mzc0NTKwCDQiCTQzMzk1NTI1NSoHTQ60CfCVR2_AA6wCyAMA2AOOsSTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTQ2qAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEp425IsgEANoEAggB4AQB8AS3w_bOAYgFAZgFAKAF-ZfYz96b1vpnwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ9w2AUB4AUB8AXum1b6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbVrwXaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcHMTc0MjQ0OcgHmdgF0gcNFW8BMAjaBwYBaHAYAOAHAOoHAggA8Ae5yQKKCAIQAJUIAACAP5gIAQ..&s=80c621e7c4ae8a269e7914faca5c48eb73d67442&type=nv&nvt=5&jm=1003&px=1515&py=178&bw=970&bh=250&sid=6610428161932762582&vd=ct~0|rr~0&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22867070&sw=1600&sh=1200&pw=4000&ph=7492&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:09 GMT
AN-X-Request-Uuid
88a90b42-4c2e-41ad-85ca-b49b91c9d184
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.theonion.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bulk
trc.taboola.com/gomedia1-theonion/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gomedia1-theonion/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230518-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Fri, 19 May 2023 07:21:09 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230045-FRA
server
nginx
x-timer
S1684480870.972389,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.theonion.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
truncated
/ Frame 668E 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf8fdbe63db9325383e55175c13ee611eb4c1179943854a40850f7cd4b8baf9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 57E5 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=931294&campId=970x250&pubId=4531748607&chanId=22405397127&placementId=4601587669&pubCreative=138271807375&pubOrder=2260375129&cb=498864057&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-02
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.103.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-103-77.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6eafa497d13de2fd5d3e722a248b7abefd0adf1f637fe60ba10dc15bc7d8cb0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:10 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
dv-measurements3783.js
cdn.doubleverify.com/ Frame DADB 		533 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3783.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:2030:0:4e::d59b:9dc8 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f7c270e257a1e2027a1a4ee15e169cb707f84cae9aed18260017f305c56c3838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 07:21:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 May 2023 08:31:08 GMT
Server
Microsoft-IIS/10.0
ETag
"0ae14c3d087d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
102948
async_usersync
ib.adnxs.com/ Frame 654A 		0
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7656&pub_id=1573867&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7656&pub_id=1573867
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:10 GMT
AN-X-Request-Uuid
26e9ee55-725a-4005-8344-4328769de3b8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
country
api.btloader.com/ 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:10 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=igNWggui&w=5197056576585728&o=5726495427264512&cv=2.1.11-3-gabc8642&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.theonion.com%2F&sid=8NhqhAi6M&upapi=true
Requested by
Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 07:21:10 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
ic
trace-eu.mediago.io/ju/ Frame 55A7 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace-eu.mediago.io/ju/ic?tn=39934c2bda4debbe4c680be1dd02f5d3&trackingid=e62513cb3d604ae465b1e44c7cde03bb&acid=23882&data=-z0Hf6Q6C39CQmVsGOwYIQ-TfsAo37vrWIpfoCg5iLRa69KpmixbYXpGG_FQH139fHwbQAFlOViGOKm-qKZ29SavlajNDTUrg-n-W7BnbZtQn4xfwWkHXXsCtvJljSQw4o_Cu22nCY5w9tyzBn2xDIWX3Z_WdkmCFhQ1anNnvL7aonu-gxzdpMX0OQR64hPjcrhuWbA7dgyqWy_ADoFqMJz7SoU0x2VQokSLaUoY_uZMGX1RtOpSuLURHAE_3OhofVwLXADCsfBfEM0U8TppNif8yVan64kuhoYcuvmo5UpXu_ZW2xLzoPDdR_l-kSZ5k76XoAnBwKuS9FcgGovhIGZXxT7QQKKfVkzYldIAhbxYNFYNqGsNVgfELLHKw2WzyovpPVt4pMm6b00J3x9fSEy4pr8NwOzDAhAsCmbvW2fLOC5wz1VuTeSIATxzjGb98b8FJ19MQk334WIsqammYMxVvgdUXPb_5IzNZIsBGSx02Pu00ljDul43B8c4n67sFjDpqoSIEQizo740BPtpSqHM0mm6LUoY1yDRKMpIOOYG5e7k9p-xvqt4O6REx_HmALGH4kTNbp2bv-KtSMIjeACM1ulNpUHqEZcPIAoaedLiN5JxHy-47QzIpdZ7qgIvW0o6SbkUKGLBq9GzCkzinn34PEbHOCx3K7JPS63F7Yr73ObUaaUozROspsxkN9oLaJjlxBu7PeFcwNxmKLrHGR4P-rhRUq2a4h9YsajlmB-MmL0Ad5jSEw-JFs6AKqsUwIx_gVoMnlpZHxR0P_vQSUXg_L0E4hNmMVX2pLq41kNF_eWddIgPoEjzs9z-8KEtxL-V1fkdVgh5kBiUHfr-HrfuADrqwRJed9AuZ4xG0vQpGGHyDr4qveGF0QzAIwiSm6GBAdLsnDvc8jZ360nReDl3bly02USkrtPDrTH1FJb6ui1kVQK19wBl1XyaWCemZfEAWDuxLozrP68TvqX9PDVohQegXr-_8b1n4tMHgL-R3WGSlske6g3wj9YdOPlYC1pXrFCTW-p4-PMCv-LmEQORPrlq9-vDYRCQHJryuP8mHSM2ru2fC1B3SZcwQSG8nnVYP_jeIgXpBp-FiSsIt62fPamfQ0B0L_H6ILr0HA38wbKH37Yg7v-tjFv2nsg5GPejgrTenEojiG9IsJ5dkR_Cv2W8_LZvp1tJRBa5n5wJ_axMl2a0rLunFEw_FAsjobpaIc_DmkGrYNE_mRVz8E1JgTSWPKg_k_EEMejLa2K-770iIXSKZ5m3h1NoYlEf&uid=mid_5782153cd76a6937b3128d65c3d7d563&mguid=&ap={AUCTION_PRICE}
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
80.168.214.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
vevent
fra1-ib.adnxs.com/ Frame 668E 		0
959 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.theonion.com%2F&e=wqT_3QK8F_BMvAsAAAMA1gAFAQjjxpyjBhDt8_7rk4X5tB4Y4OWolrLd_bd4KjYJOLpKd9c5AEARTgpv5sKO_D8ZAAAA4KNwGkAhTgpv5sKO_D8pOLoJJNAxAAAAwPUo9D8w-djzCjjoO0C4aEiRBFC3w_bOAViegnhgAGi6pmR4xIYGgAEBigEDVVNEkgUG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqA6UTCvkSaHR0cAEv8NB0cmFjZS1ldS5tZWRpYWdvLmlvL2FwaS9sb2cvd2lubm90aWNlP3RuPTM5OTM0YzJiZGE0ZGViYmU0YzY4MGJlMWRkMDJmNWQzJndpbmxvc3M9MSZpZD05Yjc3YThiYTE3OTcyYzBmNDM5ZjcyNzFkOWQ0YzIxNiZzZWF0X2lkPSR7QVVDVElPTl9TRUFUX0lEfSZjdXJyZW5jeT0ke0FVQ1RJT05fQ1VSUkVOQ1l9JmJpZF9pZD0ke0FVQ1RJT05fQklEX0lEfSZhZF9pZD0kexFPAEEJFwWTgCZpbXBfaWQ9MjE5MTUzMzU1OTQ2OTAyOTg2OSZwcmljZR1r8E9QUklDRX0mdGVzdD0wJnRpbWU9MTY4NDQ4MDg2OCZkcD04c0hCSGJhU1dWRFV3WnhKUzNFemIzaXNxN1g0ZkYtRmN1TUg4RWRDUEFVJmRzcAV49GIJMiZ1cmw9TGNubHduVTNLdjVfdzFjOGJUUHZyLWM3QVN5QW1HWjM4N3pfWjhVOWZGOGk4RDlkQUZpWFJEV1M1RnRyQnFMZFA0TnNYdWRCeVdqZ2J5TFA3bEVrNUFQTjk1RlNKenZ6dVZ5a2N5SnEwdW43bV85MWwtdXRyOUZXdkY2ekVvdVVUMFNmR1YzZFpfS2YtempnQXNPYVAzM3U5TnFFaHQ4clNPekc0ZDZSUFJOZk4yd2I2eU5BLWNaMjdXRE5jLTd2Vi01cTZjdUJEWU9NeGtuTHp0aWRyUWMySjdTS3VielZhdlFUNk5wbFk2TG1IOUwzWHduc0cyakgzaTJCSnpTYzFjMjBCRkgxYTFONW0xM3RPSTJPN1NrSjloTUxNNVdmV1VUUkc0eUpIak92SUg3SWNGUTdlT3Q0SVowdTc3OE1tc3NSQ0ZDUjkzSUd5Mm1vS2hZc29YYmxlQlJmZ05TUXgydFF3VTE2NV9hVnN6VXI3MmhOZlQxVk9LYTVBaUJNUjRuZVlPZ2k3dzFYa1dqRDJlUW4wTmJqcVZETUhnWl82ZTZmaVBTT1pZUWxyWEFoOURKXzVTanVTeDVvYjl1SENRbGFzUWlDYUJyOUFsbEx2Y3ZOSkQ1REhxNlFvSzdJVW1rQ1VnRHY1blJRUlVsdmZZR3ctUl81UHBxX1lZZ3dna1l6c05EQU1Ma1pLWkxNSlEtWlpicnUxeXJvQ0NId0tEdnctcU9LQnpDc096T21hMERHbHVwMExtbE9aTWJhclZha2J0dTJRZW80RDRUTHFPQWVzR3dpOUtoR0VEeGgxUzJlaFNTNmIxUk1FN1hqMXdPcmwyMHdaRjFlajBWcm44WjNZQk82UFlsazBRYkpVeVBuTm5jTERLQjUzVWd6SW5RUXBNYW1OOThGLUJlaVlkR3J0dWRYVFZGWVRyRXR6QW90ZTlZemlpTlI5bzR2bUFpVjVYQ2tzN3hDRHlmZkRVbnU3bVhtYlVENjV5Z3lEMWFDaXJJVERMdXViS05PTGtOWXM3OVAwdzN4b2ZycG44ZThGNFdNTy1SVV9sOVd4QTRmNG1wTWh0bXdmU0lFWml0ZHVTTFo1bjN2QndlWGg2a3FBRXEyNUNEX0V3TjNONmg5X244R3htX25SZzZLRGtLc1hQZUc2andzUU5fQ2NleklTTVJSOWxMT3Uya1RpTmRPS0hCNDdkUThCS0RzTlRmTHNZYVNfSVNKRk5EUHJuYW90UEJONkd3YWgySElIeDUtTDF3X29KQ2FOdkpkS3h2b0hob0U4X3ZIU1JMYWZGUXVjem9XRGxxb1JZYUdMMmFtTWs2Y1BRTWVNcHRTX3lWNWFaYVIxbms4M09Kc0ZucVFpSmRNNG9QZ05QVkVrSUZFTE5DS1JVNndDUy1xZkFBWDh5VVRiZkF1MExmaU5FWTBERW02MFlPa2pMaTUydVdBZl9IR3B2ak5RUlNaYnQyQ3lxR1F2LUlOellGT3NzTWZIclZKaTNYZnFuWFFoRkM1VDFCbC04NzUwX0oyeVUyY2N4alN1ZWtqM01odjYwNnVlVkp6S0ZLaGZNeW5zaUtKX1lIRmtGWE10WlBDeWdzVi10WWtQQ2d5SkRBc3lsVi1kZUxsWmVzdThfd3lmeWNaSENGVHMwY0x6b3Y5YUZ6M016MkZ4amdMQ0lGQlNaOHFPa0FIcUhLbXpDd1pRc3FxQTQtQ2taZW5tdGxoN2JIZWFqRkNWdEN6RktPZlUwb3FJbFZCZlFhSTd5ZDdoUGM2ajlNaWw5YTZTVEw4dUlkS0lVVG1tczMtYWJjSEwzNTE2TzFjMW9vYlFvS01ZNDdHb3k3clllYTN0dGt5cEhuM1NQUnFtTEVXX0xRbU5sZFhSdG9icFRhTEp5b0djOHV6RzNkVUxiaUo1QVhMUVBhVk4wVUg3ZE82WHU2OGo4MUg4b0lwTTVmTmF2Nk5SQlotaDZZbmtYX1QzRHFxd2FpMzFvVGZGc2RYWVVEcXc0X0lxTFAzVzlaRVZtM1AzTUNIbkxmYjluUXc5eGFJS2REaC1icVZXa1ppbU1FelRDbjlKRm9PQ2U0bWVVVGJQQ2FzN2lQcEt3RU1tRzVmZDNHTTMyS1QtNmw3T29wcjJJQnJGYV9XSGNnN0RJYnM5aEh2c0k2eWhxbXZOQzBjWXA2WWZkWlF5MzM4V2pMR3czRXlhSnJMbEdmZHk0M2MzVFBtcDBzcWVISkhPSndHeF83cFlwck5NR245NTJFSzR3YV9mbVN3YVBtd0gtaVlVelhsWWJlbVNBQWc1Z3JQTUlKTzZDbmFwV1VWY195NmtpMFBJdmVwOUxmeHEtQkpLdHdwSjZDVGJ0NzNxd3NYZmRGSVR0ZDNiUWwtY0hUYUY5NThISkxELXMyTDNTR3RLS3RmVS1MSEtYaXpoNHZGYWpBdFRpRU1RM0o1ZWx6WnVKNDhXa1IzZjhIeFdQcWJ2cnlSYl9NY3gxN3VZcmJqZ2laQm9wQ1FNbmxnbDcxamNPMVdKQWNpaWo3MUR6QV9mU0UwZEtlU2MxNkZyRi1FX0RNZ3R6M1hCUGVGeUdyU0Q2NXcxSzYtMWxGbGE5RE9vQmdXdVRFMlZlYUlkc1RNYmtHYkMxZk5fWTQ5SlEwb2RXZkpETFFGZy1YY3FXWE1ad3N4dHcmc3A9YjlKekFQY1dvM1padnpyQlUwQUFYM0QtaHBwVDlkbjZYdEwta0U0dWs5VRoTMjE5MTUzMzU1OTQ2OTAyOTg2OSIJNDMzOTU1MjU1KgdNZWRpYUdvwAOsAsgDANgDjrEk4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE4NS4yMTMuMTU1LjE0NqgEALIEEAgAEAEYygcg-gEoADAAOAK4BADABKeNuSLIBADaBAIIAeAEAfAEt8P2zgGIBQGYBQCgBfOr9tPYtILZdMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBe6bVvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbVrwXaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxNzQyNDQ5yAfEhgbSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB7nJAooIAhAAlQgAAIA_mAgB&s=f199b23da3f0a3755e1ac8d578354c4d3f5f179b&type=nv&nvt=5&jm=1003&px=1665&py=2003&bw=970&bh=250&sid=6610428161932762582&vd=ct~0|rr~0&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22867065&sw=1600&sh=1200&pw=4000&ph=7492&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:10 GMT
AN-X-Request-Uuid
c9ca397d-e901-4c3d-8ad9-3538516dc7ad
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.theonion.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
b-8db6969-11fd6bfd.js
tagan.adlightning.com/gomedia/ Frame 9EDE 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30d6dfd42b9a5f0be38020e3fe03042fe88b4931993c6c63c0b8061e934d727f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 19:33:08 GMT
content-encoding
gzip
via
1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-version-id
HQt7ZtDt1P5TOrLzwiKvyGrv1Hhamfho
x-amz-cf-pop
FRA60-P4
age
2461683
x-cache
Hit from cloudfront
content-length
33634
x-amz-meta-git_commit
8db6969
last-modified
Mon, 31 Oct 2022 20:36:51 GMT
server
AmazonS3
etag
"e4052d126a40ba70c16eb758095d1d13"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
hSgSts8m4b8CEVs_OQENs-gfTYKE3mDvv862n4F6j8GHQU2YHSXMeA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9EDE 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 May 2023 07:21:10 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 9EDE 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&seltag=1&sadv=4531748607&ord=2260375129&litm=4601587669&scrt=138271807372&unit=728x90&splc=152253218&adu=22405397127&adsrv=104&btreg=4601587669138271807372&btadsrv=4601587669138271807372&cb=455849355&region=70dvtagver=6.1.src
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:2030:0:4e::d59b:9dc8 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d2a873aa95722b428af0c085721321a67a0f0a996ef2ba9d4e78a1b8d3af20e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 07:21:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 May 2023 07:00:22 GMT
Server
Microsoft-IIS/10.0
ETag
"087d6695689d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3371
syncframe
gum.criteo.com/ Frame 03F9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 07:21:10 GMT
server
Kestrel
server-processing-duration-in-ticks
781453
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 20 May 2023 07:21:10 GMT
action_links.json
fr-actions.trackonomics.net/prod/www.theonion.com/ 		243 B
589 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fr-actions.trackonomics.net/prod/www.theonion.com/action_links.json
Requested by
Host: cdn-magiclinks.trackonomics.net
URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-70.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
103d431c287cc26f665d175758535ea267b73245c1b52b4e446ad52f26379c86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:09 GMT
via
1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA60-P2
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
Error from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/xml
x-amz-cf-id
wOmB79KQJ5m7ghhCBpIhTWZY3KZoSLYA6OtqPeXkE7xlfM2cxK0lEA==
i.png
trx-hub.com/i/m/ 		128 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0iiLS3A48kAV2gA2AZ2Y9IMWGAAOU6jgyiKUsHmqwYYAMbUiAbVBDE-bURAALKFKGEA9DZQOAdBDPVEOLO8ebElGyApoanhqaCDoUwDwKDgkVHRsfFESAF0KTV4hCF9YGjpFEE0BLDkIdXYdQhAAJgAGaoBmAFpagFYmgEYATgAVWoB2QmqOwg7ax2qAFgAOAC0o5VVyiAFKkB7XAAIAeQ93TYAfTYBBGmgsTTAAciFNgDFcaizNgDlqFFuAZSNobUcorBYBRVQEYDoANmmkxmtWm-XqMzM9Ci1AAbqV1ABPWSmdhSIJCISeHBRDJZXyhWBA0x4CnYMCwWodVpgVrqVywdzE0lAqQdGl0rAMpkstkuHTpXnVUxc9wgEhAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-3.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 17:30:32 GMT
via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:40:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
49839
etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
128
x-amz-cf-id
uYtE_EfMkHVY4Pxx7XjxJjVy2U5c0Q32M8xDFfzRF4c9C5sfqP9i3w==
ic
trace-eu.mediago.io/ju/ Frame 668E 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace-eu.mediago.io/ju/ic?tn=39934c2bda4debbe4c680be1dd02f5d3&trackingid=64d41c907e4281c16306deac8605bb7a&acid=23882&data=Y0VC43Kk7cEl_V-9o8rbynsz7Z26wu6JKw5Q1sHu9V8vNjqJHHGLeJouVDw8Wu7NsqMYS8kzWblKdBqvZAPiE0qu3Ub25KFzaq7EPHnXZhmYr44oDeXRuzWbkxtGSzw8rG_FEzADFVECgmE2_Ia9onZVRucZWSmDXnA4mZlElLSxL_nr8EbGBrdJu1aXuOLYBKDwgXjIZW-JWOkyKQqDptvDARKuu_NXe-TqoMeGqJh6eMFjaLFuVDIJ1XG28jzfhN_X6lvz3he1ous9G-dCg_z8UWLYLG62lk0gVnEM1HbM3-6DVi9iSRvhUJ4waaHSLBUKynKhCZ3PY0Ft2FH1u3NIAmSfO8fotej5_H4NvJr8oEK_UXDGGZWBl-yfDsVpi-gN07srH_1Wf0Wo8gsdDa-PI4S4xxvtnzYb4IpysPBcYRlFiAtrXWTG_NyWBM-thqtlW_TPIp0_uP9Xyla_qHuO3nIr1FsXk0beLRAkTpAILe5oRbwQZELp9clpqbYFCae-nYFfalZZBpQ1yHU1mH6MANfNuYb1AyWxKaGKboiFpN-R4zBn6D5kVsNsYHIeLjm9b4NsIMvAZ74VNNq_y7sd018qrlH6k-G555uYXvBW4KC2RpJ7jiGJutZLSKlMJt9SWW31aMNfdyXTPGjDqeqtGjod0ljclE5RnKB_RbD62kTroX4Q8nDzvdJ_bsVgHg3np_IBLdLGw6XXq2DlONi9ovZZc_rFVA5kpR1Lof9SbGmxVf3SZBlJ1QhOaEnsvMCls0qvaZ8ZP5-yi6Dj0v0si5UG_tKAxUNz24afHZhkVW386xti3tguhNtxuzU8CmW9e1_XMq8QSRO7Xf6fDOT16PMrii6jt9SlkseGrFQuhqT36bXLXqsK7F_fOFCsXR1PK73kfE3OYpQWSV6VC__f7IxyvrugVBdCc828eB4C7ZZRPdu_vPM0V-_0D9DTLqdyAmqyQQzoYZXVhhaggtvLZECXWdbxJIzGila7i3CKCK0uBd5Hj9vW99ZtUYSeT0DEUXFK3XKxB_NfLLbFqVSUKrchm-27lfe1cwUZEYZL6lCN-dTqKQrtOOE0uGF3eiHZnwpiy-MnJJAGUIdBpz1NyigwtYkVIRWmoTTZVGyisZWDyMEq1Z_1p2djjkCslixlJq0YqLEqjRGieZMCgNx6brIdwvKpXWs0fhyZSaV_f_ZYfBvdtIVKQKw77xnbRW6nKCikDmgpMhtYHxpG2YDSkCbwNybS2xpb2Imprzk&uid=8678426496727659232&mguid=&ap={AUCTION_PRICE}
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
80.168.214.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
visit.js
tps.doubleverify.com/ Frame E269 		978 B
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=392&ttfrms=50&brid=3&brver=113.0.5672.126&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETar9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&dfs=155&ddur=113&uid=1684480870308461&jsCallback=dvCallback_1684480870308860&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3783&tgjsver=3783&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.theonion.com%2F&fwc=8&fcl=1123&flt=23&fec=1758&fcifrms=13&brh=2&sdf=2&dvp_epl=238&noc=4&nav_pltfrm=Win32&ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&btreg=4601588782138271807375&btadsrv=4601588782138271807375&adsrv=104&unit=970x250&seltag=1&sadv=4531748607&ord=2260375129&litm=4601588782&scrt=138271807375&splc=152253218&adu=22405397127&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&cb=463759132&region=70dvtagver=6.1.src&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=189768942753.57297&dvp_tukv=1003286404771.8029&dvp_tuid=1094333612161&jurtd=3477439748
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
2c9d8d2331d70b91a3c2f97026fe2bc3afe0c13b6e60ff871d3bdb58be0af852

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:10 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
05/18/2023 07:21:10
main.19.8.411.js
static.adsafeprotected.com/ Frame E45E 		202 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.411.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 09 May 2023 14:42:33 GMT
x-amz-version-id
VSvIdS_ZoKv.KP06_jGcx3TdJOJ7jNTw
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
837518
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 08 May 2023 20:43:27 GMT
server
AmazonS3
etag
W/"a39db77f2b09751cf3516d6055fd0496"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
_pm-9FwVj6efTUJgN8Vc1f9ZxF925Nu3SylzzEhtTfvLGq7ChcVV5w==
view
securepubads.g.doubleclick.net/pcs/ Frame 9EDE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvI5Zqc8LKXCqdijDOF8vZ7A0oo2ldiUF9COWjIvD62vTT67hD3aVL-dM1LNE4yHL2ogtNB3gli5Beaz10qxGAZFuEVSw1mHXkpgHt4i8Fxqr7D-d60RQ_6R_2Kx5A7UfmrJcCsVO1rYF1eRTmjtPH0wWZ1myy8KRNeUZmMEInY7Ne7karMcaGVR7vG12DL7RBsQkCFN_7w1FWLMe6OSPgMOLLOrIYUhBublNvN-ArY8__JcMaTNE9k1YzYwCO1OP4Uk8VVkVJmY7a5h72bnB5DOp201NDjdnOD1WUqzsyDg9hRoBDKJ56ETUtlDPINcmxex0OA6umY&sai=AMfl-YR_tBPxrMb400bWgzN_0LbO80pfqRhMmybYe8785TZ58hO1n2FWgYr7IBnbUMfUvw0zO4Q29lXzmSOXgCOdyHFJAO1YMZumlCJEsjuFX7yRYJD56r6TwzlMtoCCqQ&sig=Cg0ArKJSzAm2oJaDpEWeEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
style_banner_970x250_standard_7d44cb.css
cdn.mediago.io/js/template/style/ Frame 9EDE 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.mediago.io/js/template/style/style_banner_970x250_standard_7d44cb.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-60.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98064d94d7266ad7e3b0eafe11c086fe605a2582834d7268ae8897e44e9111b1

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
CYQhTnkSg4IVJLN80WCXbtWqILD_zxqE
date
Thu, 18 May 2023 08:30:53 GMT
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 09:05:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
82218
x-amz-server-side-encryption
AES256
etag
"a8714a8ee39a4091ddf09bccbe3d4a09"
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
2125
x-amz-cf-id
2Tvnf0eRVnQWjg997D93iz5cmzP0pfDnJ7mfQ0IzSnPoPGuLanaZBQ==
trk.js
cdn.adnxs.com/v/s/232/ Frame 9EDE 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 07:21:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27631
Expires
Sat, 18 May 2024 07:21:10 GMT
it
fra1-ib.adnxs.com/ Frame 9EDE 		0
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.theonion.com%252F&e=wqT_3QK8F_BMvAsAAAMA1gAFAQjkxpyjBhDB4rbw1vi_nDwY4OWolrLd_bd4KjYJM_0S8dY5AEARl-Y1-sGO_D8ZAAAA4KNwGkAhl-Y1-sGO_D8pM_0JJNAxAAAAwPUo9D8w-djzCjjoO0C4aEiRBFC3w_bOAViegnhgAGi6pmR4tdcFgAEBigEDVVNEkgUG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqA6UTCvkSaHR0cAEv8NB0cmFjZS1ldS5tZWRpYWdvLmlvL2FwaS9sb2cvd2lubm90aWNlP3RuPTM5OTM0YzJiZGE0ZGViYmU0YzY4MGJlMWRkMDJmNWQzJndpbmxvc3M9MSZpZD00NWY3ODIxNmY4ODE0YjlhZDMzOGI1NmZlOGNmMDYyNCZzZWF0X2lkPSR7QVVDVElPTl9TRUFUX0lEfSZjdXJyZW5jeT0ke0FVQ1RJT05fQ1VSUkVOQ1l9JmJpZF9pZD0ke0FVQ1RJT05fQklEX0lEfSZhZF9pZD0kexFPAEEJFwWTgCZpbXBfaWQ9NDMzOTQ5OTQ2NDM5MTUwNDE5MyZwcmljZR1r8E9QUklDRX0mdGVzdD0wJnRpbWU9MTY4NDQ4MDg2OSZkcD15cERGMlBBQTcwNEtwNzVCYU8tZUZxX2loLVNyTi1xRzV5Mkp2YTY3V3hZJmRzcAF49GMJMjImdXJsPUdDZnBLTzdlX0ViR1NvUXFSYmQzaFQxUS1UZ2JRSHZwcUZ4TU11am9VcXdlbDhHMFlTVy1rZnF2SURjY21uQm5hMnB6UnJaTjVEdXB0cEJEUzU5N2NQMkFjU04wTjFpSTZkWkNELVBoZHloblZIR2VneVdxOVpYNHY0RVl0MDQ0ZWtMYWhYazlGVGxTcnJYX0JCQlZwWTRHSE9iaTBCQktldl9PVTlfNS1fUzdUV2ZsQnpoN2lnLTkwdGxxVTRZTGVfUGd6Vm1PMmFnODlyQnVEU0N1NWlPVW1UNW94c2c1ZW5PUU12Qm42SnZSYU01ZDVhQk9iZm1hSUZ1dlZNUkNidVE4cUJSY0JDTzRaT1RxWmpnS3JZLUxSNnktMTBfU08tZXlVSzJHekpfbjQwcm5lTFNsUWMxYy1mbXR3UGhyZlphYVowaTUwNG81S2R0Z2NvcmR1SmZzbEZvMGJZWDRnT3dTdlFUVTZkLWFYY0VaUjRRZEkzMFRMbkIza3FCQzhVRU8xblJCOXo1RGtRTUJlR3FYdnpuSjJTc2dKS3B2aUp5ZnZMOWpyd0FtLTg1TVlSSnVPdzBMenBCb3RPZ2tnUFhJZUdPcDE3cVFveHFma0lRWWxJc1hqMDdjYmNmM0NqZVlTaG00TXFLSUFvUDQyTkctTzUyNEtGaWtTeVg5dTdYbVltSXNpNUFNZm4wa29Dc3NhT2Q4Q1NkMk5NRXJPQzdHZkRMSDZVbTJ2eTlKaWIzWUZ6TTV1OXg0a2F3VVhEbnJVRXNjZzdDc2FUeTlqaDhmandySVVLMzdTX1dsWHYyS0c5Sk91d1doUnN0eG5oeWVrMU9aM3h3a1JmRjE5aHdlbU1zcXU1RElqVTEyOFcyc2FPb2s4WGxPdzRkc3NEUHFzZ0g0VnZUQ0JCQmxaNkM3aFEwNWhUY3lJTVhtWkZFekFpdG1pX25RcmZiUFlUekhuTTh4clNYRkN6emNUNG5JVzdheHc5ZUlRcTdpVWV6d20yUUxvTEplZmpuQkVHOGwtVUFzaDd4My1RUy02MFNiSXktM1FMMURiN21wM09tZ2M4Q3M2YkxnamlOcWJiY1ZSMVFpY29SRk1hWkVCSWxXd0RjaUNkU19pNElYYVlqcUVZMlh1WUJ3OXFhSW9wWDIzNUgzd3J0X0tWd212eExfejZzNFhFZmNGeFk1Uml4bGhQeFVWZ3NTaEVhazJvZTRZQTlrRkN4bVNMTnM5Y2stT2g0dkxDMWtyUlNKS0gwem1lWHRVY2xSU2xhYWMwWC1PenllV0pjV1FYa0dneXJJcVpaTGJaalFYYVhuZHFBaUVVZzU3S3hwZ0w5eFVCSGlIaWxuYVdubjY2aGN4Tzg3UkRjUGlzSUVNLV9GRWlsV1A4UGhQbUJJQzRISjZYWFpkckpSb1NMVEdkMDY0MUJmTWhKV3BTVHRhalFxVUFrZHBGNzl1Q2ktUWxqcWIwMDlCZmhCTXFIZ183VTk4YmlJRzdQbXlVcU9TaG9XbE1BYnF0QWx1RVh6ZnA1UUU4aDJ2S0tYMU9Nc21XdThxSjRrX2VoVnFFUEltOUVlNWVJY0JzSDByR3FhN3FtU0pIMlloZ25uMnpIajVTSmZJb0JYaUVfUUJNazQxWnBCN2IxaU1Lbkx4Rkdld1BhNjIyR3d0bmdJS2tEa0t5SUVaUXhFbkNZSkFyQ1pBQ3Uwa2xtYXd4ODhFZURNSkFFaHpSYVE2SU1SUFJzejFxOTRMQmZzOXZ2NVVMWTBuT3YzamRKUVJDa2ZPcTBXd1lHRDF2Q2poQ2RXMzA1eEVFNWNQNDVTQ1Q5dVJPcHNMQ1p3RnVPMXVvVUpqc2pFUm5SZFlvMjV5ZXc2SFA3cXpIYmdQOThWdjZ3d2dQYkFlZldKVUYzTTJEX05ONV92MWJyR01GbTZoS3dTbGs2ZmlRd1E5Qy1TamJCdEtQTVI1c1hIemJyV1hVN0psQl9UaUtnWjVYRzN4SzZiVXpEUnB2MTJKSlVGRHZmUGVQRkRtNFRPdEZzaWxpVm5BUUVuNDJMblVnT3lDRkl6cFlJM0VLV0JUVTZoLW9yZ0paQVY2Wm1TN050STBEZlFNYlBjdmROdld2LWxna1FVX2RvX09CeEliejkxdDUyUmZYSVVQUmkySmdjUXA2OW50UmtSWURLQXRrRTBRanBTYTc4Q08yeXppR1pEVXhnS05yNUgyX1NpcGR5ZVdST0NwN0pFV3E0bWlDMkdRaWxYQUQ4ZjdHRGFXbTNrdEFWWnBLMGFMOWdtV0F6LUtxYzBVUjQ4d2EzSWRWaDRUZ01ETE9LMkJPbmhSUW1lX3E3VjJGdG4xcjlMeF8xdHhmOTdZQU1ta1o2alp4LTZrTmF5a09nWm80OWxyZFE2bzhFckNXWjhtaDNucW1CMmkzQWhzWkhTTUs4RE5WXzlLN2gtU1FkSzJkSTJFbVk3dlBKeThfaUkxVXI3VS1RWlBKZm5WQTdqSUVCVHdfTXBkMloyZ2Vad24wYVVvRDlNVG1kTk16ZW9JRndZUVFWbWI4cGxfLVB4Nk5PeTlOQjRYZVBwMEdGOG5tckNGU2ZiV1Z6R2dQMjFXUTg1dF94QkJFdlAxUDI1YkFDRHBnRnJHYUYwa19OQThlTFdGRGFORTZlcUlwLVJJTTBBbVkzOUR3JnNwPW54QmI4R2wxRnZxS2MxT1NiOHdfS05xUlB0VjA3WHcyV1h4VGZrc3FUZTAaEzQzMzk0OTk0NjQzOTE1MDQxOTMiCTQzMzk1NTI1NSoHTWVkaWFHb8ADrALIAwDYA46xJOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNDaoBACyBBAIABABGMoHIPoBKAAwADgCuAQAwASnjbkiyAQA2gQCCAHgBAHwBLfD9s4BiAUBmAUAoAXvuJvbkICOsEbABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXum1b6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG1a8F2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcHMTc0MjQ0OcgHtdcF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8Ae5yQKKCAIQAJUIAACAP5gIAQ..&s=532163cca78a1cf0a0dd427bf2a6535925a37131
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:10 GMT
AN-X-Request-Uuid
f1f2c7d8-9e65-4512-9a6d-6e63bfc0279e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 03F9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theonion.com&sn=ChromeSyncframe&so=3&topUrl=www.theonion.com&bundle=XjhNsV9Uc1ZwcThkRmFBaHppeUZWUDlLeTB0a1lINU9xenFYWlpJaHRtR29KTHE1Rjk2Nm...
  • https://mug.criteo.com/sid?cpp=TIgWM3xZdFgyL2FKcXN5aysyVnJCTjBxTmsyUXFBWGpxZlZMaUxTQy9OeGtaYXYwNExOZTlJMHZONWNlLzlxYUh4cGNOcWZZRGdVYTJ3cDJDQ1lkdW9OZXBQUFg5NkMyVXMwWlVUN2VPVTMrSjUzbE16U2JFYjF4K2U0Yz...
422 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=TIgWM3xZdFgyL2FKcXN5aysyVnJCTjBxTmsyUXFBWGpxZlZMaUxTQy9OeGtaYXYwNExOZTlJMHZONWNlLzlxYUh4cGNOcWZZRGdVYTJ3cDJDQ1lkdW9OZXBQUFg5NkMyVXMwWlVUN2VPVTMrSjUzbE16U2JFYjF4K2U0YzJWUjBlV2c4OWp2OTFKZ3dvM0hqM0RVcGxWdjNyZmtuTnYxQWRPY0tHdVkwTEFqK3lTUEVhZDdNdHZSN2hHWUFyNmkvK3lqaXI1MkFjbU52QVgvbllLcUthUHo5SHpFWitkay9zSjlhOUx6RDRSQk1COGUvMFg4SHdsYkJ1UU81L1FSZTBpa3BsN3MzUlpJVzg2M2diNnpKQmdnMW9qNWdPZ2M0ZUE3Y2U1Qm9WWkhtMEg5dz18&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a4cda5602f319b0ac2d502bbd316eb2236d23e652fb30983dcbc217a4a5f6c56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:10 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
987539
expires
0

Redirect headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:10 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=TIgWM3xZdFgyL2FKcXN5aysyVnJCTjBxTmsyUXFBWGpxZlZMaUxTQy9OeGtaYXYwNExOZTlJMHZONWNlLzlxYUh4cGNOcWZZRGdVYTJ3cDJDQ1lkdW9OZXBQUFg5NkMyVXMwWlVUN2VPVTMrSjUzbE16U2JFYjF4K2U0YzJWUjBlV2c4OWp2OTFKZ3dvM0hqM0RVcGxWdjNyZmtuTnYxQWRPY0tHdVkwTEFqK3lTUEVhZDdNdHZSN2hHWUFyNmkvK3lqaXI1MkFjbU52QVgvbllLcUthUHo5SHpFWitkay9zSjlhOUx6RDRSQk1COGUvMFg4SHdsYkJ1UU81L1FSZTBpa3BsN3MzUlpJVzg2M2diNnpKQmdnMW9qNWdPZ2M0ZUE3Y2U1Qm9WWkhtMEg5dz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
423680
content-length
0
expires
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Fri, 19 May 2023 07:21:10 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
3293
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1684480871.601001,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
15
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1923
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230518-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Fri, 19 May 2023 07:21:10 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
2496
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1684480871.628646,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
15
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
10221
main.19.8.411.js
static.adsafeprotected.com/ Frame 57E5 		202 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.411.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 09 May 2023 14:42:33 GMT
x-amz-version-id
VSvIdS_ZoKv.KP06_jGcx3TdJOJ7jNTw
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
837518
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 08 May 2023 20:43:27 GMT
server
AmazonS3
etag
W/"a39db77f2b09751cf3516d6055fd0496"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
EylFSHsHX4k7j8SODsmVJnGYYNebYeKabNg3BhGdxymvkjUPDngHIQ==
visit.js
tps.doubleverify.com/ Frame DADB 		978 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=600&ttfrms=11&brid=3&brver=113.0.5672.126&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETar9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&dfs=58&ddur=31&uid=1684480870645254&jsCallback=dvCallback_1684480870645850&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3783&tgjsver=3783&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.theonion.com%2F&fwc=8&fcl=1123&flt=23&fec=1774&fcifrms=13&brh=2&sdf=2&dvp_epl=238&noc=4&nav_pltfrm=Win32&ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&btreg=4601587669138271807375&btadsrv=4601587669138271807375&adsrv=104&unit=970x250&seltag=1&sadv=4531748607&ord=2260375129&litm=4601587669&scrt=138271807375&splc=152253218&adu=22405397127&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&cb=498864057&region=70dvtagver=6.1.src&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=22761651832.612038&dvp_tukv=1138940854.4449055&dvp_tuid=1147347372532&jurtd=2049279140
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
9e8e2523ecbf62a8193a2bde64c724c85d0d85699f77680fa0274bffc1899d81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:10 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
05/18/2023 07:21:10
e2d5850a1036b5e3c57f1c27464420b0__scv1__300x175.png
d2cli4kgl5uxre.cloudfront.net/ML/ Frame 9EDE 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2cli4kgl5uxre.cloudfront.net/ML/e2d5850a1036b5e3c57f1c27464420b0__scv1__300x175.png
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4e00:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c904d482d63252752df2063bec93a6f15bc1b899e2e9496f31ccab45af45762b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
RZt9HMz1RAg17g2pqttiTopfcg8UKdid
date
Fri, 19 May 2023 06:08:07 GMT
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
4723
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
63623
last-modified
Mon, 08 May 2023 15:49:37 GMT
server
AmazonS3
etag
"7aadbce0155aa8afa3965d50b4271429"
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
9kb2-JClxfYz5X8DKqLQRJiX9FhuC9CITFm37y2ZQYqmC_yEz8Jt0w==
blue-arrow.png
onlinertb-us.s3.us-west-2.amazonaws.com/js/images/ Frame 9EDE 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onlinertb-us.s3.us-west-2.amazonaws.com/js/images/blue-arrow.png
Requested by
Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/template/style/style_banner_970x250_standard_7d44cb.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.153.154 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
bf282b4ef41bf52ed9cb27a33190fdcf162f28a2c126beabaad623eef16148d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.mediago.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 07:21:11 GMT
x-amz-version-id
null
Last-Modified
Thu, 10 Feb 2022 06:05:51 GMT
Server
AmazonS3
x-amz-request-id
9YK5N9Y20M32RHX0
ETag
"3da1ac71a612038f43614f4891129b18"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
28511
x-amz-id-2
pSDuKIx0IjKI0RYGZg6c6/LA9UUfgMGZzKYf6aGEjbrpFyXDpsl0lluEfg34vPcb2zpnYbMdDIw=
ic
trace-eu.mediago.io/ju/ Frame 9EDE 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace-eu.mediago.io/ju/ic?tn=39934c2bda4debbe4c680be1dd02f5d3&trackingid=4fd4a7554656dcfeea5d1e8eed0891dc&acid=23882&data=E_BDu28J72V1EwfcCWVMkPn9BiRfir9uY8gwQVSt9NLcAABXc7Mo628VYkzlw22pjeD8cjQabex7E7w5EauvqeaSf1A4vc5cj92tXIVWRmwika4HSTFqo9PikB8Pdcew_J9TkA5ZEvSbZDMVJYJw17j7IUav1L9CNX0PWbJdmweW5Qu_VB9j01Ttex2tP9v1bFPTw5nUxz9RZwUb_PzuflpPQlgUt7wBVyNWrTsHiKpEpv33cke7XH3tMUaOj-xAgk_3rAbRe66h6Ci4siHHffwIbBBnWud1A7mi9IpJrsX4ziWsI-C81IWg6-hHacvlRINxPsSpkiIEFuGauLqHbgMG4LVem6qALpwS23ma4BGpLPEkGrk6QQV8IlfYqGKt46UDkRNlCYatCnusSC2WLO8zjNOt0kCkUO7oAa5nY_v8DI2wKf5s0JSPVdJb3dZzqsx80bQmS4oZH2mSq0qMENAkgHV5XKyyb85f4ubNdTM9mXceT52Ycxby63zIxM8z3bTq-EXgX2rmyLGzqCk45V4zpOXCMXT55nsUJ_RCQSdpiRW0WkHBQjuV0lnrDC8IG4RSfxOZqggp9fGkpFz8K2KwwWbNrTx0eioafkbkB-JXODgeDI-58MaGPRgqbO-I50u_01G1tkye8hmX-oeYr2LksD0AAXbAxp8S0Eph-Ps7nRo-Dk13dQWBpu_ItDyY_puOVtue7yMp2-tpr9SfmUBf1DzcwyF2eoVgc9fLYuPRrP7Hr7E22T1qFeKkHwNbguVYsortpJ7tyK0jLWi1ti4IpDse4YuXNvVbM839ZcpUh4GO0UBTgsxKlOhzWAzey1P5wXgZgvnF8PO-_krU6feCIjYi70R0fbhR7MS8MrkmtbQXFiHCX_1N8hZyAvQrRLJO7mYYtfD86K8ZxAtq2mN2CzyMIpWgfsMGavIMjIEXKyX9iy9kSXwf1r17GWQaaPpWsSetyZ56vuW6ccZHikwBozw1yatLY-35q8T9l2SfYvhAZFJvxbDwi3IrNUjIFs3BW5vgD4sO2HXbVXZjxihGY9wjESd9BJ05h8VpPDNN1NK8ewpmwDFhJsoyIsfprtTmcYN78IaR8y4VliwhxQt2O8Lxju0VU88PXLjT42lSzySfh22TeQnRWGCKPzMSHxa_WK9LodE7skEIkW5JyPS6Ei7mHSPc0S80shDLXugLayft8_LfPvMvkCcVj7kUp0jgq68wW15n1fJdedz28RO6Gh8TDnUUJ8dRICgqef0&uid=8678426496727659232&mguid=&ap={AUCTION_PRICE}
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
80.168.214.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
setuid
ib.adnxs.com/ Frame 9EDE
Redirect Chain
  • https://trace-eu.mediago.io/cs/xandr?rdid=45f78216f8814b9ad338b56fe8cf0624
  • https://ib.adnxs.com/setuid?entity=529&code=6353e3be9a6184a972875fe1388ff414
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=529&code=6353e3be9a6184a972875fe1388ff414
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
HTTP/1.1
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:10 GMT
AN-X-Request-Uuid
000f7a75-f507-40ab-9cf8-f2d9ee63f639
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/setuid?entity=529&code=6353e3be9a6184a972875fe1388ff414
date
Fri, 19 May 2023 07:21:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103
content-type
text/html; charset=utf-8
async_usersync.html
acdn.adnxs.com/dmp/ Frame BD0D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7656&pub_id=1573867
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 19 May 2023 07:21:10 GMT
ETag
"623de86a-cf34"
Expires
Sat, 20 May 2023 07:21:12 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
fra1-ib.adnxs.com/ Frame 9EDE 		0
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.theonion.com%2F&e=wqT_3QKlBPBMJQIAAAMA1gAFAQjkxpyjBhDB4rbw1vi_nDwY4OWolrLd_bd4KjYJM_0S8dY5AEARl-Y1-sGO_D8ZAAAA4KNwGkAhl-Y1-sGO_D8pM_0JJNAxAAAAwPUo9D8w-djzCjjoO0C4aEiRBFC3w_bOAViegnhgAGi6pmR4tdcFgAEBigEDVVNEkgUG8MKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOOsSTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTQ2qAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEp425IsgEANoEAggB4AQB8AQF5ViIBQGYBQCgBe-4m9uQgI6wRsAFAMkFAAUBFPA_0gUJCQULRAAAANgFAeAFAeoFDAoIVGhlTwHCYBIA8AXum1b6BQQIABAAkAYAmAYAuAYAwQYBMDQAAPA_0AbVrwXaBhYKEAkSGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcHMTc0MjQ0OcgHtdcF0gcNFX4BMAjaBwYBaHAYAOAHAOoHAggA8Ae5yQKKCAIQAJUIAACAP5gIAQ..&s=3b1ab04307942b61a088432a5c1d8891469a6f26&bdref=https%3A%2F%2Fwww.theonion.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.theonion.com%2F,https%3A%2F%2Fwww.theonion.com%2F&
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:10 GMT
AN-X-Request-Uuid
be90a694-4496-436a-aeaa-f5400022c042
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305160101&jk=3797107814779183&bg=!BwSlBFDNAAYldGN0BXQ7ADkAdvg8WjGwy6yCW--jYeu-BVodLAOAb8N-hRvfReehJqOjOrJ_pm5I0b6shwdMvo9RhoIC7DMfpywCAAAFilIAAAAFaAEHCgCpvzOd6U-yAlXGvupTudM9gNrOo5vpcsLBC9Ey_tvQKkp_kGx1lH-X6UDyNjjPcInivdRXa6kW5yaMjpN-suC_3lqjowvc8_4JE1Ztc4giUUuLQSnkhUaMLPEn9mAlyBJl-MfBOrXNFdI2Bwzxc1g_I251xofC7Z1qvXijl3jpt-w-sKqZYDYs4ZbuTJuF7a69HJUUPYCtpGZ7r40WPY7WydE9Maoh0USD3JkCridPNqXLKCS-iRpfsIOvYMUj4FqHvWK9_Q3pGDtzi5LJhHKh9BkGBm6Spz_pHA8nGXe1-mSI5wyt4Yjvz26--kQbkT9cTQ_IHuFMFUlfGY0x5VGah3b20aOnLCXWxXGLYaNUw3P54_faeyl6F2fsUFaBFESs6HX384IZXE4QTTNN3FO1SAQrt5KQGWnHrQ890Cw02up6SICK83nErpkvrqFigW8knkPYkzFmbYt_lyLHxSXf6dQKSDJQPUULBXaLF-XKOoYH-581e3R7C68vl9QqsDP1WUz2XbpwufFPXNh08FQ9_98lQ7oYz3F-ikw3U7rp46KTd7jBhT2qfJuCTFseb4WwN9tWGzJOm6FKHuNMAVNDyj99ne7ZMhsDvZ4lFJinOFOfm7zadSUCZ_AWhTiw1FL7U1K9f4TW8tB7VilvTlAm_wmwwk83dZMGCHNr_ggDZrOMV1SEi-ZRn3cfXAfdR0ftj-Tgp_zRclZxJhd2my0c2172CSTLemlNBya_42c-c1QV1edaAay2C2Y10Fa9NuryIYacW4zLhqSX7zQYiDwMq5YSKs1iwFicQv8c64-zmMC1LVnHELdrsISr4PAHh9krsIOo-Si38aMLWTCEl5flxIwM5nyzHQs3q4pHZ5uJw3h_ukaIY_VU16dt3kYx7g4e5SSu3gSCqjnk3SE1uxz-EYTlUVxyM1ywW7YqB93vtKCvNTy03Bc0zuZaIYlb30_Mapd5ORGFfUn67eeZAIqfapLrFo8NFVF076FwaVir48XiK5H3a_WWQxSkW8yrw6qtXMaEJOQGj7p5aoIq70vfA82MWW5lHHbj5ArfDGDfeQZdt2ImfqdPRiwU3S5HgWuYkL1AFswZ1czO99griIfpqnCfPXxBarws9bS-GA8hYpK53TiHSIwrslxD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 55A7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIUDzxbeFz0TOKynfpw6t0MRWv9KRp9K26PN0tUSgBp_9BhaVdfKL5JV4khFhs1kn3upCquzfyI1fiNABSmnHi4pjqyS59kbJlbjx8FKn-9qlANzb92vGV8czFOOyVm8AWGxbFmD9ZlqKwVCYy-9LM2cKO4CLn6SQsIlIqE7Jz1LGH3K0wGBGzQwsk2MItBR5Km4u8xxP4ANUwdFOMDYmxcTzAtVpNV7dEJReb2DMomiAkBO7Fg7wBEYwkPFh9kFLInf5ODfPOryMu8kP6jBa4DJJXv_fxtTVdIbmQNs0QlLBfcSVfUhUDF9F4HKXCL_1wmTI4uZJ214Y&sai=AMfl-YQfl5Jtb2P6ftPPINx1oqqqQznEMivxsdckXPqHr1L-yE3Rdzc1-HIvVFJph5bdmBeKQQJLo53W5PsaB7oNbUNmwfoPoOpRee5vgP95al3j5gyXux2clNi6qIqTGA&sig=Cg0ArKJSzAJX9vM0iRM1EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 19 May 2023 07:21:10 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 8559 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
20706294
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
c4My8eS8oFSYvVY0tq5ZM0j3bHeNrQFp6afmJkpTsIJae26bKvgZoA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=931294&campId=970x250&pubId=4531748607&chanId=22405397127&placementId=4601588782&pubCreative=138271807375&pubOrder=2260375129&cb=463759132&adsafe_par&impId=&custom2=top&custom3=&custom4=&custom5=top-01&adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:1157c5e0-f76b-b985-2781-10e7f7780db1,c:d2HBfJ,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5cf46fd95f-77snk,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1515.178.970.250,am:i,cc:1515.178.970.250,piv:9,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:399,mot:0,app:0,maw:0,fm:tEGy48a+11%7C12%7C13%7C14%7C15%7C16*.931294%7C161%7C162%7C171%7C172%7C173%7C18%7C19%7C1a%7C1b1%7C1c,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:434,oid:ba598b7c-f615-11ed-9441-7e89f4ee85c3,v:19.8.411,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.103.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-103-77.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:10 GMT
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931294&asId=1157c5e0-f76b-b985-2781-10e7f7780db1&tv=%7Bc:d2HBfM,pingTime:-8,time:436,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:437,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:432,wc:0.0.1600.1200,ac:1515.178.970.250,am:i,cc:1515.178.970.250,piv:9,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B33~1%5D,as:%5B33~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tEGy48a+11%7C12%7C13%7C14%7C15%7C16*.931294%7C161%7C162%7C171%7C172%7C173%7C18%7C19%7C1a%7C1b1%7C1c,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:435%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:f887:cee9:cb75:534 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:11 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
pips.taboola.com/ 		64 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
5b0d0d08c3b7fbdc8164e467ee1d637e4b616be1a489699c18b67082281851b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230029-FRA
date
Fri, 19 May 2023 07:21:10 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.theonion.com
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
async_usersync
ib.adnxs.com/ Frame BD0D 		0
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7656&pub_id=1573867&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7656&pub_id=1573867
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:10 GMT
AN-X-Request-Uuid
45267c9c-589e-4104-9fba-57feed44f07f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 9EDE 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0e72190f69c27b1a01adb59d206feebd7343f8dc6314f884652702ee1cde0ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame B360 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=931294&campId=728x90&pubId=4531748607&chanId=22405397127&placementId=4601587669&pubCreative=138271807372&pubOrder=2260375129&cb=455849355&adsafe_par&impId=b9b4240f-f615-11ed-9736-0ae3ea675541&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-03
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.103.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-103-77.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4ae140ffb6dd4c9efbae0f4c2b1fb472b3c4f911669390253b7883b59fe1d4f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:10 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
dv-measurements3783.js
cdn.doubleverify.com/ Frame 80DA 		533 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3783.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:2030:0:4e::d59b:9dc8 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f7c270e257a1e2027a1a4ee15e169cb707f84cae9aed18260017f305c56c3838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 19 May 2023 07:21:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 May 2023 08:31:08 GMT
Server
Microsoft-IIS/10.0
ETag
"0ae14c3d087d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
102948
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931294&asId=1157c5e0-f76b-b985-2781-10e7f7780db1&tv=%7Bc:d2HBj7,pingTime:-2,time:643,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:498,beZ:500,mfA:897,cmA:899,inA:899,inZ:907,prA:907,prZ:916,si:932,poA:936,poZ:974,cmZ:974,mfZ:974,loA:1005,loZ:1016,ltA:1140,ltZ:1140,mdA:501,mdZ:546%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:9,vs:o,r:l,w:970,h:250,t:433%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:643,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:432,wc:0.0.1600.1200,ac:1515.178.970.250,am:i,cc:1515.178.970.250,piv:9,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B239~1%5D,as:%5B239~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tEGy48a+11%7C12%7C13%7C14%7C15%7C16*.931294%7C161%7C162%7C171%7C172%7C173%7C18%7C19%7C1a%7C1b1%7C1c,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:435,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/frontpage_1,google_ads_iframe_/4246/fmg.onion/frontpage_1__container__,dfp-ad-2%5D,sinceFw:205,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:f887:cee9:cb75:534 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:11 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 2C75 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
20706295
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
wdfA4FLPO8o9AR9UszqxwJUUnc0UszI0WZN7HCesnIdW1GhuSJR-3w==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=931294&campId=970x250&pubId=4531748607&chanId=22405397127&placementId=4601587669&pubCreative=138271807375&pubOrder=2260375129&cb=498864057&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-02&adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:196ff628-af93-1576-427c-587cb661f7ec,c:d2HBjn,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5cf46fd95f-clrd5,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1515.2003.970.250,am:i,cc:1515.2003.970.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:375,mot:0,app:0,maw:0,fm:tEGy4cw+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C17*.931294%7C171%7C172%7C173%7C18%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:389,oid:ba68801d-f615-11ed-be5d-5657cf5986e4,v:19.8.411,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.103.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-103-77.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:11 GMT
server
nginx
x-server-name
app06.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931294&asId=196ff628-af93-1576-427c-587cb661f7ec&tv=%7Bc:d2HBjo,pingTime:-8,time:390,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:390,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:1515.2003.970.250,am:i,cc:1515.2003.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B14~0%5D,as:%5B14~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tEGy4cw+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C17*.931294%7C171%7C172%7C173%7C18%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:389%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:f887:cee9:cb75:534 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:11 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=6be555f6-58fa-4d87-8679-5ee521b7d5ea-tuctb60a8e3&uad=3d45fdf57e5fd666b1ff640d125a0f6e7a8edfac5055af0885b29ff442d85007&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 19 May 2023 07:21:11 GMT
cache-control
no-store
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame 668E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuU17uliC6ElltGjGHdKFs-uNdpYxJiH5D7HjngaG5nqhNxlUrvqOHg4w39j6b02dhzig5Xwi7dGZqkbaKXyikHSiOvJv1aNkVCJCM58jDhtbpivrVvRhXCFGXAY6ERJfas0N_LoyxipWXd4QZUd5tEflLj9Qk8kxAGFvG2Js1tYM-aQnfPrha_arBY_Y2HJCFfniwEIWjWpnLLpvzMU87UpX55vBZI0rlnSq3ZWCdkyI02Qq8kARB8TRHuEzeApMxQC_dNxOHmqrqPsIgf71_tiEPm2GAv65pOmFI0A2QvkKSr4zGUZAM5ohT14Mvk-9bJHSEzq2HSGR0&sai=AMfl-YRzLXHX-CAzUWsqjZ97aquSsEcTb8L_LcqQF4lIZjc8ccWUcdLrjoXJP6-bqCN6GqnD6AQyu2EarwCD5UJ2oW2M6UwZIKjn_SskftS8XcLMHnNztOSbhKJspDHWgQ&sig=Cg0ArKJSzLS720a6_PkIEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 19 May 2023 07:21:11 GMT
vevent
fra1-ib.adnxs.com/ Frame 9EDE 		0
959 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.theonion.com%2F&e=wqT_3QK8F_BMvAsAAAMA1gAFAQjkxpyjBhDB4rbw1vi_nDwY4OWolrLd_bd4KjYJM_0S8dY5AEARl-Y1-sGO_D8ZAAAA4KNwGkAhl-Y1-sGO_D8pM_0JJNAxAAAAwPUo9D8w-djzCjjoO0C4aEiRBFC3w_bOAViegnhgAGi6pmR4tdcFgAEBigEDVVNEkgUG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqA6UTCvkSaHR0cAEv8NB0cmFjZS1ldS5tZWRpYWdvLmlvL2FwaS9sb2cvd2lubm90aWNlP3RuPTM5OTM0YzJiZGE0ZGViYmU0YzY4MGJlMWRkMDJmNWQzJndpbmxvc3M9MSZpZD00NWY3ODIxNmY4ODE0YjlhZDMzOGI1NmZlOGNmMDYyNCZzZWF0X2lkPSR7QVVDVElPTl9TRUFUX0lEfSZjdXJyZW5jeT0ke0FVQ1RJT05fQ1VSUkVOQ1l9JmJpZF9pZD0ke0FVQ1RJT05fQklEX0lEfSZhZF9pZD0kexFPAEEJFwWTgCZpbXBfaWQ9NDMzOTQ5OTQ2NDM5MTUwNDE5MyZwcmljZR1r8E9QUklDRX0mdGVzdD0wJnRpbWU9MTY4NDQ4MDg2OSZkcD15cERGMlBBQTcwNEtwNzVCYU8tZUZxX2loLVNyTi1xRzV5Mkp2YTY3V3hZJmRzcAF49GMJMjImdXJsPUdDZnBLTzdlX0ViR1NvUXFSYmQzaFQxUS1UZ2JRSHZwcUZ4TU11am9VcXdlbDhHMFlTVy1rZnF2SURjY21uQm5hMnB6UnJaTjVEdXB0cEJEUzU5N2NQMkFjU04wTjFpSTZkWkNELVBoZHloblZIR2VneVdxOVpYNHY0RVl0MDQ0ZWtMYWhYazlGVGxTcnJYX0JCQlZwWTRHSE9iaTBCQktldl9PVTlfNS1fUzdUV2ZsQnpoN2lnLTkwdGxxVTRZTGVfUGd6Vm1PMmFnODlyQnVEU0N1NWlPVW1UNW94c2c1ZW5PUU12Qm42SnZSYU01ZDVhQk9iZm1hSUZ1dlZNUkNidVE4cUJSY0JDTzRaT1RxWmpnS3JZLUxSNnktMTBfU08tZXlVSzJHekpfbjQwcm5lTFNsUWMxYy1mbXR3UGhyZlphYVowaTUwNG81S2R0Z2NvcmR1SmZzbEZvMGJZWDRnT3dTdlFUVTZkLWFYY0VaUjRRZEkzMFRMbkIza3FCQzhVRU8xblJCOXo1RGtRTUJlR3FYdnpuSjJTc2dKS3B2aUp5ZnZMOWpyd0FtLTg1TVlSSnVPdzBMenBCb3RPZ2tnUFhJZUdPcDE3cVFveHFma0lRWWxJc1hqMDdjYmNmM0NqZVlTaG00TXFLSUFvUDQyTkctTzUyNEtGaWtTeVg5dTdYbVltSXNpNUFNZm4wa29Dc3NhT2Q4Q1NkMk5NRXJPQzdHZkRMSDZVbTJ2eTlKaWIzWUZ6TTV1OXg0a2F3VVhEbnJVRXNjZzdDc2FUeTlqaDhmandySVVLMzdTX1dsWHYyS0c5Sk91d1doUnN0eG5oeWVrMU9aM3h3a1JmRjE5aHdlbU1zcXU1RElqVTEyOFcyc2FPb2s4WGxPdzRkc3NEUHFzZ0g0VnZUQ0JCQmxaNkM3aFEwNWhUY3lJTVhtWkZFekFpdG1pX25RcmZiUFlUekhuTTh4clNYRkN6emNUNG5JVzdheHc5ZUlRcTdpVWV6d20yUUxvTEplZmpuQkVHOGwtVUFzaDd4My1RUy02MFNiSXktM1FMMURiN21wM09tZ2M4Q3M2YkxnamlOcWJiY1ZSMVFpY29SRk1hWkVCSWxXd0RjaUNkU19pNElYYVlqcUVZMlh1WUJ3OXFhSW9wWDIzNUgzd3J0X0tWd212eExfejZzNFhFZmNGeFk1Uml4bGhQeFVWZ3NTaEVhazJvZTRZQTlrRkN4bVNMTnM5Y2stT2g0dkxDMWtyUlNKS0gwem1lWHRVY2xSU2xhYWMwWC1PenllV0pjV1FYa0dneXJJcVpaTGJaalFYYVhuZHFBaUVVZzU3S3hwZ0w5eFVCSGlIaWxuYVdubjY2aGN4Tzg3UkRjUGlzSUVNLV9GRWlsV1A4UGhQbUJJQzRISjZYWFpkckpSb1NMVEdkMDY0MUJmTWhKV3BTVHRhalFxVUFrZHBGNzl1Q2ktUWxqcWIwMDlCZmhCTXFIZ183VTk4YmlJRzdQbXlVcU9TaG9XbE1BYnF0QWx1RVh6ZnA1UUU4aDJ2S0tYMU9Nc21XdThxSjRrX2VoVnFFUEltOUVlNWVJY0JzSDByR3FhN3FtU0pIMlloZ25uMnpIajVTSmZJb0JYaUVfUUJNazQxWnBCN2IxaU1Lbkx4Rkdld1BhNjIyR3d0bmdJS2tEa0t5SUVaUXhFbkNZSkFyQ1pBQ3Uwa2xtYXd4ODhFZURNSkFFaHpSYVE2SU1SUFJzejFxOTRMQmZzOXZ2NVVMWTBuT3YzamRKUVJDa2ZPcTBXd1lHRDF2Q2poQ2RXMzA1eEVFNWNQNDVTQ1Q5dVJPcHNMQ1p3RnVPMXVvVUpqc2pFUm5SZFlvMjV5ZXc2SFA3cXpIYmdQOThWdjZ3d2dQYkFlZldKVUYzTTJEX05ONV92MWJyR01GbTZoS3dTbGs2ZmlRd1E5Qy1TamJCdEtQTVI1c1hIemJyV1hVN0psQl9UaUtnWjVYRzN4SzZiVXpEUnB2MTJKSlVGRHZmUGVQRkRtNFRPdEZzaWxpVm5BUUVuNDJMblVnT3lDRkl6cFlJM0VLV0JUVTZoLW9yZ0paQVY2Wm1TN050STBEZlFNYlBjdmROdld2LWxna1FVX2RvX09CeEliejkxdDUyUmZYSVVQUmkySmdjUXA2OW50UmtSWURLQXRrRTBRanBTYTc4Q08yeXppR1pEVXhnS05yNUgyX1NpcGR5ZVdST0NwN0pFV3E0bWlDMkdRaWxYQUQ4ZjdHRGFXbTNrdEFWWnBLMGFMOWdtV0F6LUtxYzBVUjQ4d2EzSWRWaDRUZ01ETE9LMkJPbmhSUW1lX3E3VjJGdG4xcjlMeF8xdHhmOTdZQU1ta1o2alp4LTZrTmF5a09nWm80OWxyZFE2bzhFckNXWjhtaDNucW1CMmkzQWhzWkhTTUs4RE5WXzlLN2gtU1FkSzJkSTJFbVk3dlBKeThfaUkxVXI3VS1RWlBKZm5WQTdqSUVCVHdfTXBkMloyZ2Vad24wYVVvRDlNVG1kTk16ZW9JRndZUVFWbWI4cGxfLVB4Nk5PeTlOQjRYZVBwMEdGOG5tckNGU2ZiV1Z6R2dQMjFXUTg1dF94QkJFdlAxUDI1YkFDRHBnRnJHYUYwa19OQThlTFdGRGFORTZlcUlwLVJJTTBBbVkzOUR3JnNwPW54QmI4R2wxRnZxS2MxT1NiOHdfS05xUlB0VjA3WHcyV1h4VGZrc3FUZTAaEzQzMzk0OTk0NjQzOTE1MDQxOTMiCTQzMzk1NTI1NSoHTWVkaWFHb8ADrALIAwDYA46xJOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNDaoBACyBBAIABABGMoHIPoBKAAwADgCuAQAwASnjbkiyAQA2gQCCAHgBAHwBLfD9s4BiAUBmAUAoAXvuJvbkICOsEbABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXum1b6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG1a8F2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcHMTc0MjQ0OcgHtdcF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8Ae5yQKKCAIQAJUIAACAP5gIAQ..&s=532163cca78a1cf0a0dd427bf2a6535925a37131&type=nv&nvt=5&jm=1003&px=1665&py=3289&bw=970&bh=250&sid=6610428161932762582&vd=ct~0|rr~0&sv=232&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22867065&sw=1600&sh=1200&pw=4000&ph=7838&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:11 GMT
AN-X-Request-Uuid
c7c48217-4e26-4d2c-8b3a-35f97ae2c11d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.theonion.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931294&asId=196ff628-af93-1576-427c-587cb661f7ec&tv=%7Bc:d2HBks,pingTime:-2,time:456,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:613,beZ:615,mfA:988,cmA:989,inA:989,inZ:992,prA:992,prZ:996,si:1003,poA:1003,poZ:1019,cmZ:1019,mfZ:1019,loA:1056,loZ:1059,ltA:1069,ltZ:1069,mdA:615,mdZ:627%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:970,h:250,t:389%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:456,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:388,wc:0.0.1600.1200,ac:1515.2003.970.250,am:i,cc:1515.2003.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B80~0%5D,as:%5B80~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tEGy4cw+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C17*.931294%7C171%7C172%7C173%7C18%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c,idMap:17*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:389,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/frontpage_3,google_ads_iframe_/4246/fmg.onion/frontpage_3__container__,dfp-ad-9%5D,sinceFw:66,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:f887:cee9:cb75:534 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:11 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
async_usersync
ib.adnxs.com/ Frame 654A 		0
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7656&pub_id=1573867&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7656&pub_id=1573867
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:11 GMT
AN-X-Request-Uuid
13d55db3-249f-465e-be3d-91fad59cc86b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
main.19.8.411.js
static.adsafeprotected.com/ Frame B360 		202 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.411.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 09 May 2023 14:42:33 GMT
x-amz-version-id
VSvIdS_ZoKv.KP06_jGcx3TdJOJ7jNTw
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
837519
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 08 May 2023 20:43:27 GMT
server
AmazonS3
etag
W/"a39db77f2b09751cf3516d6055fd0496"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
yOPtJw4fQL27apP709f3vD7EIW6RAbgGiAgZIW14AILAClDmbeWDYw==
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161204
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161204&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Qjg2MzE2QzEtMkMwQy00RkNFLUFEODEtMjQzNzBFNDg1ODFD&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 19 May 2023 07:21:11 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
crum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0F5E0D8BE1874A2B8C426DC77F74DC41&gdpr=0
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0F5E0D8BE1874A2B8C426DC77F74DC41&gdpr=0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:11 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Fri, 19 May 2023 07:21:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0F5E0D8BE1874A2B8C426DC77F74DC41&gdpr=0
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 18 May 2023 07:21:11 GMT
sync
eb2.3lift.com/ 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
cksync.php
cs.media.net/ 		60 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.php?cs=8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:11 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
60
x-mnet-hl2
E
Expires
Fri, 19 May 2023 07:21:11 GMT
usersync
match.adsrvr.org/track/ 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 19 May 2023 07:21:11 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pd
u.openx.net/w/1.0/ 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:11 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
visit.js
tps.doubleverify.com/ Frame 80DA 		978 B
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=160&ttfrms=11&brid=3&brver=113.0.5672.126&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETar9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&dfs=83&ddur=30&uid=1684480871127709&jsCallback=dvCallback_1684480871127257&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3783&tgjsver=3783&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.theonion.com%2F&fwc=8&fcl=1112&flt=23&fec=1773&fcifrms=12&brh=2&sdf=2&dvp_epl=238&noc=4&nav_pltfrm=Win32&ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&btreg=4601587669138271807372&btadsrv=4601587669138271807372&adsrv=104&unit=728x90&seltag=1&sadv=4531748607&ord=2260375129&litm=4601587669&scrt=138271807372&splc=152253218&adu=22405397127&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&cb=455849355&region=70dvtagver=6.1.src&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=15991872.038863426&dvp_tukv=1475736951.6769993&dvp_tuid=238655609514&jurtd=2100986978
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
70dd3ed3d042e2845e5130ce236879ba460b3e5fba002439d199127fca180b91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:11 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
05/18/2023 07:21:11
ic
trace-eu.mediago.io/ju/ Frame 9EDE 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trace-eu.mediago.io/ju/ic?tn=39934c2bda4debbe4c680be1dd02f5d3&trackingid=4fd4a7554656dcfeea5d1e8eed0891dc&acid=23882&data=H8aDjZ3GHtGhOdwZ8q8gMQvc6t50ej2mVsluOvKPpm8K0m6n9cKkucG4Zc1Y7_pYbo0JAZsctTJDFWzEkytpKpMDuvIRO2KRfXpVeCUwGONxrteebwCN2z63a6haMeNCpTAWCW7SZc_dopNea72NnMmdxUD4uXF8j89-lduVY9SYa4wHy-2lFq7aEdG3dyubuftHC8Q39qjORTX0Ha96h6ytOnKt0jUKDMVOrCVSE5axRf6HpDbqG8rJg_bBjREFsy5dcYmgt85EnCOgEbm65hIOMoRiH2bPO41JF1eItsz7NxnWUyJkLrbSyH8Kr7gKSipKh4MMGQyb6mWmPn_UcenNfotN7dC7y8968f2oBpkbCmvejqn8V9_y6ODHtuU9bnMs-p55DqWfN6VQq9jRllc7ifumUvc1MTMxw72IlX3mjXWSXMX_CjGKoraIygUl5N9uTWmgsrwOGvq0wBLp6QyixA7LLd-zCghGEgvi15aY4a7v6cW-VXz5ylig_CwPuuubisSNYiaIqKnr1pNvEpw5RqKBZojN4vzV-dM1vaKiuXMwzBNfv-1VUtNDXsIjwnCmihUnJdm4kyEfLMDSHUbFjBwpaztuD9fDQM3MfqEAq-yZgUzoP9wv_LCXoSZ2iWW8pgW5XDQeTQZCZsBR5efajEvAW_wWeE5ueopGOGiHMja-InqK3IwQPsNG_yaEzGiM9Tnr9aI6rqLykIzPmGmFLeUZJEcC7b09cbijotbbp4Vkd-PBF3t1vLRWIGdG4atxz2U5X5AuCgDXCecLY_SXRlR-Ri2Iu011O2znhKFfLdOLgK1_2laDeYOL8ufNdQ3U00YCforL_4hv3YtfchxxkpAAQ-sdjbjuc9fyqP1T5V18pmTYSzNPkpEV5zhrpxKOhuFK1HliCybLr6Pm45bs6P54ZLoXSa_vo1ioI7AOxYO-w2FyoL9G9eDRZ9w5nRH4-WfvGLlEhQpkbVX0R9eFnbeiOge9AL8nEPa1_jNts6oh2mDOgjErZvJH9Xl2s1VkECzN66y8-Im6K6NnAG71LuDRlH44Fzuz_CmhTYde6eBhpEpBgUaPD8fe1rXH6R8wD3GvHp_nC0Rk3Bd4Wi7sTDaWWv8Q5G108a5AVyihENAFyopWsVCQYnMxux4iVwJ-rBK6kazCBHEP0rjsZhYPPos9_UoZ1yW0KT6wTgOE4qUBSbCjl54FBdkFoPw7XPbYhSZ7t6wWLzOzqHExp_rk0ykEry385BaT0PsPYwQ&uid=8678426496727659232&mguid=&ap={AUCTION_PRICE}
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
80.168.214.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:11 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
sca.17.6.2.js
static.adsafeprotected.com/ Frame D0FB 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
20706295
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
785JYkmUyJRmDiEE_QmJ_hbsYewXwqE31UT5X0d7M6CHicfueNb-6A==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=931294&campId=728x90&pubId=4531748607&chanId=22405397127&placementId=4601587669&pubCreative=138271807372&pubOrder=2260375129&cb=455849355&adsafe_par&impId=b9b4240f-f615-11ed-9736-0ae3ea675541&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-03&adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:b2e1a112-79e6-f74f-65d3-fbb17c8a533c,c:d2HBmw,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-5cf46fd95f-lqw9r,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1515.3289.970.250,am:i,cc:1515.3289.970.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:113,mot:0,app:0,maw:0,fm:tEGy4jV+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C171%7C172%7C173%7C174%7C18%7C19%7C1a%7C1b*.931294%7C1b1%7C1b2%7C1b3%7C1c,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:126,oid:baf52f26-f615-11ed-bd6b-e67112058476,v:19.8.411,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.103.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-103-77.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:11 GMT
server
nginx
x-server-name
app16.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931294&asId=b2e1a112-79e6-f74f-65d3-fbb17c8a533c&tv=%7Bc:d2HBmx,pingTime:-8,time:126,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:126,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:125,wc:0.0.1600.1200,ac:1515.3289.970.250,am:i,cc:1515.3289.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B12~0%5D,as:%5B12~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tEGy4jV+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C171%7C172%7C173%7C174%7C18%7C19%7C1a%7C1b*.931294%7C1b1%7C1b2%7C1b3%7C1c,idMap:1b*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:126%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:f887:cee9:cb75:534 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:11 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame 9EDE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWid8kb106FA7L-QFZCLbwJ87Z2Z7-RUBYkBoTob3FjsN-QHZ5P1FOO8DXxBpsiNYKGFUqP-hfVZAaZtd52XmlnMpW6ic1SACYYn6VP-HWMmLYT6-7JHfCJXXcbD1TFCeZNYyEiylA3mVcdQL-Ym2WaZiiiBpw4OQh9L498uA3cBfqVFzujeukgu7bZ0ButHSc_PlpVSToX8OSB7OWuDJUH0CtfTehe2VaShLLfEWHFErQg8dvK19G81glWnS3QveHek6Dav-RxmPrcT3E6MS3haZ3RvSQrXKKRMmqlkKO4u-cOUK63M7fabF1hXepH1brAc_lGlI4O_o&sai=AMfl-YSTmV0VocNvL4JOJhWUXzwE8WstOCVaA-bzyjI6Tb1G_BccMMbzn3js2_AhRcUF1EOlW3asMz8Zq2P-Kn1bghrZ0JrYXynT60HFypxJrSxbG1D6xMC3GBycIkgwiw&sig=Cg0ArKJSzPxA330Ow_A-EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 19 May 2023 07:21:11 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931294&asId=b2e1a112-79e6-f74f-65d3-fbb17c8a533c&tv=%7Bc:d2HBn9,pingTime:-2,time:164,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:145,beZ:146,mfA:257,cmA:258,inA:258,inZ:261,prA:261,prZ:265,si:270,poA:271,poZ:289,cmZ:289,mfZ:289,loA:295,loZ:298,ltA:309,ltZ:309,mdA:147,mdZ:161%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:970,h:250,t:125%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:164,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:125,wc:0.0.1600.1200,ac:1515.3289.970.250,am:i,cc:1515.3289.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B50~0%5D,as:%5B50~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tEGy4jV+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C171%7C172%7C173%7C174%7C18%7C19%7C1a%7C1b*.931294%7C1b1%7C1b2%7C1b3%7C1c,idMap:1b*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:126,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/frontpage_4,google_ads_iframe_/4246/fmg.onion/frontpage_4__container__,dfp-ad-12%5D,sinceFw:38,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:f887:cee9:cb75:534 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:11 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931294&asId=1157c5e0-f76b-b985-2781-10e7f7780db1&tv=%7Bc:d2HBpX,pingTime:-10,time:1067,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi4xMjYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684480871428%7C%7Cbe3b8f69163acbdc040daf2e27667cb7%7C%7Ce680db45f58fb4c44533cfaed40b3e29%7C%7Cd53e86be7e4415af8168394a363f9e1b%7C%7Cd87020bd3f34aa2c29fc350db53385b6%7C%7C9137cbbb48ea8713f39761f58f9fadd4%7C%7C19e6bd3013eb13cb6e212f03478aacc2%7C%7Cec1f8306d28f4f19778d96106f2d6f0a%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:f887:cee9:cb75:534 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:11 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
async_usersync
ib.adnxs.com/ Frame BD0D 		0
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7656&pub_id=1573867&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7656&pub_id=1573867
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 May 2023 07:21:11 GMT
AN-X-Request-Uuid
ea75ea2c-9c9b-4405-b815-b38433f7dbda
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.146; 185.213.155.146; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931294&asId=b2e1a112-79e6-f74f-65d3-fbb17c8a533c&tv=%7Bc:d2HBAp,pingTime:-10,time:986,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi4xMjYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684480871428%7C%7Cbe3b8f69163acbdc040daf2e27667cb7%7C%7Ce680db45f58fb4c44533cfaed40b3e29%7C%7Cd53e86be7e4415af8168394a363f9e1b%7C%7Cd87020bd3f34aa2c29fc350db53385b6%7C%7C9137cbbb48ea8713f39761f58f9fadd4%7C%7C19e6bd3013eb13cb6e212f03478aacc2%7C%7Cec1f8306d28f4f19778d96106f2d6f0a%7C%7C1663701684,sca:%7Bspg:1157c5e0-f76b-b985-2781-10e7f7780db1%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:f887:cee9:cb75:534 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:12 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931294&asId=196ff628-af93-1576-427c-587cb661f7ec&tv=%7Bc:d2HBEs,pingTime:-10,time:1696,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi4xMjYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684480871428%7C%7Cbe3b8f69163acbdc040daf2e27667cb7%7C%7Ce680db45f58fb4c44533cfaed40b3e29%7C%7Cd53e86be7e4415af8168394a363f9e1b%7C%7Cd87020bd3f34aa2c29fc350db53385b6%7C%7C9137cbbb48ea8713f39761f58f9fadd4%7C%7C19e6bd3013eb13cb6e212f03478aacc2%7C%7Cec1f8306d28f4f19778d96106f2d6f0a%7C%7C1663701684,sca:%7Bspg:1157c5e0-f76b-b985-2781-10e7f7780db1%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:f887:cee9:cb75:534 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 07:21:12 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
event.png
tpsc-ew1.doubleverify.com/ Frame E269 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ew1.doubleverify.com/event.png?impid=46d030fca9f14031bdc1c4b471ece816&flavor=0&gdpr=&gdpr_consent=&vdur=157&eoid=14&msrjs=3783&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=113&tetms=13&msltms=67&vltms=157&sei=289&vetms=241&tuviims=442&tuviems=840&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=8520&msrcannum=3&ismms=70&isumms=70&nvr=3&isgmmims=71&isgmv4mims=70&elmtp=2&isbxdms=3071&b1=3148&adhgt=250&adwdth=970&norwdth=970&norhgt=250&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1.0&lftb=3148&sftb=3148&msrdp=0&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&scrhgt=1200&scrwdth=1600&strp=9&advisonl=false&isgmpims=70&engalms=68&dvp_hdnAd=0&dvp_dpr=1&vstsz=906&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3444&cbust=1684480873714821
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3783.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Fri, 19 May 2023 07:21:13 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
05/18/2023 07:21:13
event.png
tpsc-ew1.doubleverify.com/ Frame DADB 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ew1.doubleverify.com/event.png?impid=cdd8d6e978794aa88e430b3766f2930a&flavor=0&gdpr=&gdpr_consent=&vdur=33&eoid=14&msrjs=3783&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=31&tetms=14&msltms=47&vltms=33&sei=289&vetms=214&tuviims=611&tuviems=858&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=8520&msrcannum=3&ismms=20&isumms=20&nvr=2&isgmmims=21&isgmv4mims=20&elmtp=2&isbxdms=3020&b0=3150&adhgt=250&adwdth=970&norwdth=970&norhgt=250&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1.0&lftb=3150&sftb=3150&msrdp=0&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isgmpims=20&engalms=19&dvp_hdnAd=0&dvp_dpr=1&vstsz=908&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3253&cbust=1684480873890961
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3783.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Fri, 19 May 2023 07:21:13 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
05/18/2023 07:21:13
event.png
tpsc-ew1.doubleverify.com/ Frame 80DA 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ew1.doubleverify.com/event.png?impid=2e220c375d844dfa83ee1192aface04a&flavor=0&gdpr=&gdpr_consent=&vdur=28&eoid=9&msrjs=3783&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=30&tetms=14&msltms=45&vltms=28&sei=289&vetms=36&tuviims=171&tuviems=235&engms=1&engisel=1&dvp_dtcov=2&ttfurm=3072&cbust=1684480874192439
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3783.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Fri, 19 May 2023 07:21:14 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
05/18/2023 07:21:14
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/32_8_0/infra/ 		889 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_8_0/infra/cmTagFEED_MANAGER.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
09a68992ad29d201e9df1c7257e25528219c03bc00a5dde8a5b3cb05a022dfd4

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-meta-mtime
1684239762
date
Fri, 19 May 2023 07:21:14 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
SNCA6FVRM0JZRC1G
age
240985
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1684239763
x-amz-meta-mode
33188
content-length
149975
x-amz-id-2
mTeAaqzborysOmKfAtTD8qOs4wNoMbM6bzHuYYRnGPbKOXp9+oAm+Om29u1tFe17htAsFNJ8mVo=
x-served-by
cache-fra-eddf8230138-FRA
last-modified
Tue, 16 May 2023 12:22:44 GMT
server
AmazonS3-br
x-timer
S1684480875.753326,VS0,VE0
etag
"60ccdbe8a6cbccc003e38ee4081baab1"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
177383
cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_8_0/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_8_0/assets/css/cmOsUnit.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-meta-mtime
1684239781
date
Fri, 19 May 2023 07:21:14 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
B1ZDC6GXYYWK0QVS
age
240990
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1684239781
x-amz-meta-mode
33188
content-length
7877
x-amz-id-2
wBa/i7d48xPadZAnLIU4KfraG1680XTHy2p+qQ7yf2b6p1A5j+rMA347vLL6KrTM+u+2E+dO/kQ=
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Tue, 16 May 2023 12:23:02 GMT
server
AmazonS3-br
x-timer
S1684480875.741402,VS0,VE0
etag
"92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
235293
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.1.8/ 		436 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.8/OvaMediaPlayer.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
494747d7ec60d95b26eca76338de89444b60dbe33e2aa3ee7a8ed53dd36022ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-meta-mtime
1683622864
date
Fri, 19 May 2023 07:21:14 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
KQ9SQXKNBRPJ2W7W
age
857938
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1683622879
x-amz-meta-mode
33188
content-length
84209
x-amz-id-2
lXX05OzzyjXzMGZ/1vCY4D7rW14TUA4AuVj/vw+uZxRyuC1rLMtgYz7V99pwbRXOldQ85LYslNc=
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Tue, 09 May 2023 09:01:20 GMT
server
AmazonS3-br
x-timer
S1684480875.943109,VS0,VE0
etag
"5b7fa2993f4635dad5e1ba884ca41236"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
816818
sync
am-match.taboola.com/ Frame 1EA8 		439 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8eKECLAZ4NstnMC47qBPwbJbPYFx2UC8AAABgYID-AEnuRovRcGZyizyT5Vq0MC7WwtnC4RZNbIOJxbWbzTYuIyDJ3WgxGs5MbpFnslyLFsbFWjhbONyiiW0wsbh2s9nGZQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQ0A6n3foPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxR6vbx-kDZdCFSYFuEEQAAAIDc6k3JI5N0gopFlf___34rAFcAAAIQZcR9NrPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QkkJPmqCBwg81v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLDkErBoPVCYjZAQAAALjz____jwcvQ75KidowVQ9I-RablcMzcvhGxtlgNxnObDbnzOXyzGaDmc018x4uCAP1V5q0iz4iwjL7fQch3-0yPHwug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDZxuVarmW2tGs4cbtHIuFsLZ7vlWrVyuSaLiW_kWjncotfHdLENFsaVZ4sEA0z2InlapBOZczJa7oaTicWymG2Gu43JM1kuPJOJyznYbAyTiViiOVmkE9ll3_ItNiuHZ-TwjYyzwW4ynNlszpnL5ZnNBjOba-avTVyu1WpmW6uGM4dbNDLu1sLZbrlWrVyuyWLiG7lWDrfo9TFdbIOFceXZN2bD0Wg4GM52-8ZsOBoNB8PZbt9hMj1Tn7PRGhNfPjLVuLSyTGxOg8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-FbXZc97Uz6uKa_zIDYYFLFEcJFOdH63y-R0ONaio8tvd_rtFrFEabpIJ_qi3-0yPHwuf0UsEZwu0onQ73ZZ1H_0EMPVXLLYzBWr1Vwxmq0SAAAAAAAAAIAlmGa6CQAAAICTQQ2Xi8VsnQ5mMpwtRrPlArjwJNP1M7wjH_jGC7lLpjGB7EJIxrhYY49FnN_tMjkdjrXo6PLbnX67lQFceFox2-wzglir1bIGAAAggA0AAECAm268CUih4v7____HAQAAkJFDDwAAgH4f0NQzF0q98CM_ghzORvsHoEKs1Wp1u7FWqwU!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
9dd941179830928bacbf74709a62dc50ea4a20c00695d6ab5915b98bdfb01939

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 19 May 2023 07:21:14 GMT
machineid
3407
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.theonion.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Fri, 19 May 2023 07:21:15 GMT
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
FRA60-P1
age
1490635
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230045-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1684480875.000670,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
npduzmsBCTInKS4xiVDpNaDedmMD0lXz2htxNJCf5T4Pqvm9JpF6qQ==
x-cache-hits
601194
generic
match.adsrvr.org/track/cmf/ Frame 1EA8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8eKECLAZ4NstnMC47qBPwbJbPYFx2UC8AAABgYID-AEnuRovRcGZyizyT5Vq0MC7WwtnC4RZNbIOJxbWbzTYuIyDJ3WgxGs5MbpFnslyLFsbFWjhbONyiiW0wsbh2s9nGZQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQ0A6n3foPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxR6vbx-kDZdCFSYFuEEQAAAIDc6k3JI5N0gopFlf___34rAFcAAAIQZcR9NrPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QkkJPmqCBwg81v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLDkErBoPVCYjZAQAAALjz____jwcvQ75KidowVQ9I-RablcMzcvhGxtlgNxnObDbnzOXyzGaDmc018x4uCAP1V5q0iz4iwjL7fQch3-0yPHwug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDZxuVarmW2tGs4cbtHIuFsLZ7vlWrVyuSaLiW_kWjncotfHdLENFsaVZ4sEA0z2InlapBOZczJa7oaTicWymG2Gu43JM1kuPJOJyznYbAyTiViiOVmkE9ll3_ItNiuHZ-TwjYyzwW4ynNlszpnL5ZnNBjOba-avTVyu1WpmW6uGM4dbNDLu1sLZbrlWrVyuyWLiG7lWDrfo9TFdbIOFceXZN2bD0Wg4GM52-8ZsOBoNB8PZbt9hMj1Tn7PRGhNfPjLVuLSyTGxOg8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-FbXZc97Uz6uKa_zIDYYFLFEcJFOdH63y-R0ONaio8tvd_rtFrFEabpIJ_qi3-0yPHwuf0UsEZwu0onQ73ZZ1H_0EMPVXLLYzBWr1Vwxmq0SAAAAAAAAAIAlmGa6CQAAAICTQQ2Xi8VsnQ5mMpwtRrPlArjwJNP1M7wjH_jGC7lLpjGB7EJIxrhYY49FnN_tMjkdjrXo6PLbnX67lQFceFox2-wzglir1bIGAAAggA0AAECAm268CUih4v7____HAQAAkJFDDwAAgH4f0NQzF0q98CM_ghzORvsHoEKs1Wp1u7FWqwU!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 19 May 2023 07:21:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
6be555f6-58fa-4d87-8679-5ee521b7d5ea-tuctb60a8e3
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 1EA8 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/6be555f6-58fa-4d87-8679-5ee521b7d5ea-tuctb60a8e3?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8eKECLAZ4NstnMC47qBPwbJbPYFx2UC8AAABgYID-AEnuRovRcGZyizyT5Vq0MC7WwtnC4RZNbIOJxbWbzTYuIyDJ3WgxGs5MbpFnslyLFsbFWjhbONyiiW0wsbh2s9nGZQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQ0A6n3foPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxR6vbx-kDZdCFSYFuEEQAAAIDc6k3JI5N0gopFlf___34rAFcAAAIQZcR9NrPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QkkJPmqCBwg81v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLDkErBoPVCYjZAQAAALjz____jwcvQ75KidowVQ9I-RablcMzcvhGxtlgNxnObDbnzOXyzGaDmc018x4uCAP1V5q0iz4iwjL7fQch3-0yPHwug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDZxuVarmW2tGs4cbtHIuFsLZ7vlWrVyuSaLiW_kWjncotfHdLENFsaVZ4sEA0z2InlapBOZczJa7oaTicWymG2Gu43JM1kuPJOJyznYbAyTiViiOVmkE9ll3_ItNiuHZ-TwjYyzwW4ynNlszpnL5ZnNBjOba-avTVyu1WpmW6uGM4dbNDLu1sLZbrlWrVyuyWLiG7lWDrfo9TFdbIOFceXZN2bD0Wg4GM52-8ZsOBoNB8PZbt9hMj1Tn7PRGhNfPjLVuLSyTGxOg8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-FbXZc97Uz6uKa_zIDYYFLFEcJFOdH63y-R0ONaio8tvd_rtFrFEabpIJ_qi3-0yPHwuf0UsEZwu0onQ73ZZ1H_0EMPVXLLYzBWr1Vwxmq0SAAAAAAAAAIAlmGa6CQAAAICTQQ2Xi8VsnQ5mMpwtRrPlArjwJNP1M7wjH_jGC7lLpjGB7EJIxrhYY49FnN_tMjkdjrXo6PLbnX67lQFceFox2-wzglir1bIGAAAggA0AAECAm268CUih4v7____HAQAAkJFDDwAAgH4f0NQzF0q98CM_ghzORvsHoEKs1Wp1u7FWqwU!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:a280:fe7c:1c7c:7039 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 1EA8 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8eKECLAZ4NstnMC47qBPwbJbPYFx2UC8AAABgYID-AEnuRovRcGZyizyT5Vq0MC7WwtnC4RZNbIOJxbWbzTYuIyDJ3WgxGs5MbpFnslyLFsbFWjhbONyiiW0wsbh2s9nGZQUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJQ0A6n3foPAAAAACAAAAAASAAg9POUAJAhETzx_________x9jgD7zRsb_____DYMeAA8-AB6EAAAAfAxR6vbx-kDZdCFSYFuEEQAAAIDc6k3JI5N0gopFlf___34rAFcAAAIQZcR9NrPoDkq8hQEAAAAQg5chX6VEbZg6ZoEeFr_f7LBr_G6X-f________8383_mH40QkkJPmqCBwg81v4AAAGt-AQEA2IwbAIA3AnBCTgaaTofPda_X_X530dHltzv9drvG7_aLDkErBoPVCYjZAQAAALjz____jwcvQ75KidowVQ9I-RablcMzcvhGxtlgNxnObDbnzOXyzGaDmc018x4uCAP1V5q0iz4iwjL7fQch3-0yPHwug6joelvsDqfZcxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDZxuVarmW2tGs4cbtHIuFsLZ7vlWrVyuSaLiW_kWjncotfHdLENFsaVZ4sEA0z2InlapBOZczJa7oaTicWymG2Gu43JM1kuPJOJyznYbAyTiViiOVmkE9ll3_ItNiuHZ-TwjYyzwW4ynNlszpnL5ZnNBjOba-avTVyu1WpmW6uGM4dbNDLu1sLZbrlWrVyuyWLiG7lWDrfo9TFdbIOFceXZN2bD0Wg4GM52-8ZsOBoNB8PZbt9hMj1Tn7PRGhNfPjLVuLSyTGxOg8JlsHh_EtNi2p0dTGff0WnzqZdFndHv9_v9fr_f7_f7DVrPwWxQ-FbXZc97Uz6uKa_zIDYYFLFEcJFOdH63y-R0ONaio8tvd_rtFrFEabpIJ_qi3-0yPHwuf0UsEZwu0onQ73ZZ1H_0EMPVXLLYzBWr1Vwxmq0SAAAAAAAAAIAlmGa6CQAAAICTQQ2Xi8VsnQ5mMpwtRrPlArjwJNP1M7wjH_jGC7lLpjGB7EJIxrhYY49FnN_tMjkdjrXo6PLbnX67lQFceFox2-wzglir1bIGAAAggA0AAECAm268CUih4v7____HAQAAkJFDDwAAgH4f0NQzF0q98CM_ghzORvsHoEKs1Wp1u7FWqwU!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 07:21:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 boolean| credentialless string| countryCode object| blockthrough object| defaultPageContext object| dataLayer object| analyticsContexts string| GoogleAnalyticsObject function| ga object| _comscore object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| _taboola object| kinja object| googletag object| headertag number| interval function| _fasttoken object| _user object| webpackJsonp object| apstag object| pbjs object| COMSCORE object| ns_p object| google_tag_data object| gaplugins object| pbjsChunk object| _pbjsGlobals object| mnet object| BULBS_ELEMENTS_ADS_MANAGER boolean| apstagLOADED object| apscustom object| _aps object| google_tag_manager boolean| creativeVendorLibraryLoaded object| TRC object| _tblConsole undefined| msg object| ats object| _ml undefined| channel string| trackonomicsId object| scrEm function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| trx function| md5 function| onYouTubeIframeAPIReady object| gaGlobal object| google_optimize object| videoHtml5Controllers function| stopVideoHtml5 function| deleteVideoHtml5Controller object| t2wbVG2 function| t2wbVG3 object| xop object| -you084ekgzk object| -pswvivt7bwg object| rfzsAe function| rfzsAz object| xblacklist object| C9vXNJ2 function| C9vXNJ3 function| xblocker object| ggeac object| google_js_reporting_queue object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent function| initVideoHtml5 object| closure_lm_427378 undefined| google_measure_js_timing object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id number| taboola_view_id object| closure_lm_389762 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_135 object| Criteo_identitytag_135 object| GoogleGcLKhOms object| regeneratorRuntime function| veritasStart string| veritas_version function| filterCSS function| filterXSS object| _sf_async_config number| _sf_endpt string| ENTRY_POPUP string| nam object| placementData boolean| DFPMessageEnabled object| gaData object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| cmTag object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt object| _cm_wfCounters number| lnt_z boolean| __bt_already_invoked object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| google_image_requests function| webpackHotUpdate function| startCMTagMain string| category string| vpaidId function| OvaMediaPlayer

46 Cookies

Domain/Path Name / Value
www.theonion.com/ Name: geocc
Value: DE
.theonion.com/ Name: KinjaBucket
Value: 5
www.theonion.com/ Name: KinjaSetBucket
Value: 5|1684480800|wvO2cQHE4lyjWqAQpmrTLcUBzuieB1hDXaGKLRbs8UE=
www.theonion.com/ Name: lux_uid
Value: 168448086682167929
www.theonion.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.theonion.com/ Name: pageDepth
Value: 1
kinja.com/ Name: KinjaSession
Value: 9882c3ae-c231-4a71-90d1-1d9468e7eff4
.kinja.com/ Name: KinjaBucket
Value: 5
kinja.com/ Name: KinjaSetBucket
Value: 5|1684480800|wvO2cQHE4lyjWqAQpmrTLcUBzuieB1hDXaGKLRbs8UE=
www.theonion.com/ Name: _lr_geo_location
Value: DE
.kargo.com/ Name: ktcid
Value: ea7e1296-a090-080a-1b59-9cef867cc267
.theonion.com/ Name: __gads
Value: ID=65ca2c478d80b716:T=1684480867:S=ALNI_MY9VxLtKzGJdUGHHsoT5NQra4mQFg
.theonion.com/ Name: __gpi
Value: UID=00000c19c0420eca:T=1684480867:RT=1684480867:S=ALNI_MYxIyQzQglqtb3wMGQvBlzLk54RVA
.adnxs.com/ Name: uuid2
Value: 8678426496727659232
.rubiconproject.com/ Name: khaos
Value: LHU8F02A-1O-DO63
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EgPCBOHFiwy1z5APvdogVCbaTd6KyMQnau+SmvwaNDOnpx/gridWkOfgXKALezHt0LVxh1uxPoukeBxGCOXoSK1DUMZeP765Cvc6UO785F0Pw==
.criteo.com/ Name: uid
Value: a471abbf-5769-4d87-8e63-5b4b2662c54c
ads.resetsrv.com/ Name: ckbk
Value: 000000F84CD166E4
.theonion.com/ Name: _ga_FBJXBGD4M8
Value: GS1.1.1684480868.1.0.1684480868.0.0.0
www.theonion.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D6be555f6-58fa-4d87-8679-5ee521b7d5ea-tuctb60a8e3
.doubleclick.net/ Name: IDE
Value: AHWqTUmLpo4C_IlUCkMdpimFE1bZSth8Nbrlj9DAghJITbgTzn6kXVyHaBUg3_y9QJg
.theonion.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.theonion.com/ Name: _ga
Value: GA1.2.472714348.1684480868
.theonion.com/ Name: _gid
Value: GA1.2.2001772137.1684480869
.theonion.com/ Name: _gat_unique
Value: 1
.theonion.com/ Name: _gat
Value: 1
.adnxs.com/ Name: icu
Value: ChgI64dgEAoYAyADKAMw5cacowY4A0ADSAMQ5cacowYYAg..
.liadm.com/ Name: lidid
Value: bebf7412-267a-4bb3-a127-bcb144f74570
.theonion.com/ Name: _cb
Value: tlgsJBh3idxB4LKGY
.theonion.com/ Name: _chartbeat2
Value: .1684480869331.1684480869331.1.CtmCE7FGpzCWc4UKDBKPBfDzxjc0.1
.theonion.com/ Name: _cb_svref
Value: null
.mediago.io/ Name: __mguid_
Value: 6353e3be9a6184a972875fe1388ff414
www.theonion.com/ Name: vtas_f
Value: 50e5d5e8265421bfb3ffab5c5f5c5462422a4853
www.theonion.com/ Name: vtas_version
Value: 1.1.2
www.theonion.com/ Name: vtas_kv
Value: {"veritas-segments":"10","veritas-iab":"13"}
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2E?#KRYa'!A#F>.TOK`DmJOa*:3[D_+QeGIHnkNY:'c2<^[(qSgPB`B/s>%Olk49Q7tiE_]a'q_YqmV3PVX23nXm/!/#yCSX8Db
.theonion.com/ Name: cto_bundle
Value: _5cwpl9Uc1ZwcThkRmFBaHppeUZWUDlLeTB0SzA1d1E2cnpWVW45VGc5NXgzZVJVaDElMkZGcjJreHRLQ1Z0ZHUyek5SczRKQXlrZ0dKdWI2c0xMajNQWUZhdzltNFZ5OXdIUTZlQlZCUGMyamlIeHFWNGg3aTd5a1NrcFFQeE9Ud3RLTGhkTlJNZlFBRTJtYnVsJTJGQmRyYnhpeU93JTNEJTNE
.casalemedia.com/ Name: CMID
Value: ZGcjZ-Xk2-NsdhXgwbbAjQAA
.casalemedia.com/ Name: CMPS
Value: 5215
.casalemedia.com/ Name: CMPRO
Value: 5215
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: SyncRTB3
Value: 1685664000%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B86316C1-2C0C-4FCE-AD81-24370E48581C
.simpli.fi/ Name: suid
Value: 0F5E0D8BE1874A2B8C426DC77F74DC41
.pubmatic.com/ Name: pi
Value: 161204:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2

7 Console Messages

Source Level URL
Text
security warning URL: https://tagan.adlightning.com/gomedia/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/gomedia/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/gomedia/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idx.liadm.com/idex/ie/any
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning URL: https://tagan.adlightning.com/gomedia/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://fr-actions.trackonomics.net/prod/www.theonion.com/action_links.json
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2b77319d7650ed6fda932114414ab49f.safeframe.googlesyndication.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.resetsrv.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ampcid.google.com
ampcid.google.de
api.btloader.com
api.rlcdn.com
as-sec.casalemedia.com
ats.rlcdn.com
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
cdn-magiclinks.trackonomics.net
cdn.adnxs.com
cdn.doubleverify.com
cdn.mediago.io
cdn.speedcurve.com
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
cs.media.net
d2cli4kgl5uxre.cloudfront.net
direct.adsrvr.org
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
f.kinja-static.com
fastlane.rubiconproject.com
fr-actions.trackonomics.net
fra1-ib.adnxs.com
fusion-media-group-d.openx.net
geo.privacymanager.io
grid.bidswitch.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.kinja-img.com
ib.adnxs.com
id.sv.rkdms.com
idx.liadm.com
image2.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
imprammp.taboola.com
insight.adsrvr.org
js-sec.indexww.com
kinja-com.videoplayerhub.com
kinja.com
krk.kargo.com
match.adsrvr.org
ml314.com
mug.criteo.com
no.kinja-img.com
onlinertb-us.s3.us-west-2.amazonaws.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel.adsafeprotected.com
pr-bh.ybp.yahoo.com
prebid.media.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
region1.google-analytics.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
tagan.adlightning.com
tlx.3lift.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
trace-eu.mediago.io
trc.taboola.com
trx-hub.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.theonion.com
x.bidswitch.net
x.kinja-static.com
104.18.10.47
104.18.24.185
13.32.27.60
13.32.99.122
13.32.99.21
130.211.23.194
130.211.44.5
138.197.55.50
141.226.228.48
141.226.230.50
142.250.185.98
143.204.98.16
15.197.193.217
151.101.1.44
151.101.129.44
151.101.130.166
151.101.66.166
151.101.66.217
172.217.18.6
178.250.7.13
18.66.122.70
18.66.147.119
18.66.147.3
185.64.189.112
185.64.190.79
185.64.190.80
185.80.39.216
2001:2030:0:4e::d59b:9dc8
2001:4860:4802:32::36
23.35.228.23
23.35.236.188
2600:1f18:1aca:4282:f887:cee9:cb75:534
2600:9000:2057:1c00:18:1fcd:353:c61
2600:9000:211e:4e00:11:9be7:da80:93a1
2600:9000:223f:2800:8:48e:53c0:93a1
2600:9000:2240:7600:1d:8c8c:47c0:93a1
2602:803:c003:200::21
2606:4700:20::681a:346
2606:4700:20::681a:68b
2606:4700:20::681a:932
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2004
2a00:1450:4001:827::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9c
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a04:4e42::300
2a05:d018:d29:3601:a280:fe7c:1c7c:7039
3.208.211.92
3.65.71.228
3.71.149.231
34.107.148.139
34.111.234.236
34.120.133.55
34.91.62.186
35.158.0.160
35.214.168.80
35.244.159.8
35.71.161.21
37.252.171.21
37.252.171.22
44.209.73.107
44.213.190.84
52.207.12.114
52.215.103.77
52.222.208.154
52.222.253.136
52.28.189.123
52.29.34.191
52.92.153.154
54.155.77.0
54.93.180.214
76.223.111.18
01c61fa8398bb360b7a71e2e36392400568e53e0c560ac795294826134e58495
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0372641a363eeb5b3cc18cd2e859319fa47e8f20f39313f73ebf9b8fa757e2f3
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0620cf7101c8bffac1843e723ab638b45b6ebb65a05fd8e9a552db452668f259
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07fc122acefea6b2acb769a0fe6d936d22e2a0bc1abd1022ff750296ae5d86b0
08bd6c4c57896830d2259ecb46fea03cdf9250899afa7c1f767047d39f663ad8
09280334d0b307a17713df150a6dd9c4b63f9556fa2d9244aee0afc26bcc0eaa
09a68992ad29d201e9df1c7257e25528219c03bc00a5dde8a5b3cb05a022dfd4
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
0dc504b96b65395ceeed5dba1f184d42c2927e97bae9d744e54d9f8a4ab464d0
0ed375278b06c36ab8b2da5f18e09677565b827177abdffe343b8b274a70c08b
0f7c6b7e1a097cb5ac93dbd6d6f20d8b8eded40183acd7ec3c581066ac932b65
103d431c287cc26f665d175758535ea267b73245c1b52b4e446ad52f26379c86
1063c185d2ba098c3c38deeaa02f320ce4850364758330aa5a511441bd313d22
1142e754f323937fbcf1d75502cb5d49eaef6791d1f0ca9ec7dc8089be3934fe
115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388
11a2ecf45a901a08d0bddac8396f4547d5a061febbed7739c338184e0f5c101e
125e539173a50a3dea5c5fdf369e3823754d7bab90fb9107a0088854f676d9b2
1438700bc5c08c81bbc8eab227772b9898a6cc68a8e66a2fb8b366a663a29b74
16943102ea475725090051cf03612718f855e1c54c4200292fd5e032e8c8f9df
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1c9ece454c486d93962d0c5defd04da41bbf7d347e047f466cb7425937f42fd6
1e0965136e734301a52949c28baca0805656c2f10c760df1bff1f1c77adca2f2
1e2b080a93bf722726efe005d49bb3b2bef59607afa9afcd84c8a743eca76757
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
221c51d6190d8c5cf2217bc17bc7ed47c99c31528fb2b8800c4c0233742a5038
2294f133e2353c2abc81238c3db189bf063e27888886a17831e58e0026d4b846
231212e9802fc94bc932e88ab63103b2f2f54772ced3d01b873383e4c9c05be6
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
259481fa6cfdf7020f1881da103ea0c9b7b0cdaa973b540a38562610b431fc89
264447bf80f04ae69febd723d270354d5ede73672184d6c67a8286c3e0bd6a39
27a3e24234e5ae74f27010f9b62df7e4a9c3fb4b212f3f434b5762b3830a8929
29ec1dc4b9f47cf133fc2470982fcaa69d2fef0835492f47d7877bc21e021f30
2b14301c6e55453137555d78d96f03fbfe06dfd5f7b648228770384f9d05b257
2c51a9f78fdccbfbd0c6bf58c7146bf7ea7a6e9c0e27795f07f1247c4c682dd6
2c9d8d2331d70b91a3c2f97026fe2bc3afe0c13b6e60ff871d3bdb58be0af852
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
30d6dfd42b9a5f0be38020e3fe03042fe88b4931993c6c63c0b8061e934d727f
3260793cefa28c184a57cd6241e48167e21d8ac279ec2f879ed00244bcd83cda
3349033a3d8b8e1eb9d4ff54ecd780854a88778979cf8a88a0a74dab4b611614
33fe3b4004d16bf0d20454ae5c1c8b60926fef40bd562485ccf0bc11dd13215c
381a36dedfb411e7e88cfe6ab8f387e5773f30361b80aa61fbc4eac8bf99a9cf
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39d8155e730f6f3306f4aef38abc2011f1c8d8a99d1ca0ea1989a34522c56057
3a4fc90cf97714d3e6f5cf38b8d73ff238d03f73f6f6e4262e7d0e97774743e4
3a59fb3b16429d5ba9bb966f4b60761352a52a95a8874138001559296c687bc9
3ab6d5bddb52a980ebe7658cca937e1ce087c1478cbeb13715876e463b2dd7f3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dce887db1a635eb83afd0a0026f485d2b641867ee7cfd20b44de4d94e5080bc
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f5f3be3dcd8039c166b39b0ebbf825484c57373c781f5fb67f29b70e91eea89
4227e7808bb153943a5c2f8fbb6e877dc2ebea70934f7b223ee112124f8f8d61
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
466ec679712d74fc59ddb8a10193696b87f17e2a2d0aae8fc14037e68669161f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
494747d7ec60d95b26eca76338de89444b60dbe33e2aa3ee7a8ed53dd36022ca
4ae140ffb6dd4c9efbae0f4c2b1fb472b3c4f911669390253b7883b59fe1d4f3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e654dc4aa833a34b4871aa86e91240fe6b88560fdffcd9b1023d9cc31d1753d
50e9e22760a26e8963522fb08fd2537cd1dd95b6ed9fd608e942440781b15423
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557b13c1e04fc36797af23f9e0f94fdad816c0a61d8b32aa50370158b32b6393
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d
582fd9b394fd8aacd37da7ff532062c5b1d274b20441e35601f1ae44f6b9d340
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc
5b0d0d08c3b7fbdc8164e467ee1d637e4b616be1a489699c18b67082281851b8
5b4d7f0e2316e5817ad26ef504acd2791226ebbf2e9fe1a7fbfa92fa4ed5c7a4
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5db6dc59e662741fc2c7cd4961e31ab13a1afa0bc8efac1ed7fe8aab6ed242eb
5e55ca76e105c30a8de2bd2b139abc4fdfa427006463089b50cc1b10b239129b
6058ab016bbd6df17f42d9b24cc8488be67b85ea6099e699d3f61466375c467b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
638cb175b6c9d489fd461421a80dd74569f0873de513aec695e34aa1d2b75304
649d7e12233b46ac9a47751bc38b54c4d57e164f998d00e5e75e93aab5efe71c
6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28
660bfebc886cf156f4131562f7c6fdf32e5b976bbdaa54ff13a9782b1d404cfd
66c2ca052cc2afc4c8597a3fe5eeab18b9015b7459479b51cf5c0339232ab7ac
682f1cc5b34c9385a942715670acf4f165e8e14f77e2fe29a43fcbcf8ca0b463
69463b35705eb329709a36bb30991b7d624f8e42df321952efc56c398af2e088
6ad61602e9db9558662d5280058aee442dbf0b3676a043158ea945439e4f6346
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b7c982d0dbbc8a1fa903e68d1daf7476f27fbd2ca8cd044b5e2053cc52d75e5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c923a732b548572aa5c8329bee5129a633171b25092c84be5c8fbe58e0eb2a0
6d2ca4e549a9a91705c30a0213f0d963513ac49e355fc83273e0392a875e4bc4
6e575bd6b4933326a8991eb95f551350b3cca9169b7c131313fdc0178453d77b
6eafa497d13de2fd5d3e722a248b7abefd0adf1f637fe60ba10dc15bc7d8cb0a
70cf567f57e13e91d4c7b2442eb95f49764108be111f38589109249933960bb5
70dd3ed3d042e2845e5130ce236879ba460b3e5fba002439d199127fca180b91
7214ee722d990c931bbd2536e69544b75b0171213b01be556afd65a842f81011
73e0b4849267d52ad5b7ec2770d92fb24b85b127aa7ae835700f6d5d0e755c0f
74543d1a2b7e25578c866b57cf25d70e405265c19c2d2616916d18fcfc1cad67
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77851be5afb51840c7809b09bcaf75d2220513c2d5a3ac5fb66b173cd3032c34
789f27eedfe5af29121f07d1dc20832357c3660482cc11a7652639bc03d7d0c7
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7c69059108d0ff02e4ff45fe0d583a4fb79b5ae96abb12e0c9390f7156084def
7ccd4a90154c172e94060e77b9c8e785e40ded811f684c39088a0257a0e3af67
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
7fae5e1f0ad241683e0138a7442b5cab53b0cbad0687c5fc5933aacfb961e12c
821fe308bbe540e46346b25f7beec5e2b785557bb00c2f9ee3b8e7c9cb8a80c1
827d01994d2e286d12a6b00b7f411ff2d54a29bd8b1ba01e357f48cdd5f05b82
8413176dd89287beafbd21e4fa5586f3d5db9aefa37b1350b34bc7533ca5ef34
842f87986e3a876c9ae2996c366ae5ef4acb76d887e71196291b4063aa57051f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
865f62e6d5fd6f5cb9deabe7a779f6df95daac2c6036f0ecd8ece5473652aaba
87ee9a3c89d4d206e59a11a01c13f43db4bb9a6d39289fd876cc05179431b2d9
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8c17821ad7c60144c3011c557ee5cc2c4fcfb8b1483603432bd5d0bacc4f748c
8cfbb185b57de51b612c207ebaad5d9f8e49a4103d6c94cb5259281f66e7ebc5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8deed6228178598479b4573d043840919ea989332514bcf88284f565eaf0fa88
914f6586e0dedc9503c45004112c60e26330477104224f4b03e91b60737e6a23
921d6a08298f520a4f4c7444ba3cf32d128706ad4018c6a576f915d79122a8dc
924c1e29dd61419934bf5c2c33646c53c428fe1ae74360d3a879303440f7ac2b
9342c689c622d3721614af2d4ac5d707f92e3862cb91756f73ba7390de19d9dd
96d53086746a2d649511ec921c973d81197d3450ed226be5a6bdadeb76d8d4b6
9708fbfcf504ef77c5c4170d1e9db38c159049f8ab47d04f6a452e689cf696aa
97432e526af0b3fa4ae90e92f280d03252b835d011575db0ad784cbe07e7578d
98064d94d7266ad7e3b0eafe11c086fe605a2582834d7268ae8897e44e9111b1
98c115c8f099e933183fb18adb4c9f7c5d2b552d1d025d9f90a6a21d2e00dc63
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
996533b6c73e13f6e7f489ce44fd689c7217636e5d6b186ac41aea2a1c8ced8f
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8
9dd295f1b8047318855e74e81dbeb02d463452670f2997dd64764a6ad88f3884
9dd941179830928bacbf74709a62dc50ea4a20c00695d6ab5915b98bdfb01939
9e8e2523ecbf62a8193a2bde64c724c85d0d85699f77680fa0274bffc1899d81
9f8436738716d8dc738dbdb896a1634ce8bc9403d2a70e13d32b64d1766ee50d
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a198440fa540fd8de0dfe887ae1bf7890e4c17b2c99989ff42e6efba7b06361f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cda5602f319b0ac2d502bbd316eb2236d23e652fb30983dcbc217a4a5f6c56
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a66a45787e47ab5de0d1ed07d185f9ce9aa0907b60070c2e5af7f321eb11208f
a6d4d40119cc84ca14f2afc2cff377dd61caa0369c83bb663d5b71d6600435c7
a7ebec103c04aedd9c1b8e8136c0afc3d979b46c8d1cc92f8a4a9ea62dc6f3aa
aa2fd69109467c1dcbf65856c4e4fcafe0ea616b822f1a0a584c4bf17233711a
aaa4d392749a5faf96a224a63a8221c3384b15a44a6b13ba3256c6deacfc2fb0
ab09761c22469d661cf56ef6f2a18c29233d98b7422de8cb60ecee68abd86ddf
ac6c760c4bf24c951c4c8f133322397b87067aa4999c373f061b3148fe4ed885
acb40f0e0250a0b0b61278541a84c0fd936728dbd16316f3a4695b7cf576147e
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
adcaa82dccaaa3cecdc503fc6531653947d6204a997edcbd4d796033fe49751d
adf38d0d4e407dbac0db7c97990ef95f2c4ecedfd8b9612c32a84973248c4df3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2347c57b7e6770755b35e6897d912ba7252bee3db684caa7b1773b74db19e96
b3f483b4c4f941a7cc1860356329639370e23b643ba93da4be31500be0b4c1ee
b5499c873a87eb32edcdf9e4591b91193a980cc9ed71ae80d56466f20ac33980
b630399dc87169c912b553c7dc294e6a7af0ca96a3186f27086566d7dd87ca41
b76b4acb661d440629c4dd862ef591f99036f473e843d27becc67536deecb9a7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf282b4ef41bf52ed9cb27a33190fdcf162f28a2c126beabaad623eef16148d9
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96
bf8fdbe63db9325383e55175c13ee611eb4c1179943854a40850f7cd4b8baf9b
c068763ad4712de6e6288d377915fbd3b18a151fefe313abaaf4667feb13b143
c11a0a8024a93ad645ce69ca93cfa8bd0054ae75f5ca36a24e1e448257d5dab8
c1d5f0ad52f72f1ca7a3e29776a40fdc9d81872fed64adcf4cd87c4c0275f7cf
c309943c3d8f6fee170056217752d554dd9b40d6b4ceb104f4f651338483b17d
c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c904d482d63252752df2063bec93a6f15bc1b899e2e9496f31ccab45af45762b
c909c28a92bf7b48807218b7eb333d2e6700bd123064a9625b63e36764ae3d91
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de
c9c3c0e5c963f8122f31d0d501e95e65fb4348af55a6aa6f6dd7c703c0957562
ca37ef191b6f9c18aff3cb043673d0a3471d3bb97ddfe2662f6126d0e0b50d2e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd8e03026b055ef3c676a417cccb8936835272ce0a7ec9fde0373da29136d96c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d13565005e90d679e3586b26ce4983e89bbf09bf5a51225bcee24822936c895f
d2a873aa95722b428af0c085721321a67a0f0a996ef2ba9d4e78a1b8d3af20e0
d56d67f545c960e3dd429f398a4a3e97372f96db2973928e39e562c636fb68fc
d715501401128a6ef9b7c4c29fbcfda703b17ad781014c0fc9916f5ef5e008d5
d7d8eda923854d45e87c11183868b806aff279a82906f1226d8752793a17ab67
d7fa261298e7430c764efe74a192a4bb2b3c975032be043c0402d23d800ca438
d8ce97fa3bd8cff499767a40e24e028e5ecafe0f07dbd15dbd575067afff98e8
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d998c7ddc798f324ab6863a89d6900a05201ccc351d8a69dffc3e0820d37a590
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da6b8f81a839e7f05011aed39252b2fb9ed2e8bd7ab8a012522d16b002e3b2c6
dbca21de82ba69b1bc23cd1c49721d7b763db98007a74397ad196d494e552f19
e0b1d493856023146a367b1111108bfd1cac71133fa403f9e7a9b260a9ec686c
e1bdb3b7614b869d4809c32ad96367004162c9ebc07d7c9d0ac3ae5cfe22c856
e21c63610abcf91b0a94282ac15072de46d583a99f48a5fa562503a214900f16
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40290f01d30182b08170c35cbd3fe0f3754ba69f1756bdda0327fa8d845a546
e78a7f108384b6ee48701f160f51b6396c6174b6168be2fff9345841dcddbd42
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9975431ab3558981df8a558a765319f7268c3d8acfe26b973a5963657f24ce0
ea2884cc810612616bee4d3ce0ee4123102e85eee5ee05053d184d8551f79b80
ea4371f89ead55d5300810bb55e29ca76618284d6d68dfb99d3d17e9725f7df2
eae5bc1041cbcc9e532f14e3fd68c77f0c1fa8e8a7459343cb46252e80af0d84
eb8868fc32945760add8b3a5b3cdbfe45a57ea6e509484152fe8bf003b37fc50
ec48043517696a7ea09023e535c5f5c3882c77b5605a39e07f51f57d9f13e955
ece8a06b96f038103b2f945a3f8932b4807f0eb982a7d284a0be0ebb5bf40fa5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e72190f69c27b1a01adb59d206feebd7343f8dc6314f884652702ee1cde0ac
f183ae165bdd51639e9d3f3d1a8f48f0cb5853af1ec99ed28854f49d06bbd88d
f29b2ceedb4715f748435499d0ecb6e642d03e40a30c3cefe1633da65937cfe2
f2f18e323c05e7d360cf00265052d209269399380524365256f420f1e0b57238
f396581d8bad1a5b8ca3f0485106c790f289acdde0cb92e1f84dbed2e3fd22c5
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7c270e257a1e2027a1a4ee15e169cb707f84cae9aed18260017f305c56c3838
f8390791fab3a4f38a41db5a1965adb8979102262b3ffbfb12d504b262b6f823
fb067083342028daebc9dc9f31a64a76b8072e39cb58ed1ccfcad56285cdba2d