URL: https://www.theonion.com/
Submission: On August 30 via manual from US — Scanned from DE

Summary

This website contacted 65 IPs in 9 countries across 45 domains to perform 235 HTTP transactions. The main IP is 151.101.130.166, located in United States and belongs to FASTLY, US. The main domain is www.theonion.com. The Cisco Umbrella rank of the primary domain is 125213.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q3 on August 2nd 2023. Valid for: a year.
This is the only time www.theonion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 75 151.101.130.166 54113 (FASTLY)
10 151.101.194.166 54113 (FASTLY)
2 18.65.39.56 16509 (AMAZON-02)
1 151.101.66.217 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
15 151.101.1.44 54113 (FASTLY)
6 2a00:1450:400... 15169 (GOOGLE)
3 18.65.39.76 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 172.64.149.180 13335 (CLOUDFLAR...)
3 18.66.202.223 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:205... 16509 (AMAZON-02)
5 52.223.40.198 16509 (AMAZON-02)
1 34.198.203.196 14618 (AMAZON-AES)
1 44.214.10.54 14618 (AMAZON-AES)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.171.55.47 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 34.111.234.236 396982 (GOOGLE-CL...)
1 2600:9000:239... 16509 (AMAZON-02)
1 18.66.218.104 16509 (AMAZON-02)
4 108.139.240.30 16509 (AMAZON-02)
4 54.76.72.139 16509 (AMAZON-02)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
4 37.252.171.52 29990 (ASN-APPNEX)
4 2a02:2638:3::7 44788 (ASN-CRITE...)
4 35.157.81.77 16509 (AMAZON-02)
1 2602:803:c003... 26667 (RUBICONPR...)
4 52.57.222.132 16509 (AMAZON-02)
1 104.18.39.155 13335 (CLOUDFLAR...)
4 185.64.189.112 62713 (AS-PUBMATIC)
4 52.222.139.15 16509 (AMAZON-02)
4 3.73.110.75 16509 (AMAZON-02)
4 35.71.161.21 16509 (AMAZON-02)
4 141.226.228.48 200478 (TABOOLA-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 130.211.23.194 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.217.18.6 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 18.244.179.50 16509 (AMAZON-02)
2 4 2a02:2638:3::c 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 178.250.1.11 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a05:d018:d29... 16509 (AMAZON-02)
3 4 18.193.211.202 16509 (AMAZON-02)
1 3.71.149.231 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
1 108.156.60.35 16509 (AMAZON-02)
1 13.225.78.58 16509 (AMAZON-02)
2 3 185.80.39.216 27381 (CASALE-MEDIA)
1 1 3.73.214.37 16509 (AMAZON-02)
1 76.223.111.18 16509 (AMAZON-02)
2 3 198.47.127.18 62713 (AS-PUBMATIC)
1 1 142.250.184.226 15169 (GOOGLE)
1 1 185.64.190.80 62713 (AS-PUBMATIC)
2 35.164.154.107 ()
1 151.101.129.44 ()
235 65
Apex Domain
Subdomains
Transfer
33 theonion.com
www.theonion.com — Cisco Umbrella Rank: 125213
741 KB
26 kinja-static.com
f.kinja-static.com — Cisco Umbrella Rank: 30984
x.kinja-static.com — Cisco Umbrella Rank: 29987
377 KB
25 kinja-img.com
i.kinja-img.com — Cisco Umbrella Rank: 24624
no.kinja-img.com Failed
231 KB
22 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 919
trc.taboola.com — Cisco Umbrella Rank: 614
vidstat.taboola.com — Cisco Umbrella Rank: 2542
am-trc-events.taboola.com — Cisco Umbrella Rank: 16233
imprammp.taboola.com — Cisco Umbrella Rank: 15906
am-match.taboola.com — Cisco Umbrella Rank: 16049
am-vid-events.taboola.com — Cisco Umbrella Rank: 14973
pips.taboola.com — Cisco Umbrella Rank: 1574
cds.taboola.com — Cisco Umbrella Rank: 1786
433 KB
10 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 767
gum.criteo.com — Cisco Umbrella Rank: 426
mug.criteo.com — Cisco Umbrella Rank: 2631
15 KB
10 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
stats.g.doubleclick.net — Cisco Umbrella Rank: 87
ad.doubleclick.net — Cisco Umbrella Rank: 173
cm.g.doubleclick.net — Cisco Umbrella Rank: 237
159 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
cd2020116f48f83919f82302ca852368.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
55 KB
9 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 589
match.adsrvr.org — Cisco Umbrella Rank: 348
direct.adsrvr.org — Cisco Umbrella Rank: 3526
3 KB
8 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1078
x.bidswitch.net — Cisco Umbrella Rank: 342
3 KB
8 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 512
image8.pubmatic.com — Cisco Umbrella Rank: 653
image2.pubmatic.com — Cisco Umbrella Rank: 895
1 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 327
aax.amazon-adsystem.com — Cisco Umbrella Rank: 404
67 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 583
eb2.3lift.com — Cisco Umbrella Rank: 388
2 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
region1.google-analytics.com — Cisco Umbrella Rank: 2547
21 KB
4 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 2919
2 KB
4 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 567
as-sec.casalemedia.com Failed
dsum.casalemedia.com — Cisco Umbrella Rank: 1377
3 KB
4 kargo.com
krk2.kargo.com — Cisco Umbrella Rank: 2994
2 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
3 KB
4 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 739
3 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 897
api.btloader.com — Cisco Umbrella Rank: 1014
8 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 451
ups.analytics.yahoo.com — Cisco Umbrella Rank: 326
976 B
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 603
74 KB
3 google.com
ampcid.google.com — Cisco Umbrella Rank: 2618
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
185 KB
3 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2033
74 KB
2 a2z.com
prod.tahoe-analytics.publishers.advertising.a2z.com
372 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1048
1 KB
2 trackonomics.net
cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 6060
fr-actions.trackonomics.net — Cisco Umbrella Rank: 12342
28 KB
2 ml314.com
ml314.com — Cisco Umbrella Rank: 1767
11 KB
2 google.de
ampcid.google.de — Cisco Umbrella Rank: 70722
www.google.de — Cisco Umbrella Rank: 6457
777 B
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1043
ats.rlcdn.com — Cisco Umbrella Rank: 3550
78 KB
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 488
354 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 165
3 KB
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6505
343 B
1 trx-hub.com
trx-hub.com — Cisco Umbrella Rank: 6692
463 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1934
609 B
1 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 510
916 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 311
17 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1354
201 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 2283
312 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5443
168 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1548
15 KB
1 videoplayerhub.com
kinja-com.videoplayerhub.com — Cisco Umbrella Rank: 35534
457 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
16 KB
1 kinja.com
kinja.com — Cisco Umbrella Rank: 29374
1 KB
1 speedcurve.com
cdn.speedcurve.com — Cisco Umbrella Rank: 6394
8 KB
235 45
Domain Requested by
33 www.theonion.com 1 redirects www.theonion.com
25 i.kinja-img.com www.theonion.com
18 x.kinja-static.com www.theonion.com
tagan.adlightning.com
10 cdn.taboola.com www.theonion.com
cdn.taboola.com
8 f.kinja-static.com www.theonion.com
6 securepubads.g.doubleclick.net www.theonion.com
tagan.adlightning.com
securepubads.g.doubleclick.net
5 pagead2.googlesyndication.com imasdk.googleapis.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 x.bidswitch.net 3 redirects imprammp.taboola.com
4 gum.criteo.com 2 redirects tagan.adlightning.com
4 direct.adsrvr.org x.kinja-static.com
4 grid.bidswitch.net x.kinja-static.com
4 hb.yellowblue.io x.kinja-static.com
4 hbopenbid.pubmatic.com x.kinja-static.com
4 krk2.kargo.com x.kinja-static.com
4 tlx.3lift.com x.kinja-static.com
4 bidder.criteo.com x.kinja-static.com
4 ib.adnxs.com x.kinja-static.com
4 pixel.adsafeprotected.com x.kinja-static.com
4 aax.amazon-adsystem.com c.amazon-adsystem.com
4 match.adsrvr.org js-sec.indexww.com
imprammp.taboola.com
am-match.taboola.com
3 image8.pubmatic.com 2 redirects
3 dsum.casalemedia.com 2 redirects
3 tpc.googlesyndication.com tagan.adlightning.com
3 api.btloader.com kinja-com.videoplayerhub.com
3 vidstat.taboola.com tagan.adlightning.com
3 static.criteo.net tagan.adlightning.com
x.kinja-static.com
static.criteo.net
3 c.amazon-adsystem.com www.theonion.com
c.amazon-adsystem.com
3 www.googletagmanager.com www.theonion.com
www.googletagmanager.com
3 tagan.adlightning.com www.theonion.com
tagan.adlightning.com
3 www.google-analytics.com www.theonion.com
www.google-analytics.com
2 prod.tahoe-analytics.publishers.advertising.a2z.com c.amazon-adsystem.com
2 pr-bh.ybp.yahoo.com imprammp.taboola.com
am-match.taboola.com
2 mug.criteo.com
2 www.google.com tagan.adlightning.com
2 region1.google-analytics.com www.googletagmanager.com
2 ad-delivery.net
2 stats.g.doubleclick.net www.google-analytics.com
2 am-trc-events.taboola.com cdn.taboola.com
2 ml314.com www.theonion.com
ml314.com
2 trc.taboola.com cdn.taboola.com
2 imasdk.googleapis.com www.theonion.com
tagan.adlightning.com
2 sb.scorecardresearch.com www.theonion.com
1 image2.pubmatic.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 eb2.3lift.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 trx-hub.com
1 fr-actions.trackonomics.net cdn-magiclinks.trackonomics.net
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 ups.analytics.yahoo.com am-match.taboola.com
1 am-vid-events.taboola.com
1 am-match.taboola.com tagan.adlightning.com
1 imprammp.taboola.com tagan.adlightning.com
1 cd2020116f48f83919f82302ca852368.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.google.de
1 geo.privacymanager.io ats.rlcdn.com
1 ad.doubleclick.net
1 htlb.casalemedia.com x.kinja-static.com
1 fastlane.rubiconproject.com x.kinja-static.com
1 ats.rlcdn.com tagan.adlightning.com
1 cdn-magiclinks.trackonomics.net tagan.adlightning.com
1 s0.2mdn.net imasdk.googleapis.com
1 ping.chartbeat.net
1 ampcid.google.de www.google-analytics.com
1 api.rlcdn.com js-sec.indexww.com
1 idx.liadm.com js-sec.indexww.com
1 id.sv.rkdms.com js-sec.indexww.com
1 insight.adsrvr.org
1 static.chartbeat.com tagan.adlightning.com
1 btloader.com
1 kinja-com.videoplayerhub.com 1 redirects
1 ampcid.google.com www.google-analytics.com
1 js-sec.indexww.com www.theonion.com
1 kinja.com www.theonion.com
1 cdn.speedcurve.com www.theonion.com
0 as-sec.casalemedia.com Failed js-sec.indexww.com
0 no.kinja-img.com Failed www.theonion.com
235 78
Subject Issuer Validity Valid
*.avclub.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-02 -
2024-09-02
a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA
2022-12-15 -
2023-12-28
a year crt.sh
*.speedcurve.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-04-19 -
2024-05-20
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01
2023-07-08 -
2024-08-05
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-10-06 -
2023-10-05
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1
2023-05-16 -
2024-06-06
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
securedvisit.com
Amazon RSA 2048 M03
2023-08-16 -
2024-09-13
a year crt.sh
*.liadm.com
Amazon RSA 2048 M01
2023-02-21 -
2023-10-29
8 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
*.google.de
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2022-12-19 -
2023-12-30
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
ml314.com
GTS CA 1D4
2023-08-05 -
2023-11-03
3 months crt.sh
*.trackonomics.net
Sectigo RSA Domain Validation Secure Server CA
2022-12-01 -
2023-12-01
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02
2023-03-29 -
2024-04-27
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-05 -
2023-10-31
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-19 -
2023-10-18
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.dev.kargo.com
Amazon RSA 2048 M01
2023-02-13 -
2024-03-12
a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
*.yellowblue.io
Amazon RSA 2048 M01
2023-03-24 -
2024-04-21
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
api.btloader.com
GTS CA 1D4
2023-08-11 -
2023-11-09
3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M01
2023-07-27 -
2024-08-24
a year crt.sh
www.google.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
www.google.de
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-04-04 -
2023-09-27
6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-03 -
2024-01-24
6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh
*.trx-hub.com
Amazon RSA 2048 M02
2023-01-21 -
2024-02-19
a year crt.sh
prod.tahoe-analytics.publishers.advertising.a2z.com
Amazon RSA 2048 M01
2023-02-21 -
2024-03-21
a year crt.sh

This page contains 11 frames:

Primary Page: https://www.theonion.com/
Frame ID: EB545E35FA655952E6832FB3ECB7AA8F
Requests: 214 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Frame ID: 8DC2E2DF444A9BD0121B5D49D05923FE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: BCB0D51305173529F2E98E2E3D4DB926
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.theonion.com
Frame ID: A965705D6771851B04E31B2073E0A950
Requests: 2 HTTP requests in this frame

Frame: https://cd2020116f48f83919f82302ca852368.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7BB064C855DA5D5881728120FD22552B
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8UrACLAa4zxSqaZlt8xJwnylU0zLb5i0AAABgYID-AMmthhPDZGZaC2c2y1o0s6zcyo1nsRaOdjPHZjDcWDbGISC51XBimMxMa-HMZlmLZpaVW7nxLNbC0W7m2AyGG8vGOAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKQUHeTy250Od3-AAAAAAACAAAAgAQAQj9PCQAZEsET__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQlxLGM4Zl3FQiBbRFGAEAAACA-j8wOzJJJ6hYVPn__--3AnAFACBAESngJT-L7qDEWxgAAAAAMXgZ8lVK1IapYxboYfH7zQ67xu92mf________9_M_9n_tEIHXGlpAkaKPxQ8wsIALDmFxAAgM24AQB4IwAn5GSg6XT4XPd63e93Fx1dfrvTb7dr_G6_6BC0YjBYnYCYHQAAAIA7_____3jwMuSrlKgNU_WAjHM5GJlMhuFkNbNMJqaRyzHxTUY2j3Pjmkwcju1B7LFexQevZ-0jIiyz33cQ8t0uw8PnMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBFO-yWpmmuzWIttm5BZtRha3cjNcuGWz4XKx3Dgng9nELXp9TBeXc7LZzbxIMMBkL5KnRTpRbUaziW83cpgmtonHs9lYXMvhYLFcjIbD4cbkmoglmpNFOpFd9h3ncjAymQzDyWpmmUxMI5dj4puMbB7nxjWZOBz7lm-ympkmu7XIthm5RZuRxa3cDBdu2Wy4XCw3zslgNnGLXh_TxeWcbHYzf2O23Iwmq8VqsW_MlpvRZLVYLfYdJtMz9TkbrTHx5SNzZkY3h-vmNChcBov3JzEtpt3ZwXT2HZ025bbZ2Rn9fr_f7_f7_X6_36D1HMwGhe9b9ht1a7E5WNwcDGKDQRFLBBfpROd3u0xOh2MtOrr8dqffbhFLlKaLdKIv-t0uw8Pn8lfEEsHpIp0I_W6XRf1HDDiYS1aruW6uGExWCQAAAAAAAADAEkwz3QQAAADAyaCGy8Vitk4HMxnOFqPZcgFceJLp-nnnRPWdCkrbJdOYQHYhJGNcrLHHIs7vdpmcDsdadHT57U6_3coALjytmG32GUGs1WpZAwAAEMAGAAAgwE033gSkUHH_____4wAAAMjIoQcAAEC_D4hqdmZmZmaGH0EOZ6P9A1Ah1mq1ut1Yq9UKWHDL3Wozgf____8!&cmcv=&pix=undefined&cb=1693425152765&uv=3322&tms=1693425152765&abt=nonrv_vA!u2822_vA!ufm_vE!ul3328_vB!unf_vC&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=758b02f4-8ff2-4f2e-9c31-847f1308c2c8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 4D568550D5DBE0E202A0EA1A1B811235
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8UrACLAa4zxSqaZlt8xJwnylU0zLb5i0AAABgYID-AMmthhPDZGZaC2c2y1o0s6zcyo1nsRaOdjPHZjDcWDbGISC51XBimMxMa-HMZlmLZpaVW7nxLNbC0W7m2AyGG8vGOAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKQUHeTy250Od3-AAAAAAACAAAAgAQAQj9PCQAZEsET__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQlxLGM4Zl3FQiBbRFGAEAAACA-j8wOzJJJ6hYVPn__--3AnAFACBAESngJT-L7qDEWxgAAAAAMXgZ8lVK1IapYxboYfH7zQ67xu92mf________9_M_9n_tEIHXGlpAkaKPxQ8wsIALDmFxAAgM24AQB4IwAn5GSg6XT4XPd63e93Fx1dfrvTb7dr_G6_6BC0YjBYnYCYHQAAAIA7_____3jwMuSrlKgNU_WAjHM5GJlMhuFkNbNMJqaRyzHxTUY2j3Pjmkwcju1B7LFexQevZ-0jIiyz33cQ8t0uw8PnMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBFO-yWpmmuzWIttm5BZtRha3cjNcuGWz4XKx3Dgng9nELXp9TBeXc7LZzbxIMMBkL5KnRTpRbUaziW83cpgmtonHs9lYXMvhYLFcjIbD4cbkmoglmpNFOpFd9h3ncjAymQzDyWpmmUxMI5dj4puMbB7nxjWZOBz7lm-ympkmu7XIthm5RZuRxa3cDBdu2Wy4XCw3zslgNnGLXh_TxeWcbHYzf2O23Iwmq8VqsW_MlpvRZLVYLfYdJtMz9TkbrTHx5SNzZkY3h-vmNChcBov3JzEtpt3ZwXT2HZ025bbZ2Rn9fr_f7_f7_X6_36D1HMwGhe9b9ht1a7E5WNwcDGKDQRFLBBfpROd3u0xOh2MtOrr8dqffbhFLlKaLdKIv-t0uw8Pn8lfEEsHpIp0I_W6XRf1HDDiYS1aruW6uGExWCQAAAAAAAADAEkwz3QQAAADAyaCGy8Vitk4HMxnOFqPZcgFceJLp-nnnRPWdCkrbJdOYQHYhJGNcrLHHIs7vdpmcDsdadHT57U6_3coALjytmG32GUGs1WpZAwAAEMAGAAAgwE033gSkUHH_____4wAAAMjIoQcAAEC_D4hqdmZmZmaGH0EOZ6P9A1Ah1mq1ut1Yq9UKWHDL3Wozgf____8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: E40C71342A6400AD05791C739F157225
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 17E9C35C7BF8CB7C50A4E0667F0DA8AD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 25BF6A5825B33402DEA07F37113733D9
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com
Frame ID: FF01BDAA5630267F0C9DEB66374B9E87
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8UrACLAa4zxSqaZlt8xJwnylU0zLb5i0AAABgYID-AMmthhPDZGZaC2c2y1o0s6zcyo1nsRaOdjPHZjDcWDbGISC51XBimMxMa-HMZlmLZpaVW7nxLNbC0W7m2AyGG8vGOAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKQUHeTy250Od3-AAAAAAACAAAAgAQAQj9PCQAZEsET__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQlxLGM4Zl3FQiBbRFGAEAAACA-j8wOzJJJ6hYVPn__--3AnAFACBAESngJT-L7qDEWxgAAAAAMXgZ8lVK1IapYxboYfH7zQ67xu92mf________9_M_9n_tEIHXGlpAkaKPxQ8wsIALDmFxAAgM24AQB4IwAn5GSg6XT4XPd63e93Fx1dfrvTb7dr_G6_6BC0YjBYnYCYHQAAAIA7_____3jwMuSrlKgNU_WAjHM5GJlMhuFkNbNMJqaRyzHxTUY2j3Pjmkwcju1B7LFexQevZ-0jIiyz33cQ8t0uw8PnMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBFO-yWpmmuzWIttm5BZtRha3cjNcuGWz4XKx3Dgng9nELXp9TBeXc7LZzbxIMMBkL5KnRTpRbUaziW83cpgmtonHs9lYXMvhYLFcjIbD4cbkmoglmpNFOpFd9h3ncjAymQzDyWpmmUxMI5dj4puMbB7nxjWZOBz7lm-ympkmu7XIthm5RZuRxa3cDBdu2Wy4XCw3zslgNnGLXh_TxeWcbHYzf2O23Iwmq8VqsW_MlpvRZLVYLfYdJtMz9TkbrTHx5SNzZkY3h-vmNChcBov3JzEtpt3ZwXT2HZ025bbZ2Rn9fr_f7_f7_X6_36D1HMwGhe9b9ht1a7E5WNwcDGKDQRFLBBfpROd3u0xOh2MtOrr8dqffbhFLlKaLdKIv-t0uw8Pn8lfEEsHpIp0I_W6XRf1HDDiYS1aruW6uGExWCQAAAAAAAADAEkwz3QQAAADAyaCGy8Vitk4HMxnOFqPZcgFceJLp-nnnRPWdCkrbJdOYQHYhJGNcrLHHIs7vdpmcDsdadHT57U6_3coALjytmG32GUGs1WpZAwAAEMAGAAAgwE033gSkUHH_____4wAAAMjIoQcAAEC_D4hqdmZmZmaGH0EOZ6P9A1Ah1mq1ut1Yq9UKWHDL3Wozgf____8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 0B2FD070643BFEBC2AC50DA55ADB078A
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

The Onion | America's Finest News Source.

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • chartbeat\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

235
Requests

96 %
HTTPS

37 %
IPv6

45
Domains

78
Subdomains

65
IPs

9
Countries

2995 kB
Transfer

8473 kB
Size

46
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://www.theonion.com/undefined HTTP 301
  • https://www.theonion.com/
Request Chain 91
  • https://kinja-com.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=kinja-com&upapi=true
Request Chain 188
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=theonion.com&sn=ChromeSyncframe&so=0&topUrl=www.theonion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=buUCAnxTbFI2NW11cHpFaC9ETi9TcEp3YnZQYXA2MjJmQjJxWFN4cGUyMUlMWFNoQUJXMzhyMm16Ry9Nek9uWFp3Z29NOTNtZ21kckZ0Q25aalNIbWdhMHJhSzJ3UmltZWRyWVNJUFBZZmNVbjFXaTlNNjYwN3F5QWhxMHNUOXkxYVRKL1pOVG54VzRBaGJ2aHQyaVgxMGY2eVZTTld2QnltK2luY1h3L3VwNDQ2aldMZVlJNUJpbHhHRnRXdnI3YjFJQktOc3hYamRRTTNLMktWcy9BMUJrak11YUI5bGdwU3h2L2ppckxrUjJZSXA4blR2NlFRNGp1QkliNURvOVdzWHdWOHBSSU9QRTduVWlwUm5qV0lnbkIrUT09fA&cppv=2
Request Chain 217
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theonion.com&sn=ChromeSyncframe&so=3&topUrl=www.theonion.com&bundle=uBGmtl9KeG5aN0p0eGY5eTFGS0lCZk5UUlR3Z0tPbElUN0R6ZGZrYndpUGdhb2xzaHVyR0dOd0tlamQ3YUoyQ3Axd1FZRWFrbW1RYW1MREoySVQ1QzdIVXhwUzklMkJBVDY0N09HV0ZmUEJJOENReW8wMWo0RUlXVnBBVUNmc1BsMVlVYjNKbU9DeDB5QnJ2RU9Nb0Ric3lFMDZsUSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=yGLkhHx6UFQyUzVPT3BlblBRbjRYTVBobXlJU1RuL2VvTnBjZHhac1ZMR0lqODIrV2k0UXpCeDE4SDQrK0lwVHJRNUJ5UGNxUUcyVWNOeGgwTktKcVdTM0M2Y2FjeDR4TjJBb1JRRkZrRUFWMHk1cUszU0ZJTE03d1Z2Y0VkSzVXbU14YUFqU1pKN1VZaDNpSDFCRjdTUkF3T04rbEViREJpOEMvRm54Q2dkU0ZrMEkxc0lLU3hSckRycWJLZDNyODBEZzFHeXRYejYvSHhUUWs1ZjM4WmZFS0J3K2FMeDJXbkhnK2doQ0IwYUlvWlZLWXJFSHoxaHhSZHFMc1BURlJ2QlpMblBiMmpxTUI0OFoySkVONUI3eXBiYmhSOVBjS2NVOEU4VHU3M0dNSExFMD18&cppv=2
Request Chain 224
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
  • https://x.bidswitch.net/sync?ssp=index&gdpr=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=index&gdpr=0 HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=55729693-17c2-4a00-a1e7-0e9cfc7fcfdf&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_7a0dcb19-3845-402d-a38c-e14b1afcdd5f&bsw_param=55729693-17c2-4a00-a1e7-0e9cfc7fcfdf&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=55729693-17c2-4a00-a1e7-0e9cfc7fcfdf&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 226
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161204 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161204&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjAyMDYyQTctOTEwMS00MkUxLTgxOTMtOTQ0RkVCNUJBNzcx&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

235 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.theonion.com/
403 KB
64 KB
Document
General
Full URL
https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
4f7aab041bcd6e908d4424a13eb5efa50b35fa22543be394c47918f086c5ac86
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
37
cache-control
stale-if-error=86400, stale-while-revalidate=300
content-encoding
gzip
content-length
64512
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 19:52:30 GMT
etag
W/"64a2c-eb7oMaucD4ULHcM8o9Zew+5ErL8"
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Authorization
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, HIT, HIT
x-cache-hits
0, 25, 1
x-cdn-fetch
mantle-default
x-content-type-options
nosniff
x-googlenews-bot
false
x-kinja
kinja-magma-kube03-64dbbbdb94-jl888 #4371
x-kinja-build
4371
x-kinja-gdpr
true
x-kinja-revision
95aa06d75eb5da911a14946766f118f6ac3746ef
x-kinja-server
kinja-magma-kube03-64dbbbdb94-jl888
x-kinja-superheroloaded
true
x-powered-by
Express
x-served-by
cache-iad-kiad7000116-IAD, cache-iad-kiad7000116-IAD, cache-fra-eddf8230022-FRA
x-timer
S1693425151.602499,VS0,VE2
x-ua-device
desktop
x-xss-protection
1; mode=block
roboto_condensed_ext_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/
22 KB
22 KB
Font
General
Full URL
https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_reg-webfont.woff2?11012022
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf63e82bd1a86cf85c62989cc15541677669740180c62e7855e00a967f18ba06
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:30 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
PVPPC4SDSFZ9Z99H
age
47
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
22464
x-amz-id-2
Hx/RPIpFFko3mr9jUmDkxMGT6No1bgMdgGUd+3weufOar/XbsOF7K+QJrNjbxlCb3eU+6HXE0vU=
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Thu, 10 Aug 2023 17:07:53 GMT
server
AmazonS3
x-timer
S1693425151.774923,VS0,VE4
etag
"07a9822d47ff9a6f495d0f1c04d185c8"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
roboto_condensed_ext_reg_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/
24 KB
24 KB
Font
General
Full URL
https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_reg_it-webfont.woff2?11012022
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d87c7ff3d2452025a212149a7dac507a9c36b0dcc9f851a52a29d2d87e8ba2b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:30 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
CM96Q2NX7V1BF0ZA
age
6
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
24548
x-amz-id-2
fG76nOznQEIrsEVA8J3axjmikpWT1Ur3jiPDa7uA9fX4kE7+Qa/iya+bQmHn9YwEcCdksZvbmKcwvi5HfJUCAQ==
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Thu, 10 Aug 2023 17:07:53 GMT
server
AmazonS3
x-timer
S1693425151.774846,VS0,VE1
etag
"f8702959a16d4d4310dc4090c484eaf0"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
roboto_condensed_ext_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/
22 KB
22 KB
Font
General
Full URL
https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_bold-webfont.woff2?11012022
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa4a10fb18a7cf972ee266856700400200e09d0557441a4aed5adf6f1d4a94a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:30 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
CJZQVA13NN3Y99E2
age
115
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
22308
x-amz-id-2
hexRpamrjyqT3FJPAAPIkGd7OYcOTa4NVwn55qif2Ifbn3pW/oAM68vuNy6z/j6T3T75b0q4Rfg=
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Thu, 10 Aug 2023 17:07:51 GMT
server
AmazonS3
x-timer
S1693425151.775333,VS0,VE0
etag
"5b89baa90ed9f475cc75193a4873c51a"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
roboto_condensed_ext_bold_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/
24 KB
24 KB
Font
General
Full URL
https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_bold_it-webfont.woff2?11012022
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32a4f630fcc22ae4d318d9d3a94ab47e165cb2026c21e58de13260c54d4eba74
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:30 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
1Z5NXDAYYHYJSPHW
age
115
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
24352
x-amz-id-2
RXiMtQ7WXXXvt93ENNzQPSgX14dVuy205Up73krOUwXJwPZGGw92i2R33h1ncSTe7zPLlZ7orxI=
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Thu, 10 Aug 2023 17:07:50 GMT
server
AmazonS3
x-timer
S1693425151.775322,VS0,VE0
etag
"3ea5bce10a12f4f87d3ca8e37e94fb83"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/
18 KB
18 KB
Font
General
Full URL
https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:30 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
H4VGHZ0SGW59WW48
age
50
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
17984
x-amz-id-2
4NXjHFnzB9Aur8IiEAdWbJs3pbtNcxQNRB0Ahl30HF3XljJ1wSKbHWq3ADz2bapOCv85mkaNhYG6S7aHedWco186HDDP3fdr
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Mon, 28 Aug 2023 20:26:35 GMT
server
AmazonS3
x-timer
S1693425151.775345,VS0,VE4
etag
"0518781cd45a71291d17ea1febfcc5fe"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-56.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 04:10:22 GMT
content-encoding
gzip
via
1.1 d0b402ca7e5fc6514bdd05f23e206b58.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
56899
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
9BYqb7Zp3CrY8dLbR_HnpUjJaHZA4l-1QBwgbumhSgD6Gccr6jogGw==
lux.js
cdn.speedcurve.com/js/
20 KB
8 KB
Script
General
Full URL
https://cdn.speedcurve.com/js/lux.js?id=527761496
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
011dad980a801289498cce97d90465afa8000729e8113a04f25acb0a2922425f

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-cache-hits
5
date
Wed, 30 Aug 2023 19:52:30 GMT
via
1.1 vegur, 1.1 varnish
content-encoding
gzip
age
1570
x-cache
HIT
content-length
8037
x-served-by
cache-fra-eddf8230095-FRA
last-modified
Wed, 30 Aug 2023 19:26:21 GMT
server
Apache
x-timer
S1693425151.784389,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 19:26:21 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Aug 2023 19:44:23 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
487
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 30 Aug 2023 21:44:23 GMT
1ce10a92d37bffe6e597a7d0410be110.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,q_60,w_645/
17 KB
18 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,q_60,w_645/1ce10a92d37bffe6e597a7d0410be110.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0762dd2825f8237a7275865ca79a2aa38803f9a6dac6553de920746cfde9bc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
0n6QM0nQmAxS4I0P9FWHjDf161mjSb8C
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
FSZVQQM5SNSN02BG
age
34638
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=2915130 idim=2000x1125 ifmt=png ofsz=17916 odim=645x362 ofmt=webp
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
17916
x-amz-id-2
sJLnM4kfSw35rs2KbnHN2iXOVKL1fUB7/QOYneqyiOsCzn/XpesnpWnZEPRe27g7psc1YKoOr2k=
x-served-by
cache-iad-kcgs7200137-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.718379,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=362&quality=60&width=645
etag
"2286lLRnAi8uDt2G2izAxowakPM/rh895+EI1/AbqaU"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
25, 1
bf1b4d17cd72c3ad1d5ced8801f56f33.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
10 KB
10 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/bf1b4d17cd72c3ad1d5ced8801f56f33.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aef1eed9da2f24886beef595dd97420413c814b854ef64eb056fa2a7681b8790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
2f5cooB8L6mlJSMTtOD2UZmFuQ7rKGV5
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
YSY331CWDZNFRG32
age
25309
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=7350489 idim=3296x1855 ifmt=jpeg ofsz=9916 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
9916
x-amz-id-2
JReT1TBjTbM0aCeaK/oaH1Ov1bEIP9YYkKCOPa30P1bEzCiyoGYpGyOsAMvgOc+ai5QfyCS18a4=
x-served-by
cache-iad-kcgs7200135-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.742408,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"s7Mw2wXri9UyOrmIOOW/VCwZ2WY1l1L6E1s5ldzh9JQ"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
25, 1
3f4a9bc2b4fe118aa7efdb553d5122c2.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
4 KB
4 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/3f4a9bc2b4fe118aa7efdb553d5122c2.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81ef30240bc48ae773988015839cc195340d0ab7ce8c589d6a09ee750ca0f94c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
f.7lMNs3L.nvUUvsWSVe3ItwzGa5nOjo
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
P2YBFWQNQ988EA45
age
114136
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=315754 idim=2000x1125 ifmt=jpeg ofsz=3878 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
3878
x-amz-id-2
L6nkkL5kKJPSWR9Qigkyoa9gy7WcPIJPsdm9Jj/m0VFK4ZZl4Ia5UYpgSVSIIh1/yWWJZQPG0CrK4Ow+fbwXaQ==
x-served-by
cache-iad-kiad7000035-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.718366,VS0,VE0
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"8OnWFLZ8KaHoFTq8szhM+WAT3wza238XjWEgx0d1pyA"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
4, 5
107a8fa55663a886c64b6e802b12229e.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
9 KB
9 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/107a8fa55663a886c64b6e802b12229e.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed40e16159c08476c9285c93b2aa86f35e24f201a6e99e94540a67e24b444bb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
27DfqQbSrMeO0gBXHIWwncFB0NHxQ8.5
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
H3KYV0T8D1MY2QSB
age
114769
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=1511507 idim=2000x1125 ifmt=jpeg ofsz=8828 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
8828
x-amz-id-2
zOR4KMClNruydd6cKxQ95ZbFCjQUjk74/f3J2VDox8OM5VzmJq8uUsEmbNoSo2n/iK/RyMn4xrY=
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.718420,VS0,VE15
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"CRX63g2BiUnJqzCLR8vEuuYQtNMRJfcl3HSP7V037RQ"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
5, 1
8a120c6cbe99ee49938fe248071add48.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
3 KB
4 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/8a120c6cbe99ee49938fe248071add48.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b03be9ed219161fed91726154c0305605a3a7872da39b0be1251ce92e26c426f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
G1i_RlYRY5kQkWqRqoersmT0q60Fk7kL
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
3N9MEBYH3Y37MT8W
age
105570
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=1956035 idim=2000x1125 ifmt=jpeg ofsz=3568 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
3568
x-amz-id-2
ZeYBKY9GJ5Y65t5j9EdpKDAn4bWg8ptYmz12vKFH8sQznGW0Tj9G5IV/4ZyEAzJGlcvvmfHrNTo=
x-served-by
cache-iad-kjyo7100083-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.717420,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"N7qbmocxD2gtt6vOW6pkPl7lGxBMJuWFc6zg/qadbro"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
61, 1
197xrjaz7466rpng.png
no.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_542,pg_1,q_60,w_965/
0
0

truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
cc744352b5aabce728ba4637341b75ff.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
14 KB
14 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/cc744352b5aabce728ba4637341b75ff.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48d09caf38492137c2f30630c2ed96167d45eeb1bbc70391e0b65827b0547f05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
lEayj3478NyI1BI.Tc1qBzsYKZyepadZ
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
ZM2JDE5MA80Q9ZFB
age
120109
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=3194420 idim=2000x1125 ifmt=png ofsz=14100 odim=340x191 ofmt=webp
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
14100
x-amz-id-2
XyOFmTkWKd/MPnXjOvR4QtpYbrrrKwjGpjloRmS1hbU2lB4SQzBrpXJpIZiTp32BXrSwNUSA2j6yw3TFs+Kx+g==
x-served-by
cache-iad-kcgs7200082-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.718371,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"K3eBvalGmsGb2x23uODN+lFXOl4k6W2fcHnQxTRA+rc"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
19, 1
0fb6f31fbceba7f35c15fb0b9eaf7fc0.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
8 KB
9 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/0fb6f31fbceba7f35c15fb0b9eaf7fc0.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e154c70088aabc1d14600fab649eca01dfbac0ab1eb63adc0f13306fbb97f06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
y03_UypooOiid.OhEnlLe6yAgLASoKUi
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
AX33SP3Y9F7KJ13D
age
114597
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=398672 idim=2000x1125 ifmt=jpeg ofsz=8450 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
8450
x-amz-id-2
IzfQxzXsezLvDBe7IaO/hxCzrrs6v475EhaWENXKhJP3DBmYDlNUw75kW9LesKg8ERaM8P6Sm11y53ym7f/sKA==
x-served-by
cache-iad-kjyo7100040-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.761694,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"yO5VcyLH4BTFFkuDCG2DC284rCRRiWgTAVcOd0+h0N8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
3, 1
85049466e9f9a8e8e81ffb0ecc1f24e5.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
7 KB
7 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/85049466e9f9a8e8e81ffb0ecc1f24e5.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b38414436bcbc1f552127d33a308114b2d9e7a1b8c487cb46fde965dec10ed0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
ldeUjh3Vw05xsWWyDsd4go4rBN20rS84
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
W9GY18JN90E6WAMJ
age
113186
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=403573 idim=2000x1125 ifmt=jpeg ofsz=6992 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
6992
x-amz-id-2
z0bxC1lBoPzfG4kSZpEOiDI6HiDFZ9JzQs08QYFtn64Ob0Le9FPAVlqJFsvU1Id7IFO/Z4B6ENo=
x-served-by
cache-iad-kiad7000142-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.761698,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"dZ/YspK+LPlI+eA/CUYoKMcrII+edbIUfZdnIRri7cw"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
25, 1
27c914c1a018e7ac4f1c5d8dbaffcbf1.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
12 KB
12 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/27c914c1a018e7ac4f1c5d8dbaffcbf1.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a7494491d0075de9164dc24492a7d902835ad5af0fb68cb3b9116bf4d8099b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
0GYSZruJc_aKLkVnTPK5u.CO0K7qPTaG
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
AVQ9X1QPQ8F9MHED
age
182385
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=1926715 idim=2000x1125 ifmt=jpeg ofsz=11894 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
11894
x-amz-id-2
8Wsjr4O7Do87jF3fu9IGkOBBeuZgmT6+mzfvrU85hBdD7+v6GzXveHXN31sU8pUgApwU+D+c7E8=
x-served-by
cache-iad-kcgs7200073-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.766725,VS0,VE3
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"4ORTmE6HNzF8HHIFUKSsrWF6ZISQZbiPgiC1Xon8Ang"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
9, 1
e81c30abc689319b3ef8cd9051b98aba.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
3 KB
3 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/e81c30abc689319b3ef8cd9051b98aba.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25101228f817fa931cc3d76917b2b05d65c9e8f6e65915e0840a88272bf70417

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
8fIbS2GtKCTB_DvyAWFc4cbLa9xENHVm
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
6EVGW8H5BNH2PAN4
age
180049
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=1667198 idim=2000x1125 ifmt=jpeg ofsz=2592 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
2592
x-amz-id-2
Mf0+aKNsmQFPmfP43WPaHOCLbswq8dOgQ70WOgaxMkimid9BpRWZZ031g0WxmsAZaSFgdaHImmc=
x-served-by
cache-iad-kiad7000057-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.767645,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"7E+oukaDXeVrU76Q5yIXfPQX8hjxwxGgx6hHU8NAbRs"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
43, 1
1a118a074751d50d840530f7f7b43020.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
9 KB
9 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/1a118a074751d50d840530f7f7b43020.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0cb3dda9190f5e8cf6164631ed25c9bc3cf44070c6b35d4d17cdff94a2f22a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
AR_yzOAMxXiGQQl4k8P2ZfnZgJp4OoMX
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
B1RG1QBP99E9FSV1
age
437638
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=2898364 idim=2000x1125 ifmt=jpeg ofsz=9394 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
9394
x-amz-id-2
PSrV5E+ZzgR388gIL8ayUzHg9IV53RPys0l7ZeCTl8xUC4mGc7uU9Ev810x8P0Kv0jv3lEiWXsjrBFTERRUxGw==
x-served-by
cache-iad-kiad7000139-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.785482,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"9IbpPQDVuQE8MS5H4oCW+qniX2eKfQNRNRF4cUvfvbQ"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
38, 1
a1ce6db452cce8e99cac8c6c5982d758.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
6 KB
6 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/a1ce6db452cce8e99cac8c6c5982d758.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0545e68feb0aafb0072d79dbcbb983943db06ba045e139ee2c40925ce1dc006

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
wnd1rrGat5fzNe_rZYPuDb85BCPq4teC
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
H19KDY2G7KW1VW53
age
437210
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=1497541 idim=2000x1125 ifmt=jpeg ofsz=5648 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
5648
x-amz-id-2
nJ9Wt5FjEepQvD9UD/pBDhVSOdlIII/TnR06n7QX4vXAusU+mwkaN5JI6XOZNtbrJycUqqdcKXA=
x-served-by
cache-iad-kjyo7100041-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.803871,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"36ijs8e+ique/MHyNQZe8vpq4OvNhzBGnN+wk17mnnI"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
7, 1
699d5d4d94ca44cb94111f77aa6147b3.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
9 KB
10 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/699d5d4d94ca44cb94111f77aa6147b3.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f5c414f6dae43aec01f9b92791103b1edece23c0c24e529c24b63e567b5f429

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
ZenvHhAIDkewN22YpAdcPODBem8m9iMT
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
BRJWR19WFRX5K9YM
age
203473
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=452242 idim=2000x1125 ifmt=jpeg ofsz=9402 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
9402
x-amz-id-2
C7ydQdNd+/fLYorMF9Oxe/8b0DgOf5c5gXc3GUWqvHupfuZXHKf4ZVBRL6mtaaH5O1OjO5k6cZWDjQMon+D7aew2o0xwIfhJ
x-served-by
cache-iad-kjyo7100147-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.805124,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"yLRKeyQSznw9ocbsi2sBCh7zzWPWleGRXfCVZ/DPtFk"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
8, 1
cazrxsawy9myp8x6ntzs.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
16 KB
17 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/cazrxsawy9myp8x6ntzs.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a46765c3a8228486ba77199273289136a3fbe42c2d316573b359f8d0b2f3f660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
multipartBody5033244576498070153asTemporaryFile
x-amz-version-id
null
via
1.1 varnish, 1.1 varnish
x-amz-meta-cld-surrogate-reporting
width=5472,height=3078
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-meta-cld-transformation-id
10000011314925
x-amz-request-id
TW4CHFPEVSVKNXYZ
age
202573
x-amz-meta-cld-version
1603731507
x-cache
HIT, HIT
fastly-io-info
ifsz=20315987 idim=5472x3078 ifmt=jpeg ofsz=16790 odim=340x191 ofmt=webp
x-amz-storage-class
STANDARD_IA
x-amz-meta-cld-surrogate-key
542928951760849173050782345902920893569
fastly-stats
io=1
content-length
16790
x-amz-id-2
3bcBopz7Iga+MC5ag3qaKJxyzdAFXDC2v857SqriyMee5+M4r2WTdcSXffwNe5LmJTMPmTw2xpY=
x-served-by
cache-iad-kcgs7200153-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.811172,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"IQJFFFNRo5UPaladatY86j8z7ZsXqqOnFFCnMp+b86w"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
2569, 1
15ffd5d17584c6de7c8c084ea75b1412.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
15 KB
16 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/15ffd5d17584c6de7c8c084ea75b1412.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2ac3c6ad856125bd1122c6e35f74a5ee649282ad8fe4e8f8f5faf16c24a8adf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
23JZ27N3GE7AvHfV99m4L9Id9NsI3E1S
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
XPRECPJ1R5GG2EK0
age
24985
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=1134782 idim=3270x2289 ifmt=jpeg ofsz=15778 odim=340x191 ofmt=webp
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
15778
x-amz-id-2
CGJjHSRdhqRrzGBWVGOLE6zLoFcVIEQTJloKZNhrG1W1YfulFvEpgPon1IdSmzucJHlo+jrlbhU=
x-served-by
cache-iad-kcgs7200177-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.811085,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"G2r+8CJiecvT9v55MR1M6fjU/KGFHWhvL1ma/DfXytc"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
25, 1
eaab982c393534892f485454d326eb7d.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
9 KB
10 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/eaab982c393534892f485454d326eb7d.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f72ac06186a8830f72d15cde95559cf9ade12ecf132be6af5903a2de02ece7de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
fo6a_BZHoOZvtsViwJq3b6GfyxpT4DaE
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
MTVWV7Z91SQ5FPDQ
age
435457
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=3218064 idim=2000x1125 ifmt=png ofsz=9266 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
9266
x-amz-id-2
j6mcmGV6FHzmLPaZY+YUMioVLE0WPtzEMHEH6lXBzyqtVTTwDbm2h+vEgWfRw7Cc22PKfBeLhNOj+eMHLC+S2d1eaj/xskjEYWvQg88Xy4o=
x-served-by
cache-iad-kiad7000129-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.812313,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"yVBivCkHKgg3oSS1DkQmd5Mgi23mOuMoQ5XucXxV7es"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
4007, 1
a1glirmtpgnnrgkq96yv.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
9 KB
10 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/a1glirmtpgnnrgkq96yv.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98555f82ad12532d426de758a88dbfe0d27a0d57f42a62cce2c700a6891ae6c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-meta-cld-original-filename
AmericanVoice_OG_FINAL
x-amz-version-id
null
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-meta-cld-interesting
{"eyedea":[[427,10,347,463],[54,70,312,416],[804,10,336,448]]}
x-amz-meta-cld-transformation-id
10000011314925
x-amz-request-id
AABGX437NF7GA0YA
age
1546676
x-amz-meta-cld-version
1526415104
x-cache
HIT, HIT
fastly-io-info
ifsz=761483 idim=1200x627 ifmt=jpeg ofsz=9086 odim=340x191 ofmt=webp
x-amz-storage-class
STANDARD_IA
x-amz-meta-cld-surrogate-key
518906947868701340742262034292367127578
fastly-stats
io=1
content-length
9086
x-amz-id-2
W/C7kjZ4a8YjMbbQ2pD4nvVCHOoh9Hup617219g0iwYPtNB3M4rW00R7fxc/1WP36U/Uo46voc4=
x-served-by
cache-iad-kjyo7100116-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.828075,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"PRBmtvRCn9V0E1H9+X/6W8GnpVgLvyY1cPsdlyxihnA"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-amz-meta-cld-original-extension
jpg
x-cache-hits
18, 1
a20cb7439c5dfc072a53090121754753.jpg
i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,g_center,q_60,w_340/
9 KB
10 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,g_center,q_60,w_340/a20cb7439c5dfc072a53090121754753.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a072e7ac80c8b36d36bd2a48bfbe367bb3730628c62e8af8c8f0cb67281ac87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
O5lwXgM91KK2a9YjjZgkK7E4z471osNs
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
FY0HT1C3XGYEDR1G
age
546226
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
fastly-io-info
ifsz=1200793 idim=1567x2000 ifmt=jpeg ofsz=9514 odim=340x434 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
9514
x-amz-id-2
zDnmcu1kmSxTlpCOdAhgLFSJcdOo3hKqO8k/fPxwN8ZJZq7oXBMgFBEqxA54QfDhQx6QAftXObk=
x-served-by
cache-iad-kiad7000151-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.850411,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&format=pjpg&frame=1&quality=60&width=340
etag
"/VGF8mbXaWgog4nEtdi5/FSKaAGOCOOirgq7qbXirMc"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
e8fb4059d11792fda1a54e3c10da45fd.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
6 KB
6 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/e8fb4059d11792fda1a54e3c10da45fd.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b660ee3c158d1107d3a9e0c5a27720b93e725453600bad7adab4321188b42f4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
wsmiISylyfW6GdlHytFOpvlGL5CwSuh6
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
HVZKAAG6TZGXRXCZ
age
730318
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=1567075 idim=2000x1125 ifmt=jpeg ofsz=6034 odim=340x191 ofmt=webp
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
6034
x-amz-id-2
idtmlXYxZWgxnq5RjxNQ32rB57Kk1pVO6uH/7bSRG1dFZH8p+Fx7jJDFlYMafjro79yxWY3iXXA=
x-served-by
cache-iad-kcgs7200070-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.851625,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"Duy4gQMSAlzwMkWAhkYRX19+civNPAn4rJcUHehaV8c"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
2766, 1
c1de97b046d0802e68e46db4febd4616.jpg
i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,g_center,q_60,w_340/
13 KB
13 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fit,f_auto,g_center,q_60,w_340/c1de97b046d0802e68e46db4febd4616.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75827b6112bd46c888c92d68fe66b636f4ad89f6f82d3c64eb56de0e9d7ecfd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
bBwQLHviZLvnPnRF47m__tLSw431lPqi
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
04AJA66MKVPANHQ4
age
1151017
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=1893029 idim=1567x2000 ifmt=jpeg ofsz=13158 odim=340x434 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
13158
x-amz-id-2
p8h0UL8yyWi4kqJmuGT9jBpr/0idmeP70ZdbP4kSs5PrBqGpu5HNuXHA6Wk+snnCDDjuRPfQENU=
x-served-by
cache-iad-kiad7000131-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.857742,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&format=pjpg&frame=1&quality=60&width=340
etag
"UiuHgF5vQFksHGTENurVW3UhfdElKedsafQHvop+Xa4"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
260, 1
8c00957b275e0e344a0bc6ae5e374348.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
4 KB
4 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/8c00957b275e0e344a0bc6ae5e374348.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b72413abfb85928ae206daaa9d49fb61d47248beba8c25d07a7155f38a0f2fe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
qEMPw_JXxqXxgYA_lnmtEm7DBrZP0GFs
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
S81CN4FBYZ6CYTTP
age
1409741
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=459460 idim=2000x1125 ifmt=jpeg ofsz=3764 odim=340x191 ofmt=webp
x-amz-replication-status
PENDING
fastly-stats
io=1
content-length
3764
x-amz-id-2
QpU0ZTPkt+GBYJyqAgiQZTA7dVny71v2ts0rBjilfvhRu073k7Sj1AvWflPhu28wUj1NCKVCMlw=
x-served-by
cache-iad-kcgs7200142-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.857701,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"Q7fG0jpigWhojEeQgK7jcXWnFHqwup8JhblVWqrtpHE"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
64, 1
5528950cf859626ca05463ab339dd08a.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
4 KB
5 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/5528950cf859626ca05463ab339dd08a.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
491021a15a27ce05ca03cd910559cd9412215d9ec38f63d6c0083e1a3d2b7ded

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
J1Bg5BRpE0_LWiX1_4am2KFxiJ2MOnWL
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
MKRM25XQ91S9ZNK9
age
1595582
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=3047130 idim=2000x1125 ifmt=png ofsz=4450 odim=340x191 ofmt=webp
x-amz-storage-class
STANDARD_IA
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
4450
x-amz-id-2
436qQHZn2eJS640araz0XLUNGAYg2SXqZ/3845m78kNpjZVKa9tdY8O2uKG1rWNFR1+b45F52Wc=
x-served-by
cache-iad-kjyo7100121-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.858218,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"bNyRqaKQkEipyMu5hFZmBKtpLbHtP3u3dHg8JhQlGiM"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
17347, 1
245514469f53d7c0fe135b1ecba8ca58.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
4 KB
4 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/245514469f53d7c0fe135b1ecba8ca58.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f90ca0b46fb737cc8e898eedf81d9562452783fd2c6ac0882a97a230c4bbbc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
zqi_VPbfoTYhkSLec7YbAqw7dzi1hghI
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
FG12VFFD12P58963
age
1356633
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=1507644 idim=2000x1125 ifmt=jpeg ofsz=3946 odim=340x191 ofmt=webp
x-amz-storage-class
STANDARD_IA
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
3946
x-amz-id-2
YTzE/hJFQDh6jHWUMY0JF3lQvkxzdeS5YrtDPBUM7qnGEO5dSuGycmxZFDZ64Boq7lRD5t3WKkE=
x-served-by
cache-iad-kcgs7200026-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.870579,VS0,VE2
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"WZLcxwufNZrqrrFZI4U1XBIQ91iXzw1oGJ6lkQg/0I0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
27, 1
8f5ae7e271882730ba07726e8b61b537.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
16 KB
17 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/8f5ae7e271882730ba07726e8b61b537.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fa89096d7cc21077c145c2319d8092c900ea407ce4e5a17f962c30a21375263

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
a4Ma3e5TPi2U.uaDn4Uw3Bhl5SuU7x3e
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
TG8WN3G0A4F1912N
age
716309
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=2573597 idim=2000x1516 ifmt=jpeg ofsz=16806 odim=340x191 ofmt=webp
x-amz-storage-class
STANDARD_IA
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
16806
x-amz-id-2
DcpjTb3wGH9pmG1Y874i0i6FWk1BJQcnL4i8df+fFwZ8H4nlUzE+M0zJvS7liCygGbEt8eebZr8=
x-served-by
cache-iad-kjyo7100128-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.893567,VS0,VE1
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"EavQ4+6EBAaCROTW5ZYwNCkone0J76pW6P+GTWuR5GM"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
53, 1
9b4dc7739f69f3ebe210eb9aaebb9ad7.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/
3 KB
4 KB
Image
General
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/9b4dc7739f69f3ebe210eb9aaebb9ad7.jpg
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47449bd34722210f6f8cb399080c98c5c8fabd45fcfcbf670e16c2b2c709494d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
XBLXmT3sSp3lTDXsGrYykvxDyozLGu1A
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 19:52:30 GMT
x-amz-request-id
QK5592F3T8FW15GQ
age
1267034
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=2794471 idim=2000x1125 ifmt=png ofsz=3432 odim=340x191 ofmt=webp
x-amz-storage-class
STANDARD_IA
x-amz-replication-status
COMPLETED
fastly-stats
io=1
content-length
3432
x-amz-id-2
pY5ZaOPUTnrooqQ4N5kQNYtO07OR9gcoTGcX3h9Z44MV4Y+VE5nGi6mVX5Psl1rv1e01WgQbcEA=
x-served-by
cache-iad-kiad7000109-IAD, cache-fra-eddf8230022-FRA
server
AmazonS3
x-timer
S1693425151.893789,VS0,VE3
x-kinja-qs
auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag
"IcruSImg1STj0T1Mf1yvQD3C1qKmgHEkc8idBce78pQ"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
x-cache-hits
14537, 1
adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~1a7700aa.e1cabbc1d3ae99833f4a.js
www.theonion.com/x-kinja-static/assets/new-client/
7 KB
3 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~1a7700aa.e1cabbc1d3ae99833f4a.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
557f64e58e17972bffbe930e0534973a28d06da7e906ee34414a57d6cc245ccd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
MGX1Q4A954XMPQ4Y
age
1269640
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
2561
x-amz-id-2
tf7yoSn1+TSJvI092X7z5qMnG+rpGzZpqMK2tWicEKdSw3wuEyMuvBIeqoTa/9tgj5JDtl2oUPg=
x-served-by
cache-fra-etou8220087-FRA, cache-fra-eddf8230022-FRA
last-modified
Tue, 15 Aug 2023 06:30:02 GMT
server
AmazonS3
x-timer
S1693425151.701870,VS0,VE0
etag
"840e74d9ff2cecb97ccd917764a05236"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 282
runtime~taboolaLoader.683b559fe2d66b7544b6.js
www.theonion.com/x-kinja-static/assets/new-client/
2 KB
2 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~taboolaLoader.683b559fe2d66b7544b6.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3e6ff2649ac9a0611e35d957b3a5b693d0efb3a53c2ebe79e990f178a7e5768
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
QMYAKDM5CGMN64A1
age
681929
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
1220
x-amz-id-2
QBMtxqXoANM17johXgae6D8knGd/95Qt8EkZZXMjGvUi7T7eBJaVzHA0zJJuEOwrHHqfEtkE0h8=
x-served-by
cache-fra-etou8220034-FRA, cache-fra-eddf8230022-FRA
last-modified
Tue, 22 Aug 2023 18:17:59 GMT
server
AmazonS3
x-timer
S1693425151.702259,VS0,VE0
etag
"831d5c285111156a63ab4d5bd231daac"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 3
taboolaLoader.b581c41784964ed7f154.js
www.theonion.com/x-kinja-static/assets/new-client/
17 KB
5 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/taboolaLoader.b581c41784964ed7f154.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72bdedc9235a631a54746266f91519c028e486cd6383972881ea60be96eaa079
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
ETVWK7T5EG59PWTC
age
38881
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
5182
x-amz-id-2
hAeM/jF5chYPlOBqkOxtibbLDqzo5Zx0Y3AekhoTSZGUiV2R3jLwpHoXHsh0UJm5VcxTC2Pbfpw=
x-served-by
cache-fra-eddf8230029-FRA, cache-fra-eddf8230022-FRA
last-modified
Wed, 30 Aug 2023 08:58:16 GMT
server
AmazonS3
x-timer
S1693425151.703193,VS0,VE0
etag
"2d4c44f67040e4b3c10e3fa6d74c3eab"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 3
runtime~videoMediaQuerySupport.87053d08d5634a107c35.js
www.theonion.com/x-kinja-static/assets/new-client/
2 KB
1 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoMediaQuerySupport.87053d08d5634a107c35.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
VASXW9WQGWW8DSX7
age
1192847
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
774
x-amz-id-2
1fmCv5w0mRvCmNIjRcz4EdHZG4wG5/XkUKAU4ahFijzubJ4VP0I+ZO4weR/OSG0PYcFbimVVv/x0DR182Ol7sHFMDmgilBc1XycgH71rDTk=
x-served-by
cache-fra-eddf8230123-FRA, cache-fra-eddf8230022-FRA
last-modified
Wed, 16 Aug 2023 17:32:40 GMT
server
AmazonS3
x-timer
S1693425151.702678,VS0,VE0
etag
"df042ee2742c71b59300a1b35069e3aa"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2, 0, 4
videoMediaQuerySupport.b68e2424feab32dd0c91.js
www.theonion.com/x-kinja-static/assets/new-client/
1 KB
936 B
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/videoMediaQuerySupport.b68e2424feab32dd0c91.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
MB48THST2A03NK7J
age
59019
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
683
x-amz-id-2
95ANGL/KXG3Ih+CkX1b5LMFCmMsCCQEY/rXn6WqwkJ4czHGotJ4Ghegi+oGMKyGHqzUnZMLvQM8=
x-served-by
cache-fra-etou8220112-FRA, cache-fra-eddf8230022-FRA
last-modified
Tue, 29 Aug 2023 20:51:58 GMT
server
AmazonS3
x-timer
S1693425151.702674,VS0,VE0
etag
"cd8a0c9965106e2f8e59fd060ddad4f1"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 4
accountwithtoken
kinja.com/api/profile/
243 B
1 KB
Script
General
Full URL
https://kinja.com/api/profile/accountwithtoken?jsonp=_fasttoken&newFollows=true
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
530f401690d1fc7a011a220171db7aa395d116efc1a7daf496cbde561aef2510
Security Headers
Name Value
Content-Security-Policy default-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Aug 2023 19:52:30 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
master-only
x-kinja-gdpr
true
x-cache
MISS, MISS, MISS
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-ua-device
desktop
x-kinja-superheroloaded
true
x-kinja-continent
EU
x-cdn-fetch
mantle-setcookie
content-length
223
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000077-IAD, cache-iad-kiad7000077-IAD, cache-fra-eddf8230022-FRA
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-timer
S1693425151.788300,VS0,VE101
x-frame-options
DENY
vary
Accept-Encoding,Origin
content-type
application/javascript; charset=UTF-8
cache-control
no-cache, no-store, private
accept-ranges
bytes
x-kinja-country
DE
x-robots-tag
noindex, nofollow
x-cache-hits
0, 0, 0
/
www.theonion.com/
Redirect Chain
  • https://www.theonion.com/undefined
  • https://www.theonion.com/
403 KB
403 KB
Image
General
Full URL
https://www.theonion.com/
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-kinja-server
kinja-magma-kube03-64dbbbdb94-jl888
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 30 Aug 2023 19:52:30 GMT
age
37
x-kinja-build
4371
x-powered-by
Express
x-cache
MISS, HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-kinja
kinja-magma-kube03-64dbbbdb94-jl888 #4371
x-kinja-gdpr
true
x-cdn-fetch
mantle-default
content-length
64512
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000116-IAD, cache-iad-kiad7000116-IAD, cache-fra-eddf8230022-FRA
x-googlenews-bot
false
x-timer
S1693425151.798793,VS0,VE0
etag
W/"64a2c-eb7oMaucD4ULHcM8o9Zew+5ErL8"
vary
Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Authorization
content-type
text/html; charset=utf-8
cache-control
stale-if-error=86400, stale-while-revalidate=300
accept-ranges
bytes
x-kinja-revision
95aa06d75eb5da911a14946766f118f6ac3746ef
x-cache-hits
0, 25, 2

Redirect headers

x-kinja-server
kinja-magma-kube02-7569466985-cthw7
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 30 Aug 2023 19:52:30 GMT
age
69
x-kinja-build
4371
x-powered-by
Express
x-cache
MISS, HIT, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-kinja
kinja-magma-kube02-7569466985-cthw7 #4371
x-kinja-gdpr
true
x-cdn-fetch
mantle-default
content-length
35
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000128-IAD, cache-iad-kiad7000150-IAD, cache-fra-eddf8230022-FRA
x-googlenews-bot
false
x-timer
S1693425151.756325,VS0,VE2
vary
Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Accept, Authorization
content-type
text/plain; charset=utf-8
location
/
cache-control
stale-if-error=86400, stale-while-revalidate=300
accept-ranges
bytes
x-kinja-revision
95aa06d75eb5da911a14946766f118f6ac3746ef
x-cache-hits
0, 5, 1
b
sb.scorecardresearch.com/
0
224 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6770184&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1693425150794&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2F&c8=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&c9=
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-56.ams1.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:30 GMT
via
1.1 d0b402ca7e5fc6514bdd05f23e206b58.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS1-P1
x-amz-cf-id
2w9897ATosJGm43bhCNTmQP4I7gZvHxrjCsYSCx-DMsz1R_8DLXN-A==
x-cache
Miss from cloudfront
loader.js
cdn.taboola.com/libtrc/gomedia1-network/
168 KB
45 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c369f770945f1818718f1f266abc0bc6d970ff1fc7b4116538b534b77c212baa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
9qaZY1gNg4ez_iBxy9HQ.4QTwuN.qDd6
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 19:52:31 GMT
x-amz-request-id
T0FPTX9767J8Z2XC
age
114
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
45568
x-amz-id-2
XdRYJMK7IBR8IebnVObFVV6woSSDbUOoJxS2+S+j3rkzAz2IC09RQWNCosBTE5MKY71d8rnwsNE=
x-served-by
cache-fra-etou8220064-FRA
last-modified
Wed, 30 Aug 2023 09:36:37 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693425151.029036,VS0,VE5
etag
"e0bbfc27830517fabebbcdc39df56ec5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
74
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
impl.20230830-8-RELEASE.js
cdn.taboola.com/libtrc/
804 KB
167 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
37cad418c36ef3bcbffbee28600e2cdb2339a754ef141fb75c0de3c15523cd44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
nQoRCjjgoLejsC0U4vBbL4Rqsc0Bty61
content-encoding
br
via
1.1 varnish
date
Wed, 30 Aug 2023 19:52:31 GMT
x-amz-request-id
25NCCF2SSY4MV7KK
age
9007
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
170365
x-amz-id-2
mFMhg8rQ3cJ8vAxNqYxPhcriAYGLml+ucbCTWTS1sSWo4nBGpl+CsLtTuxgqETBBULTY9/kk4YU=
x-served-by
cache-fra-etou8220064-FRA
last-modified
Wed, 30 Aug 2023 09:22:24 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693425151.131040,VS0,VE1
etag
"50babf3d0729c17439bdc90bc5fbaeee"
vary
Accept-Encoding
content-type
application/javascript
abp
65
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
506
card-interference-detector.20230830-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20230830-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ea3c3316e2f39673402c4f916463eb485afae106e5db774f81d305b28358762

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
lw4epFOwCJpRYUGCscnbZEGVHFkgdsyI
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 19:52:31 GMT
x-amz-request-id
YFXAM25M44K51XFH
age
20070
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2180
x-amz-id-2
kWHjvLiGdld5/0tK4IO7a9bDotByX0lQNU2oMWR2D0cZ7XyykWu+5ZglyDXZLq/QfUuXB8A8Q40=
x-served-by
cache-fra-etou8220064-FRA
last-modified
Wed, 30 Aug 2023 14:18:01 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693425151.258532,VS0,VE0
etag
"14907783f4621ad78a4f7c0da79e1164"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
36
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
18304
gpt.js
securepubads.g.doubleclick.net/tag/js/
99 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5eaa4605d7bf9fdb19b1a0835723b82de7d2e59f507aae2dc942bcb6b0c90c6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29037
x-xss-protection
0
server
cafe
etag
435 / 19599 / m202308240101 / config-hash: 3287751012361123362
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 19:52:31 GMT
op.js
tagan.adlightning.com/gomedia/
44 KB
18 KB
Script
General
Full URL
https://tagan.adlightning.com/gomedia/op.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-76.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9eaf796a5a664d8047a052c20e7b6e6ddd19b8b83e2ea8b4bf250f8eb1dd77ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
PLtQCu0HQFhKojoz0e472mCGEP7NtWw8
content-encoding
gzip
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
date
Wed, 30 Aug 2023 19:37:13 GMT
x-amz-cf-pop
AMS1-P1
age
919
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17695
x-amz-meta-git_commit
e09f10f
last-modified
Wed, 30 Aug 2023 17:40:11 GMT
server
AmazonS3
etag
"f243c85f823787231b194e54c36143b4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
2d1J03cboYoTsakfYgA29Vk2XOqElrlARj95gDY_02zn7iScEUENnA==
vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~cde8a5fb.a5e244dc662fdfc45883.js
www.theonion.com/x-kinja-static/assets/new-client/
16 KB
6 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~cde8a5fb.a5e244dc662fdfc45883.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ab8dab0bfccdfd35b06c441f5cff15059c12e49217f565a4a437de2f2644ea0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
A2468M4QT348N7NE
age
741815
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
5541
x-amz-id-2
GxYWO0Pl5q1Oo7VlDRI5LzkrXA6zDHqNuS4pmkUobPr0cVn6Gwksk3DY8BNV+Ojn+gOA4/pgOZg=
x-served-by
cache-fra-eddf8230034-FRA, cache-fra-eddf8230022-FRA
last-modified
Mon, 21 Aug 2023 19:37:20 GMT
server
AmazonS3
x-timer
S1693425151.411360,VS0,VE0
etag
"b4ec4434a7984ad55f70a1caa70a30de"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0, 4
vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~f857917b.de504fa18f8fac33140d.js
www.theonion.com/x-kinja-static/assets/new-client/
4 KB
2 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~f857917b.de504fa18f8fac33140d.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80438ece7a3caadc84087a78ad2053385c3fd8e06aed6f889e33fb332278f607
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
MGXF5GDCSD40YEDW
age
1336720
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
1357
x-amz-id-2
zoBqXhSdVh3qSlVQPPACMXEvIdj+9H+wK2Yr1RysdUo6vYjxva2z7ZM1c3XSlQaZf2Eblhsz5lKLIdSIJWtVZA==
x-served-by
cache-fra-eddf8230055-FRA, cache-fra-eddf8230022-FRA
last-modified
Tue, 15 Aug 2023 06:30:08 GMT
server
AmazonS3
x-timer
S1693425151.414348,VS0,VE0
etag
"bd63d99b1177981a9fe3a2c17316b6da"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2, 0, 4
runtime~adManager.1c22a6e0d76907434259.js
www.theonion.com/x-kinja-static/assets/new-client/
6 KB
2 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.1c22a6e0d76907434259.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f39914fc25519caa344f949aa026d297a84fb2af1d96f9cd9892cb97820b846b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
HM9NMF85DK1E3T2F
age
87488
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
2005
x-amz-id-2
4XeKLBT/AwizrN+VU12B5vmYL1z4/B4eeiXCXIFhfoR+4pwUI97l5AwbWSmRV56QHun5oojKZGs=
x-served-by
cache-fra-etou8220114-FRA, cache-fra-eddf8230022-FRA
last-modified
Tue, 29 Aug 2023 19:28:16 GMT
server
AmazonS3
x-timer
S1693425151.415138,VS0,VE0
etag
"e35bf0e59ed54b359f33d7cc933bda33"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 4
adManager~video-html5-playlist~videoHtml5.8e7ea61bbdf1e8fd6cb6.js
www.theonion.com/x-kinja-static/assets/new-client/
6 KB
3 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adManager~video-html5-playlist~videoHtml5.8e7ea61bbdf1e8fd6cb6.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9653a847897107ec0dea87337c6ab54924c44cab284f729784f652e90eb2964b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
3GV4PQNG9DDPAWG6
age
46274
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
2357
x-amz-id-2
Ac297F557JMCzOYqJ/16mcy9CgpdXlgk9zD4NJMwPoG48n9iDjw+jHoWcFuzoxaV0NUzlQ+cGnc=
x-served-by
cache-fra-etou8220064-FRA, cache-fra-eddf8230022-FRA
last-modified
Wed, 30 Aug 2023 06:57:53 GMT
server
AmazonS3
x-timer
S1693425151.414367,VS0,VE0
etag
"24e7609d6c38949b1d926366d57fc9ce"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 4
adManager.a704840912cf9378ea36.js
www.theonion.com/x-kinja-static/assets/new-client/
29 KB
10 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adManager.a704840912cf9378ea36.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2526556bd92f6b632bb706aa61537c52af57299446623e9babc618bb4bc5be7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
829S21NKFMGNZEHK
age
11097
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
9434
x-amz-id-2
hItJZy7hNWHkxqt3s7kQGHMKLgbHL0C4BEMhn1S/6A2VBZoaR7FEnMlo84HO8c9ZtEwZCldn4f1+d04YycOV/cE+3quXryhO30j8bLaRRM8=
x-served-by
cache-fra-eddf8230080-FRA, cache-fra-eddf8230022-FRA
last-modified
Wed, 30 Aug 2023 16:43:50 GMT
server
AmazonS3
x-timer
S1693425151.413939,VS0,VE0
etag
"8cf45d6396a93b98292ead59065365c1"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 4
vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~6ffce0cc.ba22825311e1b202967c.js
www.theonion.com/x-kinja-static/assets/new-client/
2 KB
1 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~6ffce0cc.ba22825311e1b202967c.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5aec3208c45f71dcf99908719a1a0280691ba83c134f3638c01046f05632a110
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-kinja-gdpr
true
x-amz-request-id
JR1NZ353Q0471FKC
age
66591
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
975
x-amz-id-2
ZHDC5zQGTJf3zH4vu9Uc9KFfHqmOf4u3jfuQqC3Eyonl5NoThwjV3oZcDDvoxXCmu+22y/UOLGE=
x-served-by
cache-fra-etou8220100-FRA, cache-fra-eddf8230022-FRA
last-modified
Tue, 29 Aug 2023 20:51:57 GMT
server
AmazonS3
x-timer
S1693425151.413897,VS0,VE0
etag
"f6919640632416e46099ea444d3471d5"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0, 4
runtime~videoHtml5.6ccb8c6ccc9db0ab630a.js
www.theonion.com/x-kinja-static/assets/new-client/
7 KB
3 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoHtml5.6ccb8c6ccc9db0ab630a.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b4e23aed9ac19925c7e8912d1a3b3ced0988ef769ae5dea27fbb971e5d04404f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
QJGEVVRGDRZD4V1G
age
72569
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
2291
x-amz-id-2
ibJgecuZSoioVW7U0O/mwebudx7Zmw26G/nGUL2ewIbaxzcAJ/wPBST9D89EJaozoZivmgM9dbASrzAYAa28xw==
x-served-by
cache-fra-eddf8230096-FRA, cache-fra-eddf8230022-FRA
last-modified
Tue, 29 Aug 2023 19:47:45 GMT
server
AmazonS3
x-timer
S1693425151.414545,VS0,VE0
etag
"9e3ed5d47bf2966ebec4a7a0bf8ccfb8"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0, 4
vendor~video-html5-playlist~videoHtml5.34581988329de03b0273.js
www.theonion.com/x-kinja-static/assets/new-client/
5 KB
2 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~video-html5-playlist~videoHtml5.34581988329de03b0273.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88b01f2a93eef3a3cde4f6675dbf98162901d2bcd653ce2380b70cd05c9e60b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
G0JR43770W2GQ43S
age
149805
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
1983
x-amz-id-2
8YU886842JV5aHHB6+SWrQFj2TQJUCpf4fhP+iKkrK/evhZeiZ8Ebj5yAVEOQS5jobfpZn8Z2jM=
x-served-by
cache-fra-etou8220096-FRA, cache-fra-eddf8230022-FRA
last-modified
Mon, 28 Aug 2023 20:19:11 GMT
server
AmazonS3
x-timer
S1693425151.413890,VS0,VE0
etag
"3a94a809177b9952ca94972f7ceef346"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2, 0, 4
video-html5-playlist~videoHtml5.f9ef1607a12759b7ed62.js
www.theonion.com/x-kinja-static/assets/new-client/
47 KB
13 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.f9ef1607a12759b7ed62.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c5e1aa2464402f34c43a8f2b133e717ab7eb51fdfe5e8f5691cd9f313e2eb6f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
7JCHJ4D7PH4GNJX7
age
46839
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
13250
x-amz-id-2
QhaIlQdGzqu70UlpwKaFEQyP2CNCDDi5ka6zmM2xOzB+dhjoU5VUaf7EECpeyK8olPA6/DVrSuE=
x-served-by
cache-fra-eddf8230065-FRA, cache-fra-eddf8230022-FRA
last-modified
Wed, 30 Aug 2023 06:49:01 GMT
server
AmazonS3
x-timer
S1693425151.413811,VS0,VE0
etag
"87a81cfb2336a893bca7a6dadb13a6a1"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 4
videoHtml5.3c27ba2470ef43fd30fe.js
www.theonion.com/x-kinja-static/assets/new-client/
13 KB
5 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/videoHtml5.3c27ba2470ef43fd30fe.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
758fa6eb2a74c0d914aecf819e64c0876671b0eb9f0b8dc13b3d3560176c8887
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
VDRPP2MEY4TTJWEV
age
38865
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
4583
x-amz-id-2
6CqCGnhIx3Zl9lyPyBAWxxYj6fssZNUTyjfS1EMsDCQd+U6ybfPnmQg3I8I7rIEwMkHZTCpA9Io=
x-served-by
cache-fra-eddf8230029-FRA, cache-fra-eddf8230022-FRA
last-modified
Wed, 30 Aug 2023 08:58:19 GMT
server
AmazonS3
x-timer
S1693425151.413792,VS0,VE0
etag
"93cc2252e0c13c6f938678ec6ca06d8e"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 4
gtm.js
www.googletagmanager.com/
112 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
655bc22a6b2d7d5161454d0706bd97843734351a48de91cbf51c9dfa50bd7a78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44033
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 18:06:38 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Aug 2023 19:52:31 GMT
183957-47751755686051.js
js-sec.indexww.com/ht/p/
47 KB
16 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 30 Aug 2023 19:36:32 GMT
server
cloudflare
age
867
etag
W/"da2c4d-bde7-604290b6c1156"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
7fef931cfb8b995c-FRA
expires
Wed, 30 Aug 2023 23:52:31 GMT
runtime~trackers.cab236ddab54d9b50be3.js
www.theonion.com/x-kinja-static/assets/new-client/
2 KB
2 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/runtime~trackers.cab236ddab54d9b50be3.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
684b4de220f2acb97bbd72a8d06ad77da72693f611a47ada428892ba3018c9d8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
VAS9PJQPQ40MD90F
age
47515
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
1237
x-amz-id-2
1B2r6u5lMGqt3lPJ9FT4hxHWirpEDY/NWOp+m+ZGJIgE/p7k7RrFHNIqSxcZF9KaCxb1UNBei12LZX0expFOSdjYAkGnWmkG6YWFq6/3G9Q=
x-served-by
cache-fra-eddf8230088-FRA, cache-fra-eddf8230022-FRA
last-modified
Wed, 30 Aug 2023 06:34:02 GMT
server
AmazonS3
x-timer
S1693425151.460199,VS0,VE0
etag
"3aaaeafd41360ff85f54800f5cea93b0"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 4
vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~d466b74a.3bc8263805f96fb19cc8.js
www.theonion.com/x-kinja-static/assets/new-client/
38 KB
14 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~d466b74a.3bc8263805f96fb19cc8.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c47a818a096c5acf2e79cfba0286462760d36e0ba5a336d45c281d8a723b868
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
4HCE7K1MMT729VPA
age
668780
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
13985
x-amz-id-2
UZjnpIv64cKIlSwxuiLXIJzc4EjEMxCJhfG/CsPA0+ROUzuKyQIF05fIwo6ECymVRXSqJ9aymzI=
x-served-by
cache-fra-etou8220058-FRA, cache-fra-eddf8230022-FRA
last-modified
Tue, 22 Aug 2023 18:18:01 GMT
server
AmazonS3
x-timer
S1693425151.459006,VS0,VE0
etag
"f3e8fafe1d3353e33bfd323f493fa187"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2, 0, 4
vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~4859dc64.1dff26ce3d0dfd5d4cf9.js
www.theonion.com/x-kinja-static/assets/new-client/
5 KB
2 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~4859dc64.1dff26ce3d0dfd5d4cf9.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12d795d53e04086036bd662081c08ad28f375df8675dd0e12985361f993d3123
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-kinja-gdpr
true
x-amz-request-id
DCQNH5QFYYQK53NB
age
1275692
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
2137
x-amz-id-2
07R2raiqHaeIBEWHvYBekb9zLYveTfLrhJS1WBvRLG6QobyVccSVOKoTW+5TayulKk4KvQySDa4=
x-served-by
cache-fra-etou8220047-FRA, cache-fra-eddf8230022-FRA
last-modified
Tue, 15 Aug 2023 18:27:07 GMT
server
AmazonS3
x-timer
S1693425151.459806,VS0,VE0
etag
"809fe63d8d77d0e261811167c8889983"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 4
vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~5bdabf3b.4ce08cad0626a2d0e370.js
www.theonion.com/x-kinja-static/assets/new-client/
180 KB
59 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~5bdabf3b.4ce08cad0626a2d0e370.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8a533caec5589dc47cf3cdfb96df6abc0c1c74a49b11895e205f4d621787fc1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
JRQAXNG3FCTV3Y3D
age
1343806
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
60236
x-amz-id-2
tWSzU6YJIz1GwbzL+H6iLehuxys2bQNRRgSCml/+PYHoRXM8SzijYLLpD6fDh1s9dPWte6QzDOg=
x-served-by
cache-fra-eddf8230037-FRA, cache-fra-eddf8230022-FRA
last-modified
Tue, 15 Aug 2023 06:30:08 GMT
server
AmazonS3
x-timer
S1693425151.459375,VS0,VE0
etag
"4074caf7d3704b6e878c064315f9ae2c"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 4
vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~51f8549f.d9ef48729350059e2b75.js
www.theonion.com/x-kinja-static/assets/new-client/
4 KB
2 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~51f8549f.d9ef48729350059e2b75.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a9c90b2af89cb5d0c21fe54f79d301c1755ae1d70769cf60502f1bc96cd9606
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
ZVF3RPKNTYR2EAGX
age
1878407
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
1710
x-amz-id-2
m4apw7xYM8kmmudDdzfq0dp/Tjrd84eXzlyv8kDil7lFSmOBXFBbtSMdH6Hp9lAPgacP/MKLwlI=
x-served-by
cache-fra-etou8220057-FRA, cache-fra-eddf8230022-FRA
last-modified
Tue, 08 Aug 2023 20:42:57 GMT
server
AmazonS3
x-timer
S1693425151.458048,VS0,VE0
etag
"209841c7ddc51d1d922293ebfb033f37"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0, 4
vendor~capPage~featureSwitchPageClient~renderThumbsModal~specialSection~trackers.706ac804f2712aaee5a7.js
www.theonion.com/x-kinja-static/assets/new-client/
22 KB
7 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~capPage~featureSwitchPageClient~renderThumbsModal~specialSection~trackers.706ac804f2712aaee5a7.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0719ecb2765c96a0ed53d5133f54ae746a78478cc2caf48006c7420ed63b196
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
VASAW8C3SFSF7KGN
age
47515
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
6963
x-amz-id-2
pvhyEWGnX8H3K1ztP8XxiHIXAIiM2fPEJF22TOmlC+8FQiBy7ZYePiCLpZ2Q9Jru5VXwJ1HgSWnf+UT01eiydX3t3c5QsN4b0dDVY+LfS0Y=
x-served-by
cache-fra-eddf8230137-FRA, cache-fra-eddf8230022-FRA
last-modified
Wed, 30 Aug 2023 06:34:04 GMT
server
AmazonS3
x-timer
S1693425151.457919,VS0,VE0
etag
"e5788df16fb773b0aae9c680d6d08d7b"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 4
vendor~trackers.dba99ae55abaa84738c0.js
www.theonion.com/x-kinja-static/assets/new-client/
114 KB
40 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.dba99ae55abaa84738c0.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e418ca723712dd77e0837394c7c4f8c9be9c8db41a622975d1d5b8b044bc04f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
4HC1V8GGCWVE6GT0
age
672166
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
41018
x-amz-id-2
JVP9h9IjX5qC66sWtOfxIQaRJGzvH2KgEEjdi9U+mpYjpmo1r0xk11tXnHy9H2LA4wAA7bw+/EE=
x-served-by
cache-fra-eddf8230062-FRA, cache-fra-eddf8230022-FRA
last-modified
Tue, 22 Aug 2023 18:18:02 GMT
server
AmazonS3
x-timer
S1693425151.458520,VS0,VE0
etag
"7d7c023a7e94548c1f5cc586eb4fb0a7"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 4
adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~23711350.4428e6b8a8fae52b454f.js
www.theonion.com/x-kinja-static/assets/new-client/
13 KB
4 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~23711350.4428e6b8a8fae52b454f.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d9ac822663d0d4cf50e91a47908374106fc3e7e47aa47d11c6167bbb63baa71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
VAS0H53XR1EK8VCJ
age
47515
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
4159
x-amz-id-2
O6SwdieWnlfpFett7lm4t7y0DtlP4WGZKDzNEkn6MejOMfLoTfLysMm6cd1NA10vX2BWs1O1m+4juZhI2iwxrQ==
x-served-by
cache-fra-eddf8230133-FRA, cache-fra-eddf8230022-FRA
last-modified
Wed, 30 Aug 2023 06:33:56 GMT
server
AmazonS3
x-timer
S1693425151.458423,VS0,VE0
etag
"d3d947a04ec79d78192eaab42f20c5f9"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 4
adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~fb1edace.a63add5a8166db667612.js
www.theonion.com/x-kinja-static/assets/new-client/
57 KB
14 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~fb1edace.a63add5a8166db667612.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8171b2fd69a68706ff771e33d26ff77b2f49801b4a3aa7bcdebcc00c42584f2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
content-encoding
gzip
x-kinja-gdpr
true
x-amz-request-id
VAS6272WBDSW130J
age
47515
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
14414
x-amz-id-2
9tFt4pQTrVf+vCtR2V00jaPyeMPW3yH8JbojexMuBXr7nGbJw95ZPTBqRRll/uZJEKlmnHuf9po=
x-served-by
cache-fra-eddf8230023-FRA, cache-fra-eddf8230022-FRA
last-modified
Wed, 30 Aug 2023 06:33:56 GMT
server
AmazonS3
x-timer
S1693425151.459865,VS0,VE0
etag
"159c86f99c29c0729fa71591a7d50abd"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 4
adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~21c6822b.f98cc01722a3c9b8c2ea.js
www.theonion.com/x-kinja-static/assets/new-client/
198 KB
59 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~21c6822b.f98cc01722a3c9b8c2ea.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
814bdf26ab61d460b95d4deb56acf804d12552ffe53a08804976bfc4fe50b82c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
Z7YF5WM813DWE886
age
38881
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
59988
x-amz-id-2
oVMERWkS6BgegRnXCtUNA/Bay31wAvFCogrFktk0Y7KG5s4uGgPbTyevAm7oxzwfynBBVeZdpvQ=
x-served-by
cache-fra-eddf8230095-FRA, cache-fra-eddf8230022-FRA
last-modified
Wed, 30 Aug 2023 08:58:09 GMT
server
AmazonS3
x-timer
S1693425151.458040,VS0,VE0
etag
"391e1f5dbf52184405286f9f895f62fb"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 4
carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.2f8ee481248184c9e045.js
www.theonion.com/x-kinja-static/assets/new-client/
13 KB
5 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.2f8ee481248184c9e045.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12cec41b495be9d7330ff0b3c38089b3a71be9c0d193b008e90e7d1b0ce30fb4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
S8N9TH63RFZ51MCM
age
10999
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
4903
x-amz-id-2
urbyhU2ZJdf0LAo8nlVbXDpvy2ci5XptKnpvTBGhQehHLMMWbFpyjazIci6adfNf+LzzyYhVZ2e0LQeNCGIVsg==
x-served-by
cache-fra-etou8220022-FRA, cache-fra-eddf8230022-FRA
last-modified
Wed, 30 Aug 2023 16:43:51 GMT
server
AmazonS3
x-timer
S1693425151.458058,VS0,VE0
etag
"bd2b7e2cc8d05757a989a4fbfffecd24"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 4
trackers.b1afe182d121a34e13a3.js
www.theonion.com/x-kinja-static/assets/new-client/
13 KB
4 KB
Script
General
Full URL
https://www.theonion.com/x-kinja-static/assets/new-client/trackers.b1afe182d121a34e13a3.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7bc2fa1c7926439dbaeb0c159fb6adc3e815fc24cabb1eeacb7c3a3444ad4b4e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr
true
x-amz-request-id
59MPWQYCXZRXNB2N
age
195658
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS, HIT
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
4305
x-amz-id-2
2MZPK+qHQnMqtbeNxD0+fFZH1t4I/CCl2/Kv+iCF2sLLPiB9kaxhoPdelZxq57gn3PpvGXci8VI=
x-served-by
cache-fra-eddf8230091-FRA, cache-fra-eddf8230022-FRA
last-modified
Mon, 28 Aug 2023 13:26:13 GMT
server
AmazonS3
x-timer
S1693425151.457836,VS0,VE0
etag
"7a4eaaa2edc197d51b28df0b5daba336"
vary
Accept-Encoding, Authorization
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 0, 4
runtime~curatedHomepage.dbc8f321cef0688a79f8.js
x.kinja-static.com/assets/new-client/
28 KB
5 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/runtime~curatedHomepage.dbc8f321cef0688a79f8.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73d9d8fc86dc4b57966a9d421e592002d51af516f619cb1625d0d157d7422aae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
FMJFSR00W05Z6DFD
age
70
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
5300
x-amz-id-2
Sfnp89EwWWumPBcdWFmKJDBb0L870NVfalbHfVEaV0frtQi7D1CmXkFoBXUu8z4GPvSBqRoxR1Q=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Wed, 30 Aug 2023 16:43:56 GMT
server
AmazonS3
x-timer
S1693425151.457764,VS0,VE7
etag
"293718d51a8810e2fe03fc9d09815585"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
vendor~adEditor~biztoolsPage~capPage~celebrityPage~channelSectionPage~commerceDashboard~copy-to-clip~0512e254.89612b6c2bb0a3df4c7e.js
x.kinja-static.com/assets/new-client/
119 KB
33 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/vendor~adEditor~biztoolsPage~capPage~celebrityPage~channelSectionPage~commerceDashboard~copy-to-clip~0512e254.89612b6c2bb0a3df4c7e.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ab71542224e581180e9f24246bc8cc18692b536d3035e4ad325b93cc79af169
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
JRQBGE9PQN04CKE8
age
64
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
33779
x-amz-id-2
FIpVNM8wE/7LKNNs0bQHfLDyBJfKqZ3f3gD2pCRwxK8FmzjH3V/M32/k2YucFmUt0ycP6xzxpzA=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Tue, 15 Aug 2023 06:30:08 GMT
server
AmazonS3
x-timer
S1693425151.458100,VS0,VE0
etag
"f4794a4d210ca523386eb0c8e31991c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~83c8be27.6b0dacb0c26faf382b24.js
x.kinja-static.com/assets/new-client/
3 KB
1 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/vendor~adEditor~biztoolsPage~capPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~co~83c8be27.6b0dacb0c26faf382b24.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
759cc925f137be357585ba1ae5b99415642585ea6ecc4c8645a63cc1d42517d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
5PE39MH5X121SGE0
age
100
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1033
x-amz-id-2
LFG6xCc78q1fY1z+Zlw1sFY6p36C14FeqM1FxXIy2d5727QbNa0YOxApGnrm7lQbq+D5yaqhFsM=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Mon, 28 Aug 2023 20:19:10 GMT
server
AmazonS3
x-timer
S1693425151.458906,VS0,VE0
etag
"2a9b7f2aa64387045ddad8d1cb47d97c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
vendor~celebrityPage~channelSectionPage~curatedHomepage~frontPage~hamburger-menu-variant2~moviePage~~64e5e735.103f3c8110d0f4b9809a.js
x.kinja-static.com/assets/new-client/
3 KB
1 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/vendor~celebrityPage~channelSectionPage~curatedHomepage~frontPage~hamburger-menu-variant2~moviePage~~64e5e735.103f3c8110d0f4b9809a.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6151afd17448b143a40e19bab756dabbcb6ca8a032642b937f8f14487d1e794e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
PJZD1ZAPEWGHW90H
age
105
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1197
x-amz-id-2
CpH71+YcNvOOVCQFN5zkq2cwlbZ4CtEORR4smSyvhxiBRxei46QeBnQJlG3a6yKD1GnHulsfW8U=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Mon, 21 Aug 2023 19:37:21 GMT
server
AmazonS3
x-timer
S1693425151.457760,VS0,VE0
etag
"cedfecfb8d8af192d35f9181d454f038"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
vendor~curatedHomepage~frontPage~modify-commerce-links~renderSlideshowBlockNode~searchPage~send-to-e~ecb5f117.72ef3192a5c3b1a8c2d5.js
x.kinja-static.com/assets/new-client/
9 KB
4 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/vendor~curatedHomepage~frontPage~modify-commerce-links~renderSlideshowBlockNode~searchPage~send-to-e~ecb5f117.72ef3192a5c3b1a8c2d5.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7b739323f788f43777d94f5a11b01dfde61f9ff8233fd0ce5d9d50b36875c75
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
8BK1B11X269T09R8
age
28
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3321
x-amz-id-2
62QnclMCmhmHElgaK0qz417GYEZvvpMeQJtBKqeUyPv8OudQiBCSBhnyjhgJfKTFVrf+H9/6Tk0=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Tue, 22 Aug 2023 18:18:01 GMT
server
AmazonS3
x-timer
S1693425151.457784,VS0,VE1
etag
"5dc888ab900f57f077dacfb914ed5222"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
PlaylistCarousels~YMALModule~biztools~car-comparator~car-selector~car-shopping-widget~commerceDashbo~76266a5f.582a1cd76588ea4b1446.js
x.kinja-static.com/assets/new-client/
11 KB
3 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/PlaylistCarousels~YMALModule~biztools~car-comparator~car-selector~car-shopping-widget~commerceDashbo~76266a5f.582a1cd76588ea4b1446.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1942e9a6d7cc728e89d461f0c50c861584598ad5290e9665e27513db150b850b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
W3XRWS50E66MG2N0
age
34
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
2879
x-amz-id-2
FQmyKryMBmvMETnIYcYP9vTHq9asXWV8AiXiNjAl3AyYJ09+A60C9HOYyOkTmXcbzqLhBHWLYy8=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Tue, 29 Aug 2023 20:51:51 GMT
server
AmazonS3
x-timer
S1693425151.457770,VS0,VE1
etag
"ecdd5dd332ab3110fc0873fbad950f41"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~3dd10d5b.846854696ecda56de32d.js
x.kinja-static.com/assets/new-client/
7 KB
2 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~3dd10d5b.846854696ecda56de32d.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19ba9863368ec6a16b4635113402ef605b257182f83b37211033786977613d19
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
79DWNRSGCNANKDY7
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
2112
x-amz-id-2
yWgRvLBQbMUdtqyfzSJBs0hopbmEUojRjpALiy9AHYJBdcCtgSO6QZa9LZYHcfAq4okYIIgA3ec=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Tue, 22 Aug 2023 18:17:54 GMT
server
AmazonS3
x-timer
S1693425152.564135,VS0,VE213
etag
"cf06f2081831f49e051b116b06987995"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~8c3c71d6.32db1f91b27b6bae6029.js
x.kinja-static.com/assets/new-client/
60 KB
13 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~8c3c71d6.32db1f91b27b6bae6029.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5f66632bddb38e311ebbee305ba5dd4b3d3ea1ba78dbb60db1ff27295ac5863
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
D1PQFDJD4GY0WK8V
age
82
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
12991
x-amz-id-2
BwLOQgX+2fzb0mjDShhbm/gwhpuOowPnXoe5XAWIBxCQeYR9maVhm4+r+XnFTQMH/UUPbtYFX/8=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Wed, 30 Aug 2023 16:43:50 GMT
server
AmazonS3
x-timer
S1693425152.563809,VS0,VE1
etag
"f30418b1cf2d67f17f025bb885f081a2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
YMALModule~biztools~car-comparator~car-selector~car-shopping-widget~commerceDashboardClient~curatedH~4187a37d.9392d47055f0bff2db03.js
x.kinja-static.com/assets/new-client/
31 KB
7 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/YMALModule~biztools~car-comparator~car-selector~car-shopping-widget~commerceDashboardClient~curatedH~4187a37d.9392d47055f0bff2db03.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c0a1f0308c22240b60162df6a17beb841cafc3146f4ccebfdc2f8f731413c40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
0EJ7E29J361TH2FS
age
64
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
6749
x-amz-id-2
McHjJdoXoyIFtxmjx0JYLc6akbKMBD/iu08ih/Uumbft0BHoFw9PJofAyynNzUtFGjaSTzfdyGM=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Wed, 23 Aug 2023 07:08:54 GMT
server
AmazonS3
x-timer
S1693425152.580726,VS0,VE0
etag
"6a93a8611359e3894d39786f07b3539e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
curatedHomepage.dd61f8fd443d21960048.js
x.kinja-static.com/assets/new-client/
42 KB
9 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/curatedHomepage.dd61f8fd443d21960048.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7997f9816bd6a6827c4eaf047157533998af3231fb50762a4dd073caca37020c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
ERFD23GSHPEA49FH
age
58
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
9313
x-amz-id-2
ZkljF3PzwB605O8FKzmR/3RILHdnCewpBXDzrISwKOI86zH4CeHxZRAHReEs3xN/UxxPp19YPjo=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Mon, 28 Aug 2023 13:26:09 GMT
server
AmazonS3
x-timer
S1693425152.581788,VS0,VE2
etag
"c4155487bcd7e9e53f39bd8b04588085"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
ad-units-default.d374e76083a991fcabb4.js
x.kinja-static.com/assets/new-client/
14 KB
3 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/ad-units-default.d374e76083a991fcabb4.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.1c22a6e0d76907434259.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c596cd2bad0ad9c8a38a6324fad0f24fca7ff62667d3658b7e8398a26a84a5f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
Q50B691HCE1X6PY0
age
32
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
2877
x-amz-id-2
TuBzE7C8F5soB4OzTozhaIBHwVz7Zs6jta7HIFm44sgtCauwR4ZEDkOm8aN/cehz8nswFOxHoNA=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Mon, 21 Aug 2023 07:13:08 GMT
server
AmazonS3
x-timer
S1693425152.581608,VS0,VE1
etag
"8e5d16482dafab731e046db8a5c4387a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
display-theonion-desktop-config.c3ea742a568e1952e8fd.js
x.kinja-static.com/assets/new-client/
11 KB
1 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/display-theonion-desktop-config.c3ea742a568e1952e8fd.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.1c22a6e0d76907434259.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
622fb51880ca649d2bec903515a6ce45ceb17a8b146b38f1909f08cc96874c8f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
7Q49A187XZJH705V
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
919
x-amz-id-2
TXoyHr5MLLDaZ7zhgWZRdpM+OoWAhpsqzLt5vObIMCM6Xzbi0RUt6048PNkzMFPFm1NAUTnC/RA=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Wed, 16 Aug 2023 06:12:18 GMT
server
AmazonS3
x-timer
S1693425152.581523,VS0,VE209
etag
"9468c3e024d25849ffa665f5a086c9cb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
apstag.js
c.amazon-adsystem.com/aax2/
248 KB
61 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/adManager.a704840912cf9378ea36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.202.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-202-223.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9e08da8f03bfc136e84f23144e1d9c6837ebed60f4c61b6c8cafc8215f77585

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 18:56:45 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 018d49139552bac4221d8e525a1600be.cloudfront.net (CloudFront)
last-modified
Thu, 24 Aug 2023 18:15:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MXP63-P1
age
3347
x-amz-server-side-encryption
AES256
etag
W/"bfd42dc650471371e7b049251fcaca58"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
Oo-bFFxIJ5NKOu4ODmi6mWJeGbDn-Vep8KnGvbibMUD5dTQWTBWgiw==
prebid-js-prod.43bf42174e14caab7eaf.js
x.kinja-static.com/assets/new-client/
453 KB
114 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.1c22a6e0d76907434259.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b34781cea14bc4049c068db0c857b50f4f1d2cd0069ce99b98b649944d1d51b6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
001R623NKAWG658D
age
74
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
116221
x-amz-id-2
+i1i1UQU2WU4eMoO6IT4ne3f8lWlATvozUsgpOyoIMJNnSn0xfW9v4me/uK64ONZZ2Mgei2jBkfmpaNnDsnRCVsFjoKKiKXw8HgYgKS5KYA=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Tue, 29 Aug 2023 19:28:15 GMT
server
AmazonS3
x-timer
S1693425152.616358,VS0,VE2
etag
"887a8b3554553466d82b36301f014a76"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
ima3.js
imasdk.googleapis.com/js/sdkloader/
356 KB
123 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.f9ef1607a12759b7ed62.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9f0196a37642b04ecaf289a2772042f8d51629c622b87a35b8876315c89f8ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125514
x-xss-protection
0
expires
Wed, 30 Aug 2023 19:52:31 GMT
b-e09f10f-4415d417.js
tagan.adlightning.com/gomedia/
77 KB
29 KB
Script
General
Full URL
https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-76.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
895fe95f9252951d1b3acfba50546376d3224bb5a19fa40df3be17e6571e844b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 16:34:34 GMT
content-encoding
gzip
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-version-id
W1DH6jDxNN9jfL9k8Lwxuy3R7DRroyh6
x-amz-cf-pop
AMS1-P1
age
1307878
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29341
x-amz-meta-git_commit
e09f10f
last-modified
Mon, 05 Jun 2023 16:26:51 GMT
server
AmazonS3
etag
"2bdbd3c490a4d678a49da1f2123b95f8"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
JeU7X6e0xL7OMBbHlzZTjVqLV9e0k1ClA1uMlw5v0K4GlhekG_N54A==
bl-0211e21-b7ee88db.js
tagan.adlightning.com/gomedia/
65 KB
27 KB
Script
General
Full URL
https://tagan.adlightning.com/gomedia/bl-0211e21-b7ee88db.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-76.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74e372d1f292862c4f8060083ed8a9a50fe27d5bae7e5cd9790aef511b5a49a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 18:16:04 GMT
content-encoding
gzip
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-version-id
roHlqgbj_GoUFRxtHwcbhoBbNQfpSn0.
x-amz-cf-pop
AMS1-P1
age
5788
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27590
x-amz-meta-git_commit
0211e21
last-modified
Wed, 30 Aug 2023 17:39:43 GMT
server
AmazonS3
etag
"0b21d76c3b67f1ca70c6524a3875e14e"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Qd-uvS1dybXWk3IREveKLyc7e8rIhbDYF4iXzWuhmJ8ZdsIOTBh7qQ==
publisher:getClientId
ampcid.google.com/v1/
74 B
440 B
XHR
General
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
pid
www.theonion.com/api/magma/veritas/
40 B
876 B
Fetch
General
Full URL
https://www.theonion.com/api/magma/veritas/pid?cb=1693425151683
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.dba99ae55abaa84738c0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
858b04b7c370059a2bdb4d78839ae04ad617b015389fd26d5aa76e42cb1be422
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-kinja-server
kinja-magma-kube03-64dbbbdb94-tpmfs
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 30 Aug 2023 19:52:31 GMT
x-kinja-gdpr
true
x-kinja-build
4371
x-powered-by
Express
x-cache
MISS, MISS, MISS
x-ua-device
desktop
x-kinja-superheroloaded
true
x-kinja
kinja-magma-kube03-64dbbbdb94-tpmfs #4371
x-cdn-fetch
mantle-nocache
content-length
40
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200110-IAD, cache-iad-kiad7000040-IAD, cache-fra-eddf8230022-FRA
x-googlenews-bot
false
x-timer
S1693425152.700426,VS0,VE131
etag
W/"28-0Q09QGEV0vbpbgtbG7SHyjGXT3s"
vary
Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location
content-type
text/html; charset=utf-8
cache-control
private, no-store, no-cache
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-kinja-revision
95aa06d75eb5da911a14946766f118f6ac3746ef
x-cache-hits
0, 0, 0
tag
btloader.com/
Redirect Chain
  • https://kinja-com.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=kinja-com&upapi=true
16 KB
7 KB
Script
General
Full URL
https://btloader.com/tag?h=kinja-com&upapi=true
Protocol
H2
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9697b427ff68f57dffe803235d58c59686e7b4fb2435967ef024d7c4a367182

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Aug 2023 19:28:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1279
etag
W/"0d83809468630e4e88cf3f49ecb0dfe0"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2B4Xj7IDvUBhaFWwXjYMBNkdFJaa9YdWjjgUXkVDUYIeSCXpk8AQS0tHxFiiXMZpHtoD9pOS24jzl%2FlruEa%2FSdoVcCe8QtJz5QUuUTWQDep6RP%2FTKU3bUS7fQ0tobt1NWjUxFkqsnrjqmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7fef931fecba5b98-FRA

Redirect headers

date
Wed, 30 Aug 2023 19:52:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlI3MALboT1y4efwPCKe0GawxeyfDJ2APuCh4cqcbkWKEODKBJlpgeFquftkzC20TKlZj%2F7ojJpu9H63ZIT4FnaV9BQ71KnWsbEeDX4YSV%2FS1I2CpNJeVxOvRYOjJ5qUHLMGV0rNgtBXdPqELc6%2F%2BcFbHSDEZzctWus%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=kinja-com&upapi=true
cache-control
max-age=3600
cf-ray
7fef931ece399137-FRA
expires
Wed, 30 Aug 2023 20:52:31 GMT
chartbeat.js
static.chartbeat.com/js/
37 KB
15 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e600:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 17:21:17 GMT
content-encoding
gzip
via
1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
9074
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
ftBE0LDUyVAvQsn0lMSqCy1l7HFYFhgBmuGy8KCo7MTNCsXaOYwCYA==
expires
Thu, 31 Aug 2023 17:21:17 GMT
/
insight.adsrvr.org/track/evnt/
70 B
261 B
Image
General
Full URL
https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 19:52:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
roboto_condensed_ext_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/
22 KB
22 KB
Font
General
Full URL
https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_bold-webfont.woff2?11012022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa4a10fb18a7cf972ee266856700400200e09d0557441a4aed5adf6f1d4a94a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
CJZQVA13NN3Y99E2
age
116
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
22308
x-amz-id-2
hexRpamrjyqT3FJPAAPIkGd7OYcOTa4NVwn55qif2Ifbn3pW/oAM68vuNy6z/j6T3T75b0q4Rfg=
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Thu, 10 Aug 2023 17:07:51 GMT
server
AmazonS3
x-timer
S1693425152.706559,VS0,VE0
etag
"5b89baa90ed9f475cc75193a4873c51a"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
3
roboto_condensed_ext_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/
22 KB
22 KB
Font
General
Full URL
https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_reg-webfont.woff2?11012022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf63e82bd1a86cf85c62989cc15541677669740180c62e7855e00a967f18ba06
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
PVPPC4SDSFZ9Z99H
age
48
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
22464
x-amz-id-2
Hx/RPIpFFko3mr9jUmDkxMGT6No1bgMdgGUd+3weufOar/XbsOF7K+QJrNjbxlCb3eU+6HXE0vU=
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Thu, 10 Aug 2023 17:07:53 GMT
server
AmazonS3
x-timer
S1693425152.707424,VS0,VE0
etag
"07a9822d47ff9a6f495d0f1c04d185c8"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/
18 KB
18 KB
Font
General
Full URL
https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-amz-request-id
H4VGHZ0SGW59WW48
age
51
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
17984
x-amz-id-2
4NXjHFnzB9Aur8IiEAdWbJs3pbtNcxQNRB0Ahl30HF3XljJ1wSKbHWq3ADz2bapOCv85mkaNhYG6S7aHedWco186HDDP3fdr
x-served-by
cache-fra-eddf8230131-FRA
last-modified
Mon, 28 Aug 2023 20:26:35 GMT
server
AmazonS3
x-timer
S1693425152.707441,VS0,VE0
etag
"0518781cd45a71291d17ea1febfcc5fe"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
2
/
id.sv.rkdms.com/identity/
2 B
168 B
XHR
General
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=GOMEDIA&sv_domain=www.theonion.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.203.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-203-196.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.theonion.com
date
Wed, 30 Aug 2023 19:52:32 GMT
access-control-allow-credentials
true
server
nginx/1.22.0
content-length
2
vary
Origin
content-type
application/json
any
idx.liadm.com/idex/ie/
0
312 B
XHR
General
Full URL
https://idx.liadm.com/idex/ie/any
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.214.10.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-10-54.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.theonion.com
date
Wed, 30 Aug 2023 19:52:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
trace-id
2e7b1b702be29e2a
vary
Origin
request-time
2
identity
api.rlcdn.com/api/
44 B
361 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/
63 B
391 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183957&gdpr=0
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8ec37f730dd44accf4345633e54ea237ab173c6e1f257b721bf8123c194cb4d4

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 29 Sep 2023 19:52:31 GMT
gtm.js
www.googletagmanager.com/
200 KB
66 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ce7dc858fc20bc7655a839b7402c2722a90da5dd0a85da45b71f7140cc24502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67823
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 18:06:38 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Aug 2023 19:52:31 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/
404 KB
127 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 17:16:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
9369
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129934
x-xss-protection
0
server
cafe
etag
17007686020673988365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 29 Aug 2024 17:16:22 GMT
publisher:getClientId
ampcid.google.de/v1/
3 B
369 B
XHR
General
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
json
trc.taboola.com/gomedia1-theonion/trc/3/
50 KB
14 KB
XHR
General
Full URL
https://trc.taboola.com/gomedia1-theonion/trc/3/json?tim=21%3A52%3A31.936&lti=deflated&data=%7B%22id%22%3A849%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1693388194590%2C%22vi%22%3A1693425151933%2C%22cv%22%3A%2220230830-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A4000%2C%22dh%22%3A6183%2C%22nsid%22%3A%22gomedia1-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dgomedia1-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A5935.625%2C%22mw%22%3A1300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Dgomedia1-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bdd47ea16a872a4a04b26f2c0f3a87b3bef4d111e11ba5d240f6c668ec3a67ce

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
137
date
Wed, 30 Aug 2023 19:52:32 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
7801
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220064-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1693425152.968282,VS0,VE137
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
config
c.amazon-adsystem.com/cdn/prod/
954 B
1 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3076&u=https%3A%2F%2Fwww.theonion.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.202.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-202-223.mxp63.r.cloudfront.net
Software
Server /
Resource Hash
067aa3b61bb22a73852b83b49e46e3c54923a017dd005502f370527a32582162

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 18:30:36 GMT
via
1.1 018d49139552bac4221d8e525a1600be.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MXP63-P1
age
4915
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
954
x-amz-cf-id
_9WE81pk2gqnif2mN_VSuYRodoBFG2xQgC6YMjQ3-47yxytCvlfQpA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.202.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-202-223.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 377f66adf3e979e5eae2bf83298bbabe.cloudfront.net (CloudFront)
date
Wed, 30 Aug 2023 08:33:37 GMT
x-amz-cf-pop
MXP63-P1
age
40910
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
cXuW-h_JaVfHjOV3dBwUXOqVdZ02ZlKiF6HHwGkjCoY5Mqm6sLFvYQ==
iframe-communication.d153faead67976190b53.js
x.kinja-static.com/assets/new-client/
3 KB
1 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/iframe-communication.d153faead67976190b53.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a4a675c58ebdb96761ce6492beb887ce9cc56ad902827c7dca796681647add7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
RJEBVQRPPKG4QYZG
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1136
x-amz-id-2
ife+AHeylnBmGNrf5KhicWUczcmnPx5nvmWgzSotFeWIt4KibrHF3+Oi/9AaoG/JzpGTrGDWBKg=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Mon, 28 Aug 2023 13:26:10 GMT
server
AmazonS3
x-timer
S1693425152.008068,VS0,VE1
etag
"8dc26d93f148352c24e486a521cb6dcb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
next-video-loader.5968d73c59db75364dbd.js
x.kinja-static.com/assets/new-client/
2 KB
900 B
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/next-video-loader.5968d73c59db75364dbd.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4187d54bac080e9b6d8060da70abe3459746b9f19bd42f5acd9af3ed7a72de24
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
JRQ78CBRNWQA6TFY
age
72
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
701
x-amz-id-2
rDkgrE9UZ6lUBTcPGkwpLplrdN9o2ymhWhsrwPudYosj0Xs1/T1OqaQ4isATLL1IyNEMF/+iSys=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Tue, 15 Aug 2023 06:30:05 GMT
server
AmazonS3
x-timer
S1693425152.012124,VS0,VE2
etag
"c0ac174061bb349d0dcd459fd8d26333"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
adEditorComponent~api-video-meta~curatedPageEditor~feed-stream-load-more~getShowBrowserData~in-artic~9fee9799.c213b5a3828fdff71fd1.js
x.kinja-static.com/assets/new-client/
7 KB
2 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/adEditorComponent~api-video-meta~curatedPageEditor~feed-stream-load-more~getShowBrowserData~in-artic~9fee9799.c213b5a3828fdff71fd1.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0feb5a032ce68024e6d9ec40424b2c19679e405f71a91a469ce17e1d27a2190a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
VQ006172YCKYKDYF
age
9
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1906
x-amz-id-2
JePf5oFt088itX/A79jjWIWyZakIB2cMyygP/FfjtImHUaLkcAjX/yX9Ijujrj24s/Rv1ZijEEk=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Mon, 28 Aug 2023 16:32:37 GMT
server
AmazonS3
x-timer
S1693425152.012097,VS0,VE1
etag
"f5d4f4a8f2962d1985428ea513b372ab"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
api-video-meta.0f24c8b17bc45e467906.js
x.kinja-static.com/assets/new-client/
5 KB
2 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/api-video-meta.0f24c8b17bc45e467906.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7ebec103c04aedd9c1b8e8136c0afc3d979b46c8d1cc92f8a4a9ea62dc6f3aa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
1XJS8V5H17BDAY16
age
72
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1699
x-amz-id-2
UQac0ZjqShXSsgXWbMI6FPTvOF8ZVDYHJv8wdfees3UyR9peEvYkfowFARhx9UJ4HmV8kwlM1KBKOz0/qt08VAU8eqDOuoUh
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Tue, 29 Aug 2023 20:51:51 GMT
server
AmazonS3
x-timer
S1693425152.012109,VS0,VE3
etag
"7dff80ea9d7a867ec9f469e1ff8843e5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=theonion.com&p=%2F&u=B_wjc7S4K5iCJtZGD&d=theonion.com&g=3012&g0=www.theonion.com&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6183&o=4000&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.theonion.com%2F&b=841&t=Y6SiCD98KTTFXj5YM_F3JWfNqB&V=141&i=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&tz=-120&sn=1&sv=Bu2uUzjBS1ND6xQSLDxPc7zCix0aJ&sd=1&im=067b2ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.55.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-55-47.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
bridge3.587.0_en.html
imasdk.googleapis.com/js/core/ Frame 8DC2
720 KB
231 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
173450
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236429
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 19:41:42 GMT
expires
Tue, 27 Aug 2024 19:41:42 GMT
last-modified
Mon, 28 Aug 2023 19:39:24 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 19:52:32 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame BCB0
40 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 18:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 30 Aug 2023 19:52:50 GMT
tag.aspx
ml314.com/
31 KB
11 KB
Script
General
Full URL
https://ml314.com/tag.aspx?307
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:24:15 GMT
content-encoding
br
age
1697
x-guploader-uploadid
ADPycdvyziauEH4K77QUi1mNURhfiVyTNUPhywmHLV7u9PXy9KwMSAgb0Nxed1bkyKYbkTBX8tNW0TzBYtERUCzQ5MMTwjB_OWJ4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10521
last-modified
Mon, 10 Apr 2023 17:13:24 GMT
server
UploadServer
etag
W/"b0965f051977c0dd95ffe2c736cac352"
vary
Accept-Encoding
x-goog-generation
1681146804366265
x-goog-hash
crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type
application/javascript
cache-id
FRA-fa985ced
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
32213
accept-ranges
none
js
www.googletagmanager.com/gtag/
210 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85bbf272feffac2bd7fd0371dc10bcaa37c9dd8929927ccdac0a980015617e76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76959
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 30 Aug 2023 19:52:32 GMT
gomedia_015a5_the_onion.js
cdn-magiclinks.trackonomics.net/client/static/v2/
95 KB
28 KB
Script
General
Full URL
https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:9800:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash
5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 00:37:06 GMT
content-encoding
gzip
via
1.1 bf1322673c76eb0dbc1cb8544c47f1e2.cloudfront.net (CloudFront)
last-modified
Thu, 23 Jun 2022 11:07:33 GMT
server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
x-amz-cf-pop
AMS1-P2
age
69326
etag
W/"17c61-5e21b75e9e639"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-id
ff_IF6I5x60B3ILF4G4ccJe2kWFXjn-JhQNnd5Cy7jCWFggCePC_fw==
ats.js
ats.rlcdn.com/
236 KB
78 KB
Script
General
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.218.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-218-104.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding
gzip
via
1.1 468a26e83787e0c68005b09431f5baa4.cloudfront.net (CloudFront)
date
Wed, 30 Aug 2023 07:37:57 GMT
last-modified
Thu, 08 Jun 2023 08:56:13 GMT
server
AmazonS3
x-amz-cf-pop
MXP63-P2
age
44203
x-amz-server-side-encryption
AES256
etag
W/"a23e5e8674928ef24c6825d63b8d2927"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
PP2zi77NvSDw_uZXtwSXSN39ZWMV-PjUYcyQirQiu6Df2Q9tkHFVNw==
collect
www.google-analytics.com/j/
4 B
210 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=972883076&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABFAQCACAAI~&jid=250159184&gjid=1458152387&cid=1805245862.1693425152&tid=UA-223393-1&_gid=268950501.1693425152&_r=1&_slc=1&cd34=none&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=frontpage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=frontpage&cd132=undefined&cd134=1&z=352751709
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
69 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=972883076&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABFAQCACAAI~&jid=422806013&gjid=417159751&cid=1805245862.1693425152&tid=UA-142218-33&_gid=268950501.1693425152&_r=1&_slc=1&cd34=none&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=frontpage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=frontpage&cd132=undefined&cd134=1&z=1642298090
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad-manager-bulbs.c463ea05828bf41db59b.js
x.kinja-static.com/assets/new-client/
2 KB
1 KB
Script
General
Full URL
https://x.kinja-static.com/assets/new-client/ad-manager-bulbs.c463ea05828bf41db59b.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e7e337e9b90ce3eae8fb267bbc624428a3d3e24b01f093176ad8790727e9e7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 varnish
x-amz-request-id
ZKNKFFHTBTXBPZXN
age
68
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
887
x-amz-id-2
bYeA+b4KD00hA3nBsmfrxic4nBi0zSenRTdH0Q2kBJ68xMcxQaa0QnVpJoKRsXy9xVV2nzZDXKY=
x-served-by
cache-fra-eddf8230022-FRA
last-modified
Tue, 29 Aug 2023 20:51:51 GMT
server
AmazonS3
x-timer
S1693425152.137709,VS0,VE1
etag
"32650a844aaef4cb5374896e9bb83f0d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
bid
aax.amazon-adsystem.com/e/dtb/
23 B
464 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=s9xaZ4oqnQ6CW&cb=0&ws=1600x1200&v=23.821.1806&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_top-banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.240.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-240-30.mxp63.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 2b08544e695e9e7bc49d159008bcc656.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MXP63-P3
x-amz-rid
44VH31VAM1N8J90PQ826
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
eVIYjf4VNvGUtkAzNPTzpxlXNCEB8l-YLK1INpouiv2cC28nxDv_wQ==
pub
pixel.adsafeprotected.com/services/
433 B
668 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-1,ss:%5B970.250,970.90,728.90,1600.350%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-139.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4a7156fea92ed64e11e0665a650ea523af28501a918e44a0d39d1363eb03a2cb

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
server
nginx
x-server-name
app16.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
publishertag.ids.js
static.criteo.net/js/ld/
43 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Aug 2023 19:52:32 GMT
prebid
ib.adnxs.com/ut/v3/
143 B
959 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c1a756786b261a5222a1450b07a730a72bc1a4a8fe08022f6e9c9119f070e348
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
an-x-request-uuid
129c7262-9c67-40cd-830e-baae0f52ab7e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.102; 80.255.7.102; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
143
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/
0
194 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=61131995410&lsavail=1
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Wed, 30 Aug 2023 19:52:32 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
tlx.3lift.com/header/
19 B
527 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.4&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.81.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-81-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
392 B
916 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=392270&zone_id=2189722&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww.theonion.com%2F&kw=TheOnion&tg_v.iab_segments=1-4&tg_i.domain=theonion.com&tg_i.page=https%3A%2F%2Fwww.theonion.com%2F&tg_i.mobile=1&tg_i.pbadslot=%2F4246%2Ffmg.onion%2Ffrontpage%2F1%2Ftop&tk_flint=pbjs_lite_v7.54.4&x_source.tid=5fa8adce-bd5c-41bf-84c1-d6707e856299&l_pb_bid_id=8b257c649b2d1&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5fa8adce-bd5c-41bf-84c1-d6707e856299&rp_hard_floor=0.65&rp_maxbids=1&p_gpid=%2F4246%2Ffmg.onion%2Ffrontpage%2F1%2Ftop&slots=1&rand=0.02403329914299901
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a58790e8db5fa9a70903dedea6617b5d109b16a0144d6884577f5468823fd8d0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
392
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
krk2.kargo.com/api/v1/
0
499 B
XHR
General
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.222.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-222-132.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
content-encoding
gzip
x-accel-expires
0
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr
508
vary
Accept-Encoding
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
krk-no-bid-reason
consent
expires
Thu, 01 Jan 1970 00:00:00 UTC
pbjs
htlb.casalemedia.com/openrtb/
37 B
546 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=727144
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd31044e33045dfe8878039347b75587c0e08127c89ee4264fbd0b01178e97fd

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aylY6pg9CIn399WWDHFBpUvcqsJIFaWQVMxE6en%2FIXC4U4206LWiahehgtyRtkmYGsgbgd7HWcjK%2BQeZ602R3MwouLDfIa7GGRp5KpdiAj6vuEpNydf%2BpWpoRxjGGpv6NAXegva"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7fef93235f2d3638-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/
0
58 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Wed, 30 Aug 2023 19:52:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb-multi
hb.yellowblue.io/
84 B
604 B
XHR
General
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-15.ams50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
26d73a488bbcf3c70fd2f307c0115d3d12fd15d6d4edf8c57e56ea1d467d6573

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
via
1.1 fb60efae608d5d8f2d160585f251caae.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
AMS50-C1
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theonion.com
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
x-amz-cf-id
QNWNdix3UNCm-eqa9oZXYn5013D9ALxyaaHLfi1aAhJpRpMR24zg_A==
alt-svc
h3=":443"; ma=86400
hbjson
grid.bidswitch.net/
24 B
367 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.110.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-110-75.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
86a58df4c6c4931186ebbd0d4e8bb9637ea7d028f9357aafa8793cf5806e8b32

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 30 Aug 2023 19:52:32 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
gomedia
direct.adsrvr.org/bid/bidder/
0
400 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/gomedia
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.71.161.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac9557e2e67bd8033.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.2.6/
125 KB
35 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/4.2.6/UnitFeedManagerDesktop.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e34222b88bb8dd60c1200d0422c58749ca77f9bd11f914adfa547112b594a0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
74605
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
35854
x-served-by
cache-fra-etou8220064-FRA
last-modified
Tue, 29 Aug 2023 08:23:00 GMT
server
AmazonS3
x-timer
S1693425152.238686,VS0,VE0
etag
"f76b1e9d5dacd2063a335a6684ebb080"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
NRaLwAexqNCQEYcq76p6-is_dvcxQOyMFEbvNOAf6P6C52C08XUdAg==
x-cache-hits
10548
feed-card-placeholder.20230830-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230830-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b081f758eb4f787016ce0140a615934de59a34e01843db159c37bfe059440986

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
fu7psKwfg6tEWSWtETgYSO2b5Drv9cIw
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 19:52:32 GMT
x-amz-request-id
HYNFNSHZK4DTWYPK
age
20061
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
AjiOmOAv3belJqco+HHhf58SdbUzEzX+7MWrKi8CEKopXbHCIjeOXCMS9yEhw68kvM1fRANoXaE=
x-served-by
cache-fra-etou8220064-FRA
last-modified
Wed, 30 Aug 2023 14:18:10 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693425152.229965,VS0,VE0
etag
"1dd6db2f4613383b1b8ff9ac985bfeb3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
34
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
44052
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/
4 KB
2 KB
Image
General
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 19:52:32 GMT
x-amz-request-id
CCG7A4WVWN5WJAVZ
age
15
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
TBmCggLO8/GElgFPb5rvRR7gHff4xRNz3fdHVeMViDUfwUB4CbODSlFFpnwJ77ZBlNCMfCXQR04=
x-served-by
cache-fra-etou8220064-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693425152.253863,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
70
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
24
userx.20230830-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20230830-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c7f06d5926f4da53559d7f0e3b7db9c2f0d1ec51884459c31348a6377903114

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
46MFPVpusEXubZu8LOUmxBi_ATP_T9Zf
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 19:52:32 GMT
x-amz-request-id
2CY3PK2TEXJE5GY3
age
20026
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
MUPA5RnbxEDy9a2MndKOdLdJAImZaFzpQRLY2uRhaWg4b6KkXDGzJmmbJjdq7HBjcN9iviJkzz0=
x-served-by
cache-fra-etou8220064-FRA
last-modified
Wed, 30 Aug 2023 14:18:46 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693425152.258802,VS0,VE0
etag
"84d9ce4f7b76fbbaa632ca2007cfbd42"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
16
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
9906
distance-from-article.20230830-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230830-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03d3f85197360e4684f26a00d33541910a8e4c157c6372d09e41994ad039a727

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
PP74Po8ErbWVWGPZF_9scPME5hTr65zy
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 19:52:32 GMT
x-amz-request-id
RCJWQPDHE6NCA0KE
age
20067
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
yjl+wBMqEg09jDUKc6GAdxK7Qe/IG1Clo7CVk4SIohzZk4DMN94m8I9lsQ+rb6ujbMqdR/CfDnQ=
x-served-by
cache-fra-etou8220064-FRA
last-modified
Wed, 30 Aug 2023 14:18:05 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693425152.259663,VS0,VE0
etag
"cb56702a02ebfe9bffe0f6bfde907156"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
47119
article-detection.20230830-8-RELEASE.es6.js
cdn.taboola.com/libtrc/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230830-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32ba30fabef8a3646d3449ae6e2af4a6fadd893988410fd1ea78759403cd5f81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
XNPdJ8nNek2Y6AGVxG_1JxfCfBkX779J
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 19:52:32 GMT
x-amz-request-id
F5N2M0Z34S4ZVF7C
age
20075
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
C3aZ6i78Rbqfll0jpiKSQfB3iTRbevHdQLHt2l/cDigRDuAIGU1ZiIXsOG1gX3+HcejOHAH6Rdo=
x-served-by
cache-fra-etou8220064-FRA
last-modified
Wed, 30 Aug 2023 14:17:58 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693425152.259123,VS0,VE0
etag
"9309f5009e44992979130292dc6600a2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
43
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
47123
abtests
am-trc-events.taboola.com/gomedia1-theonion/log/3/
0
247 B
Ping
General
Full URL
https://am-trc-events.taboola.com/gomedia1-theonion/log/3/abtests?route=AM:AM:V&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1693425152251%7D&tim=21%3A52%3A32.252&id=6290&llvl=2&ri=5346b77da4b6bc33cb59801914888cd5&sd=v2_c990ddd0825f22b4de1b72dfc9c52ba1_e725f427-d63d-43db-938a-668919c9206b-tuctbe9237f_1693425151_1693425151_CIi3jgYQ5LxeGL3fhMCkMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=e725f427-d63d-43db-938a-668919c9206b-tuctbe9237f&pi=/&wi=3642577999104193222&pt=home&vi=1693425151933&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
https://www.theonion.com
pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
stats.g.doubleclick.net/j/
1 B
347 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-223393-1&cid=1805245862.1693425152&jid=250159184&gjid=1458152387&_gid=268950501.1693425152&_u=aGDACEAAFAQCACAAI~&z=1159992890
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 30 Aug 2023 19:52:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
72 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-142218-33&cid=1805245862.1693425152&jid=422806013&gjid=417159751&_gid=268950501.1693425152&_u=aGDACEABFAQCACAAI~&z=1082730346
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 30 Aug 2023 19:52:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
state
api.btloader.com/mw/
0
101 B
Fetch
General
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 19:52:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/
43 B
935 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2595238
x-guploader-uploadid
ADPycdvItXc_lv_Y5eV8Nl5MXEPQ0qCswDUTHsEk2gQzbwrsJTS4OimP5hT47xHLKnWElLzNCoCnI7Lbk1MmPf1TkcO4IG85W5Ph
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WoaVp%2BlVfN16jGwVqKLHRXUFZRU2Qh5pwO1xpX6PaIf1SqolClC%2Bisn1cNbGbhxFL5BkPi%2B4Tta9btnmQ6vzxmB%2B4YB6DherHlS9QQO83W2TYvrmgIVeeIUSW9Pqz1LHUg0mSBlwE8sJYTTWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7fef93236f022c72-FRA
expires
Mon, 31 Jul 2023 19:20:10 GMT
favicon.ico
ad.doubleclick.net/
1 KB
572 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 05:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 05:55:35 GMT
px.gif
ad-delivery.net/
43 B
337 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.48648365885532074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2595238
x-guploader-uploadid
ADPycdvItXc_lv_Y5eV8Nl5MXEPQ0qCswDUTHsEk2gQzbwrsJTS4OimP5hT47xHLKnWElLzNCoCnI7Lbk1MmPf1TkcO4IG85W5Ph
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1oWDxOMTuyE2FgQaH8lxh2j3ANQAkxmyW81CiEhcmgd0kVc7mFDMb7qIf2EFAWlpx0BlRp9bWjbWhZ%2FUR76WmFRt9r9ajf%2BuBNQ06Dt00tAgUhuHeEQMJqC%2BvxEphJCjAbKJcOxksyZDNKYCg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7fef93236f042c72-FRA
expires
Mon, 31 Jul 2023 19:20:10 GMT
headerstats
as-sec.casalemedia.com/
0
0

collect
region1.google-analytics.com/g/
0
255 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FBJXBGD4M8&gtm=45je38s0&_p=972883076&cid=1805245862.1693425152&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693425152&sct=1&seg=0&dl=https%3A%2F%2Fwww.theonion.com%2F&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
utsync.ashx
ml314.com/
62 B
309 B
Script
General
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=90810&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.theonion.com%2F&pv=1693425152373_om8vdpwrn&bl=en-us&cb=2617787&return=&ht=&d=&dc=&si=1693425152373_om8vdpwrn&cid=&s=1600x1200&rp=&v=2.5.3.49
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:31 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62
expires
0
/
geo.privacymanager.io/
28 B
609 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.179.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-179-50.lhr61.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 03:00:58 GMT
via
1.1 f9fbffaafd0471bd66d58758a9ad82f4.cloudfront.net (CloudFront), 1.1 54342e89962b6c8be584d45b90f85b10.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3, LHR61-P7
age
60694
x-amzn-requestid
99fb3f02-a599-4448-964d-dd7f19ae40b8
x-amzn-trace-id
Root=1-64eeb0ea-6a35d12701dc121104e36c3b;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
KdCUwFhCDoEFTjQ=
content-length
28
x-amz-cf-id
V744jD185RczvbnqHvXAjsZAaIQ4kD5m0iFC8Ky5fAlRmIMqE_U-GQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
supply-feature
am-trc-events.taboola.com/gomedia1-theonion/log/3/
0
231 B
Image
General
Full URL
https://am-trc-events.taboola.com/gomedia1-theonion/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=5346b77da4b6bc33cb59801914888cd5&sd=v2_c990ddd0825f22b4de1b72dfc9c52ba1_e725f427-d63d-43db-938a-668919c9206b-tuctbe9237f_1693425151_1693425151_CIi3jgYQ5LxeGL3fhMCkMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=e725f427-d63d-43db-938a-668919c9206b-tuctbe9237f&pi=/&wi=3642577999104193222&pt=home&vi=1693425151933&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2271.625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=21%3A52%3A32.459&id=7997&llvl=2&cv=20230830-8-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
syncframe
gum.criteo.com/ Frame A965
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.theonion.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 19:52:31 GMT
server
Kestrel
server-processing-duration-in-ticks
414286
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
bid
aax.amazon-adsystem.com/e/dtb/
23 B
464 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=s9xaZ4oqnQ6CW&cb=1&ws=1600x1200&v=23.821.1806&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-8%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.240.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-240-30.mxp63.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 2b08544e695e9e7bc49d159008bcc656.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MXP63-P3
x-amz-rid
VSRMYVWZACKWN0EQVAD9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
ifiKlPMfaHCtCbNARlIgGCvGOCFFglzM3LcurXsbyaqKb0BUZvS3Vw==
pub
pixel.adsafeprotected.com/services/
452 B
685 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-8,ss:%5B970.250,728.90,1600.350%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-139.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b87fc020edf51a572f638022539a8914153564893be93f6075bb59fdb4cf2ba3

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
server
nginx
x-server-name
app10.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/
23 B
462 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=s9xaZ4oqnQ6CW&cb=2&ws=1600x1200&v=23.821.1806&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-11%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.240.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-240-30.mxp63.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 2b08544e695e9e7bc49d159008bcc656.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MXP63-P3
x-amz-rid
6B61S6P18E9B7D1MDHCV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
M5FXxu1BZarxVXFbSK4fdAhVhucjtzJWpDwNridI0IK71Nilkrz5Cg==
pub
pixel.adsafeprotected.com/services/
453 B
687 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-11,ss:%5B970.250,728.90,1600.350%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-139.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6f0aa097b5acae03fa57058abcc4abcab6678b91dad284a8c9c27b3b069d0157

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
server
nginx
x-server-name
app07.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
bid
aax.amazon-adsystem.com/e/dtb/
23 B
463 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=s9xaZ4oqnQ6CW&cb=3&ws=1600x1200&v=23.821.1806&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-6%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.240.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-240-30.mxp63.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 2b08544e695e9e7bc49d159008bcc656.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MXP63-P3
x-amz-rid
VDZQVQAT5W6DMBAA8JM8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
0rJ32cDljtQ4vSz6MboBeYqWOzZvhL75n-3I__BDKJe-GiHqVPSHug==
pub
pixel.adsafeprotected.com/services/
452 B
685 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-6,ss:%5B970.250,728.90,1600.350%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.72.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-72-139.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
08287b770e249e7603fcbdfc0eadf23b4c25b1ddb85fd8f4d33f1eb65169dba6

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
server
nginx
x-server-name
app01.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.theonion.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
hb-multi
hb.yellowblue.io/
84 B
607 B
XHR
General
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-15.ams50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
075756bfad52cede356f64b59cd8cac36d0a078521c29a145c03d914385d7284

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
via
1.1 fb60efae608d5d8f2d160585f251caae.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
AMS50-C1
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theonion.com
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
x-amz-cf-id
kXl8bSAqKuIzHAfBf48U-MBL9UuVEuioEvXCSkQnI1FkMA2kWHQ8bA==
alt-svc
h3=":443"; ma=86400
cdb
bidder.criteo.com/
0
194 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=11507867909&lsavail=1
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Wed, 30 Aug 2023 19:52:32 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
krk2.kargo.com/api/v1/
0
499 B
XHR
General
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.222.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-222-132.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
content-encoding
gzip
x-accel-expires
0
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr
508
vary
Accept-Encoding
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
krk-no-bid-reason
consent
expires
Thu, 01 Jan 1970 00:00:00 UTC
auction
tlx.3lift.com/header/
19 B
527 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.4&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.81.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-81-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
accept-ch
sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
gomedia
direct.adsrvr.org/bid/bidder/
0
400 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/gomedia
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.71.161.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac9557e2e67bd8033.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
hbjson
grid.bidswitch.net/
24 B
367 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.110.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-110-75.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
83d89707023bdabe596c878ceaf2caeed2d81ec5c406dbc6e9396a20b9db6f76

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 30 Aug 2023 19:52:32 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
translator
hbopenbid.pubmatic.com/
0
114 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Wed, 30 Aug 2023 19:52:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/
139 B
702 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9e9cdfa9d3a839148c31e94bfc0b388015fff3dcd434deeef2f534679beddce8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
an-x-request-uuid
8b01bbbb-fcfc-4866-9ec0-0b7fec1aea54
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.102; 80.255.7.102; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
krk2.kargo.com/api/v1/
0
499 B
XHR
General
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.222.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-222-132.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
content-encoding
gzip
x-accel-expires
0
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr
508
vary
Accept-Encoding
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
krk-no-bid-reason
consent
expires
Thu, 01 Jan 1970 00:00:00 UTC
gomedia
direct.adsrvr.org/bid/bidder/
0
400 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/gomedia
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.71.161.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac9557e2e67bd8033.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 19:52:31 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
hb-multi
hb.yellowblue.io/
84 B
606 B
XHR
General
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-15.ams50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
25428aa45d22c9d26d2b20bfbfd9e96193e186148d722369cfcf39200ef06114

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
via
1.1 fb60efae608d5d8f2d160585f251caae.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
AMS50-C1
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theonion.com
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
x-amz-cf-id
6Eh4NUzunW8NrDNErZaNII3TRf3WOZWXAA16zzjjIy7exvFYh4bhsQ==
alt-svc
h3=":443"; ma=86400
prebid
ib.adnxs.com/ut/v3/
139 B
701 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
33e4c57f54b9f3dd00e385d9347391d4cd5b4e891c269d697ff92ce66993b145
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
an-x-request-uuid
c4e1fac4-f571-40bb-9327-99c5321ebca4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.102; 80.255.7.102; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/
0
194 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=95422769558&lsavail=1
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Wed, 30 Aug 2023 19:52:32 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
tlx.3lift.com/header/
19 B
543 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.4&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.81.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-81-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hbjson
grid.bidswitch.net/
24 B
367 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.110.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-110-75.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a9572e29501bb30575de5f0a10e4b13994ccaba8584234eb648195af33f7c90f

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 30 Aug 2023 19:52:32 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
translator
hbopenbid.pubmatic.com/
0
58 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Wed, 30 Aug 2023 19:52:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hbjson
grid.bidswitch.net/
24 B
367 B
XHR
General
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.110.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-110-75.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6abd8e5ba4fd48f35ac63b4dbb53bbe8c0fb38c44c5d294a90c3ed30fbd865e1

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 30 Aug 2023 19:52:32 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
gomedia
direct.adsrvr.org/bid/bidder/
0
400 B
XHR
General
Full URL
https://direct.adsrvr.org/bid/bidder/gomedia
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.71.161.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac9557e2e67bd8033.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.theonion.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
prebid
krk2.kargo.com/api/v1/
0
499 B
XHR
General
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.222.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-222-132.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
content-encoding
gzip
x-accel-expires
0
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr
508
vary
Accept-Encoding
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
krk-no-bid-reason
consent
expires
Thu, 01 Jan 1970 00:00:00 UTC
translator
hbopenbid.pubmatic.com/
0
58 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Wed, 30 Aug 2023 19:52:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
tlx.3lift.com/header/
19 B
544 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.4&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.81.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-81-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
accept-ch
sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb-multi
hb.yellowblue.io/
83 B
605 B
XHR
General
Full URL
https://hb.yellowblue.io/hb-multi
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-15.ams50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
fd5b86c44264d85bc83ce8ebc7c8b76067fd6f28f6cacdb308066c917e3ec3da

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
via
1.1 fb60efae608d5d8f2d160585f251caae.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
AMS50-C1
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.theonion.com
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
83
x-amz-cf-id
-1wTx4I-MaqGH0CFzTEhwyFUIFQY_IWdGJ8CAJ3Un7Q5-9Hre_wR-w==
alt-svc
h3=":443"; ma=86400
prebid
ib.adnxs.com/ut/v3/
139 B
701 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d6dffc62434507a58d1f4fca274b181a24ef055e31dcd997a2ff12aa91fa15a1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
an-x-request-uuid
5f0b3bf6-3387-4f6b-a23b-858e1ee39a0c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.102; 80.255.7.102; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/
0
195 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=79764094452&lsavail=1
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.theonion.com
date
Wed, 30 Aug 2023 19:52:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
info
www.theonion.com/api/veritas/
99 B
511 B
Fetch
General
Full URL
https://www.theonion.com/api/veritas/info?pi=c55914e3c22325aaeecb5b97aeff1d2851390aec&cb=1693425152547
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.dba99ae55abaa84738c0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5f1d1f27b205284c3c522013ba3818bcb2544d98efac07813b42ac193a22c0b1
Security Headers
Name Value
Content-Security-Policy default-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Aug 2023 19:52:32 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
master-only
x-kinja-gdpr
true
age
0
x-cache
MISS, MISS, MISS
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-origin-cache
content-length
110
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100139-IAD, cache-iad-kcgs7200158-IAD, cache-fra-eddf8230131-FRA
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-timer
S1693425153.565184,VS0,VE124
x-frame-options
DENY
vary
Accept-Encoding, Authorization, X-Valid-Scroll-User
content-type
application/json
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-cache-hits
0, 0, 0
b
www.theonion.com/api/veritas/
0
0
Fetch
General
Full URL
https://www.theonion.com/api/veritas/b?debug=0
Requested by
Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.dba99ae55abaa84738c0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-Veritas-Version
1.1.2
Content-Encoding
gzip
Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self'
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Wed, 30 Aug 2023 19:52:32 GMT
x-permitted-cross-domain-policies
master-only
x-kinja-gdpr
true
x-cache
MISS, MISS, MISS
x-ua-device
desktop
x-kinja-superheroloaded
true
x-cdn-fetch
mantle-nocache
content-length
0
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200039-IAD, cache-iad-kcgs7200039-IAD, cache-fra-eddf8230131-FRA
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-timer
S1693425153.568727,VS0,VE99
x-frame-options
DENY
cache-control
no-cache, no-store, private
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-cache-hits
0, 0, 0
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-142218-33&cid=1805245862.1693425152&jid=422806013&_u=aGDACEABFAQCACAAI~&z=86608330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-142218-33&cid=1805245862.1693425152&jid=422806013&_u=aGDACEABFAQCACAAI~&z=86608330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame A965
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=theonion.com&sn=ChromeSyncframe&so=0&topUrl=www.theonion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=buUCAnxTbFI2NW11cHpFaC9ETi9TcEp3YnZQYXA2MjJmQjJxWFN4cGUyMUlMWFNoQUJXMzhyMm16Ry9Nek9uWFp3Z29NOTNtZ21kckZ0Q25aalNIbWdhMHJhSzJ3UmltZWRyWVNJUFBZZmNVbjFXaTlNNjYwN3F5QWhxMH...
417 B
650 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=buUCAnxTbFI2NW11cHpFaC9ETi9TcEp3YnZQYXA2MjJmQjJxWFN4cGUyMUlMWFNoQUJXMzhyMm16Ry9Nek9uWFp3Z29NOTNtZ21kckZ0Q25aalNIbWdhMHJhSzJ3UmltZWRyWVNJUFBZZmNVbjFXaTlNNjYwN3F5QWhxMHNUOXkxYVRKL1pOVG54VzRBaGJ2aHQyaVgxMGY2eVZTTld2QnltK2luY1h3L3VwNDQ2aldMZVlJNUJpbHhHRnRXdnI3YjFJQktOc3hYamRRTTNLMktWcy9BMUJrak11YUI5bGdwU3h2L2ppckxrUjJZSXA4blR2NlFRNGp1QkliNURvOVdzWHdWOHBSSU9QRTduVWlwUm5qV0lnbkIrUT09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9b25e8d6ab605efc7fb035c3749028e470773aac72e9da160823eacc67eca9f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1489309
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=buUCAnxTbFI2NW11cHpFaC9ETi9TcEp3YnZQYXA2MjJmQjJxWFN4cGUyMUlMWFNoQUJXMzhyMm16Ry9Nek9uWFp3Z29NOTNtZ21kckZ0Q25aalNIbWdhMHJhSzJ3UmltZWRyWVNJUFBZZmNVbjFXaTlNNjYwN3F5QWhxMHNUOXkxYVRKL1pOVG54VzRBaGJ2aHQyaVgxMGY2eVZTTld2QnltK2luY1h3L3VwNDQ2aldMZVlJNUJpbHhHRnRXdnI3YjFJQktOc3hYamRRTTNLMktWcy9BMUJrak11YUI5bGdwU3h2L2ppckxrUjJZSXA4blR2NlFRNGp1QkliNURvOVdzWHdWOHBSSU9QRTduVWlwUm5qV0lnbkIrUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
248398
content-length
0
expires
0
ads
securepubads.g.doubleclick.net/gampad/
700 B
380 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1855235724996455&correlator=2715293790269027&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x350&ifi=1&didk=136931551&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693425152715&lmt=1693417952&adxs=1200&adys=2887&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=1028&ohw=4000&ga_vid=1805245862.1693425152&ga_sid=1693425153&ga_hid=972883076&ga_fc=true&dlt=1693425150632&idt=1470&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-03%26amznbid%3D2%26amznp%3D2%26fr%3Dtrue%26ias-kw%3DIAS_1509996_PG%2CIAS_1506828_PG%2CIAS_1509460_PG%2CIAS_1508986_PG%2CIAS_1500692_PG%2CIAS_1509978_PG%2CIAS_1507080_PG%2CIAS_1500903_PG%2CIAS_1500902_PG%2CIAS_1508967_PG%2CIAS_1507654_PG%26drg%3DveryLow%26vio%3Dmedium%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&adks=4125576778&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9866cd24b956df5275bb71ef89a505a94756c7b42e6a034abfe04c153ff0fad3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
349
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70171f700f143805bb7e6ad7ea966a9359d48899ddab946e7c9481c0eb3cf1fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11805
x-xss-protection
0
container.html
cd2020116f48f83919f82302ca852368.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7BB0
6 KB
3 KB
Document
General
Full URL
https://cd2020116f48f83919f82302ca852368.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 19:52:32 GMT
expires
Thu, 29 Aug 2024 19:52:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
country
api.btloader.com/
16 B
141 B
Fetch
General
Full URL
https://api.btloader.com/country
Requested by
Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=SRrv7DLJ1&w=5197056576585728&o=5726495427264512&cv=2.1.17-2-g0b33bd3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.theonion.com%2F&sid=jeHou82c&upapi=true
Requested by
Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 19:52:32 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
ads
securepubads.g.doubleclick.net/gampad/
619 B
305 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1855235724996455&correlator=2715293790269027&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x350&ifi=2&didk=1378598708&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693425152738&lmt=1693417952&adxs=1200&adys=1485&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=1028&ohw=4000&ga_vid=1805245862.1693425152&ga_sid=1693425153&ga_hid=972883076&ga_fc=true&dlt=1693425150632&idt=1470&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-01%26amznbid%3D2%26amznp%3D2%26fr%3Dtrue%26ias-kw%3DIAS_1509996_PG%2CIAS_1506828_PG%2CIAS_1509460_PG%2CIAS_1508986_PG%2CIAS_1500692_PG%2CIAS_1509978_PG%2CIAS_1507080_PG%2CIAS_1500903_PG%2CIAS_1500902_PG%2CIAS_1508967_PG%2CIAS_1507654_PG%26drg%3DveryLow%26vio%3Dmedium%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow%26id%3Db7c045b5-476e-11ee-a356-06d8cca89c2a%26vw05%3D40%26vw%3D40%2C50%2C60&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&adks=1031481273&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
287799dfa205b711ffeb45d34647b7b77655d51630264a6c26bfa5418a62c082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
274
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
619 B
306 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1855235724996455&correlator=2715293790269027&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90%7C1600x350&ifi=3&didk=1378598719&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693425152751&lmt=1693417952&adxs=1515&adys=334&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&vis=1&psz=4000x351&msz=4000x351&fws=1028&ohw=4000&ga_vid=1805245862.1693425152&ga_sid=1693425153&ga_hid=972883076&ga_fc=true&dlt=1693425150632&idt=1470&prev_scp=article_position%3Dnone%26pos%3Dtop%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dtop-01%26amznbid%3D2%26amznp%3D2%26fr%3Dtrue%26ias-kw%3DIAS_1509996_PG%2CIAS_1506828_PG%2CIAS_1509460_PG%2CIAS_1508986_PG%2CIAS_1500692_PG%2CIAS_1509978_PG%2CIAS_1507080_PG%2CIAS_1500903_PG%2CIAS_1500902_PG%2CIAS_1508967_PG%2CIAS_1507654_PG%26drg%3DveryLow%26vio%3Dmedium%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&adks=180257879&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35a5eb23e381237ec64332615f53eccc57572bafecc2de4747a557bcd05cedf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
275
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
st
imprammp.taboola.com/ Frame 4D56
422 B
367 B
Document
General
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8UrACLAa4zxSqaZlt8xJwnylU0zLb5i0AAABgYID-AMmthhPDZGZaC2c2y1o0s6zcyo1nsRaOdjPHZjDcWDbGISC51XBimMxMa-HMZlmLZpaVW7nxLNbC0W7m2AyGG8vGOAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKQUHeTy250Od3-AAAAAAACAAAAgAQAQj9PCQAZEsET__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQlxLGM4Zl3FQiBbRFGAEAAACA-j8wOzJJJ6hYVPn__--3AnAFACBAESngJT-L7qDEWxgAAAAAMXgZ8lVK1IapYxboYfH7zQ67xu92mf________9_M_9n_tEIHXGlpAkaKPxQ8wsIALDmFxAAgM24AQB4IwAn5GSg6XT4XPd63e93Fx1dfrvTb7dr_G6_6BC0YjBYnYCYHQAAAIA7_____3jwMuSrlKgNU_WAjHM5GJlMhuFkNbNMJqaRyzHxTUY2j3Pjmkwcju1B7LFexQevZ-0jIiyz33cQ8t0uw8PnMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBFO-yWpmmuzWIttm5BZtRha3cjNcuGWz4XKx3Dgng9nELXp9TBeXc7LZzbxIMMBkL5KnRTpRbUaziW83cpgmtonHs9lYXMvhYLFcjIbD4cbkmoglmpNFOpFd9h3ncjAymQzDyWpmmUxMI5dj4puMbB7nxjWZOBz7lm-ympkmu7XIthm5RZuRxa3cDBdu2Wy4XCw3zslgNnGLXh_TxeWcbHYzf2O23Iwmq8VqsW_MlpvRZLVYLfYdJtMz9TkbrTHx5SNzZkY3h-vmNChcBov3JzEtpt3ZwXT2HZ025bbZ2Rn9fr_f7_f7_X6_36D1HMwGhe9b9ht1a7E5WNwcDGKDQRFLBBfpROd3u0xOh2MtOrr8dqffbhFLlKaLdKIv-t0uw8Pn8lfEEsHpIp0I_W6XRf1HDDiYS1aruW6uGExWCQAAAAAAAADAEkwz3QQAAADAyaCGy8Vitk4HMxnOFqPZcgFceJLp-nnnRPWdCkrbJdOYQHYhJGNcrLHHIs7vdpmcDsdadHT57U6_3coALjytmG32GUGs1WpZAwAAEMAGAAAgwE033gSkUHH_____4wAAAMjIoQcAAEC_D4hqdmZmZmaGH0EOZ6P9A1Ah1mq1ut1Yq9UKWHDL3Wozgf____8!&cmcv=&pix=undefined&cb=1693425152765&uv=3322&tms=1693425152765&abt=nonrv_vA!u2822_vA!ufm_vE!ul3328_vB!unf_vC&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=758b02f4-8ff2-4f2e-9c31-847f1308c2c8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4b54947dc9df808e61308f3e1dd35b407a66a4aecccdd72a10c400a348a86fab

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 30 Aug 2023 19:52:32 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220064-FRA
x-timer
S1693425153.792517,VS0,VE10
sync
am-match.taboola.com/ Frame E40C
439 B
524 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V8UrACLAa4zxSqaZlt8xJwnylU0zLb5i0AAABgYID-AMmthhPDZGZaC2c2y1o0s6zcyo1nsRaOdjPHZjDcWDbGISC51XBimMxMa-HMZlmLZpaVW7nxLNbC0W7m2AyGG8vGOAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKQUHeTy250Od3-AAAAAAACAAAAgAQAQj9PCQAZEsET__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQlxLGM4Zl3FQiBbRFGAEAAACA-j8wOzJJJ6hYVPn__--3AnAFACBAESngJT-L7qDEWxgAAAAAMXgZ8lVK1IapYxboYfH7zQ67xu92mf________9_M_9n_tEIHXGlpAkaKPxQ8wsIALDmFxAAgM24AQB4IwAn5GSg6XT4XPd63e93Fx1dfrvTb7dr_G6_6BC0YjBYnYCYHQAAAIA7_____3jwMuSrlKgNU_WAjHM5GJlMhuFkNbNMJqaRyzHxTUY2j3Pjmkwcju1B7LFexQevZ-0jIiyz33cQ8t0uw8PnMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBFO-yWpmmuzWIttm5BZtRha3cjNcuGWz4XKx3Dgng9nELXp9TBeXc7LZzbxIMMBkL5KnRTpRbUaziW83cpgmtonHs9lYXMvhYLFcjIbD4cbkmoglmpNFOpFd9h3ncjAymQzDyWpmmUxMI5dj4puMbB7nxjWZOBz7lm-ympkmu7XIthm5RZuRxa3cDBdu2Wy4XCw3zslgNnGLXh_TxeWcbHYzf2O23Iwmq8VqsW_MlpvRZLVYLfYdJtMz9TkbrTHx5SNzZkY3h-vmNChcBov3JzEtpt3ZwXT2HZ025bbZ2Rn9fr_f7_f7_X6_36D1HMwGhe9b9ht1a7E5WNwcDGKDQRFLBBfpROd3u0xOh2MtOrr8dqffbhFLlKaLdKIv-t0uw8Pn8lfEEsHpIp0I_W6XRf1HDDiYS1aruW6uGExWCQAAAAAAAADAEkwz3QQAAADAyaCGy8Vitk4HMxnOFqPZcgFceJLp-nnnRPWdCkrbJdOYQHYhJGNcrLHHIs7vdpmcDsdadHT57U6_3coALjytmG32GUGs1WpZAwAAEMAGAAAgwE033gSkUHH_____4wAAAMjIoQcAAEC_D4hqdmZmZmaGH0EOZ6P9A1Ah1mq1ut1Yq9UKWHDL3Wozgf____8!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
eecdb27bb1651ba9b6ea7d362462042d834db5a119d8933967c35c8968e87304

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 30 Aug 2023 19:52:32 GMT
machineid
3407
server
nginx
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8UrACLAa4zxSqaZlt8xJwnylU0zLb5i0AAABgYID-AMmthhPDZGZaC2c2y1o0s6zcyo1nsRaOdjPHZjDcWDbGISC51XBimMxMa-HMZlmLZpaVW7nxLNbC0W7m2AyGG8vGOAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKQUHeTy250Od3-AAAAAAACAAAAgAQAQj9PCQAZEsET__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQlxLGM4Zl3FQiBbRFGAEAAACA-j8wOzJJJ6hYVPn__--3AnAFACBAESngJT-L7qDEWxgAAAAAMXgZ8lVK1IapYxboYfH7zQ67xu92mf________9_M_9n_tEIHXGlpAkaKPxQ8wsIALDmFxAAgM24AQB4IwAn5GSg6XT4XPd63e93Fx1dfrvTb7dr_G6_6BC0YjBYnYCYHQAAAIA7_____3jwMuSrlKgNU_WAjHM5GJlMhuFkNbNMJqaRyzHxTUY2j3Pjmkwcju1B7LFexQevZ-0jIiyz33cQ8t0uw8PnMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBFO-yWpmmuzWIttm5BZtRha3cjNcuGWz4XKx3Dgng9nELXp9TBeXc7LZzbxIMMBkL5KnRTpRbUaziW83cpgmtonHs9lYXMvhYLFcjIbD4cbkmoglmpNFOpFd9h3ncjAymQzDyWpmmUxMI5dj4puMbB7nxjWZOBz7lm-ympkmu7XIthm5RZuRxa3cDBdu2Wy4XCw3zslgNnGLXh_TxeWcbHYzf2O23Iwmq8VqsW_MlpvRZLVYLfYdJtMz9TkbrTHx5SNzZkY3h-vmNChcBov3JzEtpt3ZwXT2HZ025bbZ2Rn9fr_f7_f7_X6_36D1HMwGhe9b9ht1a7E5WNwcDGKDQRFLBBfpROd3u0xOh2MtOrr8dqffbhFLlKaLdKIv-t0uw8Pn8lfEEsHpIp0I_W6XRf1HDDiYS1aruW6uGExWCQAAAAAAAADAEkwz3QQAAADAyaCGy8Vitk4HMxnOFqPZcgFceJLp-nnnRPWdCkrbJdOYQHYhJGNcrLHHIs7vdpmcDsdadHT57U6_3coALjytmG32GUGs1WpZAwAAEMAGAAAgwE033gSkUHH_____4wAAAMjIoQcAAEC_D4hqdmZmZmaGH0EOZ6P9A1Ah1mq1ut1Yq9UKWHDL3Wozgf____8!&cmcv=&pix=31589837&cb=1693425152765&uv=3322&tms=1693425152765&abt=nonrv_vA!u2822_vA!ufm_vE!ul3328_vB!unf_vC&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1693425150442.2!ts:1693425152765&mntl=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
content-length
0
server
nginx
ads
securepubads.g.doubleclick.net/gampad/
619 B
312 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1855235724996455&correlator=2715293790269027&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x350&ifi=4&didk=1378598710&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693425152782&lmt=1693417952&adxs=1200&adys=2043&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=1028&ohw=4000&ga_vid=1805245862.1693425152&ga_sid=1693425153&ga_hid=972883076&ga_fc=true&dlt=1693425150632&idt=1470&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-02%26amznbid%3D2%26amznp%3D2%26fr%3Dtrue%26ias-kw%3DIAS_1509996_PG%2CIAS_1506828_PG%2CIAS_1509460_PG%2CIAS_1508986_PG%2CIAS_1500692_PG%2CIAS_1509978_PG%2CIAS_1507080_PG%2CIAS_1500903_PG%2CIAS_1500902_PG%2CIAS_1508967_PG%2CIAS_1507654_PG%26drg%3DveryLow%26vio%3Dmedium%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&adks=868566020&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7433cb53a5e5c007e4b84f82a48864554f9521f269e2b658c12cf3de67629a2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:34 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 4D56
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8UrACLAa4zxSqaZlt8xJwnylU0zLb5i0AAABgYID-AMmthhPDZGZaC2c2y1o0s6zcyo1nsRaOdjPHZjDcWDbGISC51XBimMxMa-HMZlmLZpaVW7nxLNbC0W7m2AyGG8vGOAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKQUHeTy250Od3-AAAAAAACAAAAgAQAQj9PCQAZEsET__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQlxLGM4Zl3FQiBbRFGAEAAACA-j8wOzJJJ6hYVPn__--3AnAFACBAESngJT-L7qDEWxgAAAAAMXgZ8lVK1IapYxboYfH7zQ67xu92mf________9_M_9n_tEIHXGlpAkaKPxQ8wsIALDmFxAAgM24AQB4IwAn5GSg6XT4XPd63e93Fx1dfrvTb7dr_G6_6BC0YjBYnYCYHQAAAIA7_____3jwMuSrlKgNU_WAjHM5GJlMhuFkNbNMJqaRyzHxTUY2j3Pjmkwcju1B7LFexQevZ-0jIiyz33cQ8t0uw8PnMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBFO-yWpmmuzWIttm5BZtRha3cjNcuGWz4XKx3Dgng9nELXp9TBeXc7LZzbxIMMBkL5KnRTpRbUaziW83cpgmtonHs9lYXMvhYLFcjIbD4cbkmoglmpNFOpFd9h3ncjAymQzDyWpmmUxMI5dj4puMbB7nxjWZOBz7lm-ympkmu7XIthm5RZuRxa3cDBdu2Wy4XCw3zslgNnGLXh_TxeWcbHYzf2O23Iwmq8VqsW_MlpvRZLVYLfYdJtMz9TkbrTHx5SNzZkY3h-vmNChcBov3JzEtpt3ZwXT2HZ025bbZ2Rn9fr_f7_f7_X6_36D1HMwGhe9b9ht1a7E5WNwcDGKDQRFLBBfpROd3u0xOh2MtOrr8dqffbhFLlKaLdKIv-t0uw8Pn8lfEEsHpIp0I_W6XRf1HDDiYS1aruW6uGExWCQAAAAAAAADAEkwz3QQAAADAyaCGy8Vitk4HMxnOFqPZcgFceJLp-nnnRPWdCkrbJdOYQHYhJGNcrLHHIs7vdpmcDsdadHT57U6_3coALjytmG32GUGs1WpZAwAAEMAGAAAgwE033gSkUHH_____4wAAAMjIoQcAAEC_D4hqdmZmZmaGH0EOZ6P9A1Ah1mq1ut1Yq9UKWHDL3Wozgf____8!&cmcv=&pix=undefined&cb=1693425152765&uv=3322&tms=1693425152765&abt=nonrv_vA!u2822_vA!ufm_vE!ul3328_vB!unf_vC&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=758b02f4-8ff2-4f2e-9c31-847f1308c2c8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
e725f427-d63d-43db-938a-668919c9206b-tuctbe9237f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 4D56
43 B
426 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/e725f427-d63d-43db-938a-668919c9206b-tuctbe9237f?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8UrACLAa4zxSqaZlt8xJwnylU0zLb5i0AAABgYID-AMmthhPDZGZaC2c2y1o0s6zcyo1nsRaOdjPHZjDcWDbGISC51XBimMxMa-HMZlmLZpaVW7nxLNbC0W7m2AyGG8vGOAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKQUHeTy250Od3-AAAAAAACAAAAgAQAQj9PCQAZEsET__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQlxLGM4Zl3FQiBbRFGAEAAACA-j8wOzJJJ6hYVPn__--3AnAFACBAESngJT-L7qDEWxgAAAAAMXgZ8lVK1IapYxboYfH7zQ67xu92mf________9_M_9n_tEIHXGlpAkaKPxQ8wsIALDmFxAAgM24AQB4IwAn5GSg6XT4XPd63e93Fx1dfrvTb7dr_G6_6BC0YjBYnYCYHQAAAIA7_____3jwMuSrlKgNU_WAjHM5GJlMhuFkNbNMJqaRyzHxTUY2j3Pjmkwcju1B7LFexQevZ-0jIiyz33cQ8t0uw8PnMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBFO-yWpmmuzWIttm5BZtRha3cjNcuGWz4XKx3Dgng9nELXp9TBeXc7LZzbxIMMBkL5KnRTpRbUaziW83cpgmtonHs9lYXMvhYLFcjIbD4cbkmoglmpNFOpFd9h3ncjAymQzDyWpmmUxMI5dj4puMbB7nxjWZOBz7lm-ympkmu7XIthm5RZuRxa3cDBdu2Wy4XCw3zslgNnGLXh_TxeWcbHYzf2O23Iwmq8VqsW_MlpvRZLVYLfYdJtMz9TkbrTHx5SNzZkY3h-vmNChcBov3JzEtpt3ZwXT2HZ025bbZ2Rn9fr_f7_f7_X6_36D1HMwGhe9b9ht1a7E5WNwcDGKDQRFLBBfpROd3u0xOh2MtOrr8dqffbhFLlKaLdKIv-t0uw8Pn8lfEEsHpIp0I_W6XRf1HDDiYS1aruW6uGExWCQAAAAAAAADAEkwz3QQAAADAyaCGy8Vitk4HMxnOFqPZcgFceJLp-nnnRPWdCkrbJdOYQHYhJGNcrLHHIs7vdpmcDsdadHT57U6_3coALjytmG32GUGs1WpZAwAAEMAGAAAgwE033gSkUHH_____4wAAAMjIoQcAAEC_D4hqdmZmZmaGH0EOZ6P9A1Ah1mq1ut1Yq9UKWHDL3Wozgf____8!&cmcv=&pix=undefined&cb=1693425152765&uv=3322&tms=1693425152765&abt=nonrv_vA!u2822_vA!ufm_vE!ul3328_vB!unf_vC&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=758b02f4-8ff2-4f2e-9c31-847f1308c2c8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:f14:89f9:e156:6aa1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 4D56
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8UrACLAa4zxSqaZlt8xJwnylU0zLb5i0AAABgYID-AMmthhPDZGZaC2c2y1o0s6zcyo1nsRaOdjPHZjDcWDbGISC51XBimMxMa-HMZlmLZpaVW7nxLNbC0W7m2AyGG8vGOAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKQUHeTy250Od3-AAAAAAACAAAAgAQAQj9PCQAZEsET__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQlxLGM4Zl3FQiBbRFGAEAAACA-j8wOzJJJ6hYVPn__--3AnAFACBAESngJT-L7qDEWxgAAAAAMXgZ8lVK1IapYxboYfH7zQ67xu92mf________9_M_9n_tEIHXGlpAkaKPxQ8wsIALDmFxAAgM24AQB4IwAn5GSg6XT4XPd63e93Fx1dfrvTb7dr_G6_6BC0YjBYnYCYHQAAAIA7_____3jwMuSrlKgNU_WAjHM5GJlMhuFkNbNMJqaRyzHxTUY2j3Pjmkwcju1B7LFexQevZ-0jIiyz33cQ8t0uw8PnMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBFO-yWpmmuzWIttm5BZtRha3cjNcuGWz4XKx3Dgng9nELXp9TBeXc7LZzbxIMMBkL5KnRTpRbUaziW83cpgmtonHs9lYXMvhYLFcjIbD4cbkmoglmpNFOpFd9h3ncjAymQzDyWpmmUxMI5dj4puMbB7nxjWZOBz7lm-ympkmu7XIthm5RZuRxa3cDBdu2Wy4XCw3zslgNnGLXh_TxeWcbHYzf2O23Iwmq8VqsW_MlpvRZLVYLfYdJtMz9TkbrTHx5SNzZkY3h-vmNChcBov3JzEtpt3ZwXT2HZ025bbZ2Rn9fr_f7_f7_X6_36D1HMwGhe9b9ht1a7E5WNwcDGKDQRFLBBfpROd3u0xOh2MtOrr8dqffbhFLlKaLdKIv-t0uw8Pn8lfEEsHpIp0I_W6XRf1HDDiYS1aruW6uGExWCQAAAAAAAADAEkwz3QQAAADAyaCGy8Vitk4HMxnOFqPZcgFceJLp-nnnRPWdCkrbJdOYQHYhJGNcrLHHIs7vdpmcDsdadHT57U6_3coALjytmG32GUGs1WpZAwAAEMAGAAAgwE033gSkUHH_____4wAAAMjIoQcAAEC_D4hqdmZmZmaGH0EOZ6P9A1Ah1mq1ut1Yq9UKWHDL3Wozgf____8!&cmcv=&pix=undefined&cb=1693425152765&uv=3322&tms=1693425152765&abt=nonrv_vA!u2822_vA!ufm_vE!ul3328_vB!unf_vC&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=758b02f4-8ff2-4f2e-9c31-847f1308c2c8&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.211.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-211-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame E40C
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8UrACLAa4zxSqaZlt8xJwnylU0zLb5i0AAABgYID-AMmthhPDZGZaC2c2y1o0s6zcyo1nsRaOdjPHZjDcWDbGISC51XBimMxMa-HMZlmLZpaVW7nxLNbC0W7m2AyGG8vGOAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKQUHeTy250Od3-AAAAAAACAAAAgAQAQj9PCQAZEsET__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQlxLGM4Zl3FQiBbRFGAEAAACA-j8wOzJJJ6hYVPn__--3AnAFACBAESngJT-L7qDEWxgAAAAAMXgZ8lVK1IapYxboYfH7zQ67xu92mf________9_M_9n_tEIHXGlpAkaKPxQ8wsIALDmFxAAgM24AQB4IwAn5GSg6XT4XPd63e93Fx1dfrvTb7dr_G6_6BC0YjBYnYCYHQAAAIA7_____3jwMuSrlKgNU_WAjHM5GJlMhuFkNbNMJqaRyzHxTUY2j3Pjmkwcju1B7LFexQevZ-0jIiyz33cQ8t0uw8PnMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBFO-yWpmmuzWIttm5BZtRha3cjNcuGWz4XKx3Dgng9nELXp9TBeXc7LZzbxIMMBkL5KnRTpRbUaziW83cpgmtonHs9lYXMvhYLFcjIbD4cbkmoglmpNFOpFd9h3ncjAymQzDyWpmmUxMI5dj4puMbB7nxjWZOBz7lm-ympkmu7XIthm5RZuRxa3cDBdu2Wy4XCw3zslgNnGLXh_TxeWcbHYzf2O23Iwmq8VqsW_MlpvRZLVYLfYdJtMz9TkbrTHx5SNzZkY3h-vmNChcBov3JzEtpt3ZwXT2HZ025bbZ2Rn9fr_f7_f7_X6_36D1HMwGhe9b9ht1a7E5WNwcDGKDQRFLBBfpROd3u0xOh2MtOrr8dqffbhFLlKaLdKIv-t0uw8Pn8lfEEsHpIp0I_W6XRf1HDDiYS1aruW6uGExWCQAAAAAAAADAEkwz3QQAAADAyaCGy8Vitk4HMxnOFqPZcgFceJLp-nnnRPWdCkrbJdOYQHYhJGNcrLHHIs7vdpmcDsdadHT57U6_3coALjytmG32GUGs1WpZAwAAEMAGAAAgwE033gSkUHH_____4wAAAMjIoQcAAEC_D4hqdmZmZmaGH0EOZ6P9A1Ah1mq1ut1Yq9UKWHDL3Wozgf____8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 19:52:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
e725f427-d63d-43db-938a-668919c9206b-tuctbe9237f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame E40C
43 B
425 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/e725f427-d63d-43db-938a-668919c9206b-tuctbe9237f?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8UrACLAa4zxSqaZlt8xJwnylU0zLb5i0AAABgYID-AMmthhPDZGZaC2c2y1o0s6zcyo1nsRaOdjPHZjDcWDbGISC51XBimMxMa-HMZlmLZpaVW7nxLNbC0W7m2AyGG8vGOAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKQUHeTy250Od3-AAAAAAACAAAAgAQAQj9PCQAZEsET__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQlxLGM4Zl3FQiBbRFGAEAAACA-j8wOzJJJ6hYVPn__--3AnAFACBAESngJT-L7qDEWxgAAAAAMXgZ8lVK1IapYxboYfH7zQ67xu92mf________9_M_9n_tEIHXGlpAkaKPxQ8wsIALDmFxAAgM24AQB4IwAn5GSg6XT4XPd63e93Fx1dfrvTb7dr_G6_6BC0YjBYnYCYHQAAAIA7_____3jwMuSrlKgNU_WAjHM5GJlMhuFkNbNMJqaRyzHxTUY2j3Pjmkwcju1B7LFexQevZ-0jIiyz33cQ8t0uw8PnMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBFO-yWpmmuzWIttm5BZtRha3cjNcuGWz4XKx3Dgng9nELXp9TBeXc7LZzbxIMMBkL5KnRTpRbUaziW83cpgmtonHs9lYXMvhYLFcjIbD4cbkmoglmpNFOpFd9h3ncjAymQzDyWpmmUxMI5dj4puMbB7nxjWZOBz7lm-ympkmu7XIthm5RZuRxa3cDBdu2Wy4XCw3zslgNnGLXh_TxeWcbHYzf2O23Iwmq8VqsW_MlpvRZLVYLfYdJtMz9TkbrTHx5SNzZkY3h-vmNChcBov3JzEtpt3ZwXT2HZ025bbZ2Rn9fr_f7_f7_X6_36D1HMwGhe9b9ht1a7E5WNwcDGKDQRFLBBfpROd3u0xOh2MtOrr8dqffbhFLlKaLdKIv-t0uw8Pn8lfEEsHpIp0I_W6XRf1HDDiYS1aruW6uGExWCQAAAAAAAADAEkwz3QQAAADAyaCGy8Vitk4HMxnOFqPZcgFceJLp-nnnRPWdCkrbJdOYQHYhJGNcrLHHIs7vdpmcDsdadHT57U6_3coALjytmG32GUGs1WpZAwAAEMAGAAAgwE033gSkUHH_____4wAAAMjIoQcAAEC_D4hqdmZmZmaGH0EOZ6P9A1Ah1mq1ut1Yq9UKWHDL3Wozgf____8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:f14:89f9:e156:6aa1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame E40C
0
125 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8UrACLAa4zxSqaZlt8xJwnylU0zLb5i0AAABgYID-AMmthhPDZGZaC2c2y1o0s6zcyo1nsRaOdjPHZjDcWDbGISC51XBimMxMa-HMZlmLZpaVW7nxLNbC0W7m2AyGG8vGOAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKQUHeTy250Od3-AAAAAAACAAAAgAQAQj9PCQAZEsET__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQlxLGM4Zl3FQiBbRFGAEAAACA-j8wOzJJJ6hYVPn__--3AnAFACBAESngJT-L7qDEWxgAAAAAMXgZ8lVK1IapYxboYfH7zQ67xu92mf________9_M_9n_tEIHXGlpAkaKPxQ8wsIALDmFxAAgM24AQB4IwAn5GSg6XT4XPd63e93Fx1dfrvTb7dr_G6_6BC0YjBYnYCYHQAAAIA7_____3jwMuSrlKgNU_WAjHM5GJlMhuFkNbNMJqaRyzHxTUY2j3Pjmkwcju1B7LFexQevZ-0jIiyz33cQ8t0uw8PnMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBFO-yWpmmuzWIttm5BZtRha3cjNcuGWz4XKx3Dgng9nELXp9TBeXc7LZzbxIMMBkL5KnRTpRbUaziW83cpgmtonHs9lYXMvhYLFcjIbD4cbkmoglmpNFOpFd9h3ncjAymQzDyWpmmUxMI5dj4puMbB7nxjWZOBz7lm-ympkmu7XIthm5RZuRxa3cDBdu2Wy4XCw3zslgNnGLXh_TxeWcbHYzf2O23Iwmq8VqsW_MlpvRZLVYLfYdJtMz9TkbrTHx5SNzZkY3h-vmNChcBov3JzEtpt3ZwXT2HZ025bbZ2Rn9fr_f7_f7_X6_36D1HMwGhe9b9ht1a7E5WNwcDGKDQRFLBBfpROd3u0xOh2MtOrr8dqffbhFLlKaLdKIv-t0uw8Pn8lfEEsHpIp0I_W6XRf1HDDiYS1aruW6uGExWCQAAAAAAAADAEkwz3QQAAADAyaCGy8Vitk4HMxnOFqPZcgFceJLp-nnnRPWdCkrbJdOYQHYhJGNcrLHHIs7vdpmcDsdadHT57U6_3coALjytmG32GUGs1WpZAwAAEMAGAAAgwE033gSkUHH_____4wAAAMjIoQcAAEC_D4hqdmZmZmaGH0EOZ6P9A1Ah1mq1ut1Yq9UKWHDL3Wozgf____8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Aug 2023 19:52:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 17E9
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5661
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 18:18:12 GMT
expires
Thu, 29 Aug 2024 18:18:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 25BF
829 B
995 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f4a0923db6f375bb95c5e1711d0343658f1d7a066ade8e2e3c62d4eb2508a77a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FthD7CVki1UkG4DBldVM7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-FthD7CVki1UkG4DBldVM7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 19:52:33 GMT
expires
Wed, 30 Aug 2023 19:52:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
pagead2.googlesyndication.com/bg/ Frame 17E9
37 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 17:24:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
95308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14706
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 17:24:05 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 25BF
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240101&jk=1855235724996455&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

bulk
trc.taboola.com/gomedia1-theonion/log/3/
0
309 B
XHR
General
Full URL
https://trc.taboola.com/gomedia1-theonion/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Wed, 30 Aug 2023 19:52:33 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
8328
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220064-FRA
pragma
no-cache
server
nginx
x-timer
S1693425153.332000,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
generate_204
tpc.googlesyndication.com/ Frame 17E9
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?7-IANQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
723 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 30 Aug 2023 19:52:33 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
19515
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-etou8220064-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1693425153.484040,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
62
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
8274
publishertag.prebid.136.js
static.criteo.net/js/ld/
93 KB
30 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.43bf42174e14caab7eaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Aug 2023 19:52:33 GMT
syncframe
gum.criteo.com/ Frame FF01
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.theonion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 19:52:33 GMT
server
Kestrel
server-processing-duration-in-ticks
1055524
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/
93 KB
30 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Aug 2023 19:52:33 GMT
sid
mug.criteo.com/ Frame FF01
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=theonion.com&sn=ChromeSyncframe&so=3&topUrl=www.theonion.com&bundle=uBGmtl9KeG5aN0p0eGY5eTFGS0lCZk5UUlR3Z0tPbElUN0R6ZGZrYndpUGdhb2xzaHVyR0...
  • https://mug.criteo.com/sid?cpp=yGLkhHx6UFQyUzVPT3BlblBRbjRYTVBobXlJU1RuL2VvTnBjZHhac1ZMR0lqODIrV2k0UXpCeDE4SDQrK0lwVHJRNUJ5UGNxUUcyVWNOeGgwTktKcVdTM0M2Y2FjeDR4TjJBb1JRRkZrRUFWMHk1cUszU0ZJTE03d1Z2Y0...
415 B
643 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=yGLkhHx6UFQyUzVPT3BlblBRbjRYTVBobXlJU1RuL2VvTnBjZHhac1ZMR0lqODIrV2k0UXpCeDE4SDQrK0lwVHJRNUJ5UGNxUUcyVWNOeGgwTktKcVdTM0M2Y2FjeDR4TjJBb1JRRkZrRUFWMHk1cUszU0ZJTE03d1Z2Y0VkSzVXbU14YUFqU1pKN1VZaDNpSDFCRjdTUkF3T04rbEViREJpOEMvRm54Q2dkU0ZrMEkxc0lLU3hSckRycWJLZDNyODBEZzFHeXRYejYvSHhUUWs1ZjM4WmZFS0J3K2FMeDJXbkhnK2doQ0IwYUlvWlZLWXJFSHoxaHhSZHFMc1BURlJ2QlpMblBiMmpxTUI0OFoySkVONUI3eXBiYmhSOVBjS2NVOEU4VHU3M0dNSExFMD18&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6a7965a7807b59a503fc3320316550e921afcc5705d2862c06592a139687d4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1188674
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=yGLkhHx6UFQyUzVPT3BlblBRbjRYTVBobXlJU1RuL2VvTnBjZHhac1ZMR0lqODIrV2k0UXpCeDE4SDQrK0lwVHJRNUJ5UGNxUUcyVWNOeGgwTktKcVdTM0M2Y2FjeDR4TjJBb1JRRkZrRUFWMHk1cUszU0ZJTE03d1Z2Y0VkSzVXbU14YUFqU1pKN1VZaDNpSDFCRjdTUkF3T04rbEViREJpOEMvRm54Q2dkU0ZrMEkxc0lLU3hSckRycWJLZDNyODBEZzFHeXRYejYvSHhUUWs1ZjM4WmZFS0J3K2FMeDJXbkhnK2doQ0IwYUlvWlZLWXJFSHoxaHhSZHFMc1BURlJ2QlpMblBiMmpxTUI0OFoySkVONUI3eXBiYmhSOVBjS2NVOEU4VHU3M0dNSExFMD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
293582
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240101&jk=1855235724996455&bg=!5Oel56jNAAYkVgHwBFY7ADQBe5WfOHRyHWPhq0RWIkM7F3Gx6rky_d-iqRZuwEi5N9QmyAx5tmGRJkG0IXzZh0k7NxlGAgAAAE1SAAAACWgBB5kCy7_KyVOk8aipJ9YUcwN754Rib9YtiE-GzMoytNxBpug3dAI8QhjmEaEsIyM-E5P8C34QnJeMuB-GQzXvu9qTnMqwlYIb3pr67Oi9LvZgSSBr9icksRgJYCvD_Um-ef6xEAjEeCB7M6XGHmrBh3M3vn8M4ZYoYBRCg9lPqsJncxPK0zbwLXtmpN5YPCgrspW2lHeoPT_OyoFPFFsrDz6LHw1bMuA4vntJRCEnGRqgPwXaweodE24BU4iDqoAjrteuvNhaw3vXFQsvuAnH0Bt5CuqKzBxbtG5_vv1B74gYQYHPohgbiLyx-vm0N8bkaIPW_CwpWSue5KYwnler6iBpnwaeg_e4FpogOK7-vivEzNq_lV5hEFOMs9Mja1Cfwj74bVd_QKJ7zpCW3pxb7RUdhzseKDYD3E-pPJtu5M_uhVfSISveerQ8zOHrMyvlXEoys_o3mfWwD-u_nAhGAgt88CRyUspzTo9XGch1H-wPSCR9ahGSopr2TAAQPPcoVBu4EtzCajZWTnS9YnijgAlO5huYXYeZAEDAshSuNRqCu3bmU-DkWi8F3BwI16cNFHAmA8iT5NWDon07Ws0iSgyfxjoBph3kmQy3tZ5Gw_9JEdwBQmRzQKA83RHsPJ6SBF4f7qaS1cv0Hd_M9-22TXDANWoV64Y951Jcn_YFg8H0MpMxfgnWdWk6faa3Mo5XbCXVQtbhWFD7n8z-zsc9xNrN_rBa_PIfH-3XslKL9e6O3pjjRQgPsX3G8dhTi0N3kqoKn65iLmCNNi8obVgiXcPqmPaUYsWyXd8cIFSmV7b3zw5ZbkLasoQSiiAgTvp869heGauEpOIE66xLyQ-rvvSrpcdDWj8M3AjX7ClQkG1fFYFF8iSnUu5t-0ok3Zb576125KVo9qe-bnioogUMpKRML0_v8nz6OJ-CNJH1K7SA--ep3LsyodfJsrdsgck
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

cds-pips.js
cdn.taboola.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 19:52:34 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
391
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-etou8220064-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1693425154.224994,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
2
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
2304
/
pips.taboola.com/
64 B
246 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
25ac7ebc6f8b030b8f4226372357c109c1defb5383a2a83bce7a4d4027ea618b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230098-FRA
date
Wed, 30 Aug 2023 19:52:34 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.theonion.com
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/
0
82 B
XHR
General
Full URL
https://cds.taboola.com/?uid=e725f427-d63d-43db-938a-668919c9206b-tuctbe9237f&uad=9ca5a1cdf97cb07f4a1c6d032fc4fb26ed02c8334f2baa6daf81f70b7fd0dc52&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 19:52:34 GMT
cache-control
no-store
server
nginx
action_links.json
fr-actions.trackonomics.net/prod/www.theonion.com/
4 B
448 B
Fetch
General
Full URL
https://fr-actions.trackonomics.net/prod/www.theonion.com/action_links.json
Requested by
Host: cdn-magiclinks.trackonomics.net
URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-35.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5c24f7ca1c946fa4dfd44407409c8e11ec6e41f0e1c7c45bf8381b42afb31f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:35 GMT
via
1.1 beda7ef1ba9a3d6628bdfdae06bd482c.cloudfront.net (CloudFront)
last-modified
Sun, 19 Dec 2021 11:43:11 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
203
etag
"5ad5cc4d26869082efd29c436b57384a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Error from cloudfront
accept-ranges
bytes
content-length
4
x-amz-cf-id
Oss-uuiNENTBSlqaSkMZHMnkba_yRmYIA5y0aCQUqxcyHvd4S3yH8g==
i.png
trx-hub.com/i/m/
128 B
463 B
Image
General
Full URL
https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0iiLS3A48kAV2gA2AZ2Y9IMWGAAOU6jgyiKUsHmqwYYAMbUiAbVBDE-bURAALKFKGEA9DZQOAdBDPVEOLO8ebElGyApoanhqaCDoUwDwKDgkVHRsfFESAF0KTV4hCF9YGjpFEE0BLDkIdXYdQhAAJgAGaoBmAFpagA4mhtqAFQBGAE5CAFZqwgbBxwa+wYAtKOVVcogBSpAu1wACAHkPd3WAH3WAQRpoLE0wAHIhdYAxXGos9YA5ahRrgGUjaG1HKKwsBRVf4YHoANj6DQALNVBj1BoNJoNqHgsFFqAA3UrqACeslM7CkQSEQk8OCiGSyvlCsABpjwVOwYFgtThYEG6lcsHcpPJAKkPTpDKwTJZgzZHJ06T51VM3PcIBIQA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-58.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 22:28:15 GMT
via
1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:40:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
77061
etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
128
x-amz-cf-id
hGixNoQOeNU7zvBMGH1PzXZtmta5JGN2QKUX8odE3ieHppd7M2-nyg==
rum
dsum.casalemedia.com/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
  • https://x.bidswitch.net/sync?ssp=index&gdpr=0
  • https://x.bidswitch.net/ul_cb/sync?ssp=index&gdpr=0
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=55729693-17c2-4a00-a1e7-0e9cfc7fcfdf&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_7a0dcb19-3845-402d-a38c-e14b1afcdd5f&bsw_param=55729693-17c2-4a00-a1e7-0e9cfc7fcfdf&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=55729693-17c2-4a00-a1e7-0e9cfc7fcfdf&gdpr=0&gdpr_consent=&us_privacy=
43 B
766 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=55729693-17c2-4a00-a1e7-0e9cfc7fcfdf&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 19:52:36 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=55729693-17c2-4a00-a1e7-0e9cfc7fcfdf&gdpr=0&gdpr_consent=&us_privacy=
date
Wed, 30 Aug 2023 19:52:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
eb2.3lift.com/
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161204
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161204&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjAyMDYyQTctOTEwMS00MkUxLTgxOTMtOTQ0RkVCNUJBNzcx&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
216 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Protocol
H2
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 19:52:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Wed, 30 Aug 2023 19:52:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
match.adsrvr.org/track/
70 B
260 B
Image
General
Full URL
https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 19:52:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/
146 B
372 B
Fetch
General
Full URL
https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.154.107 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcd77f1c12cf4430ee903db699a5e01d5a5ce637532f2f73244bfbd10e22e881

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
x-api-key
79db72eb0b5c7255afa54a253df24fb4a5ac916bf40b51c730df8850aa5665ca
Content-Type
application/json

Response headers

date
Wed, 30 Aug 2023 19:52:37 GMT
x-amzn-trace-id
Root=1-64ef9e05-02b1cae46a1df49b0f6edf4c
x-amzn-requestid
013a15ec-56e3-4b9f-b2e5-f86abeaa6aca
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
KfWg8FsSvHcF3kA=
content-length
146
putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ Frame
0
0
Preflight
General
Full URL
https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.154.107 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://www.theonion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
date
Wed, 30 Aug 2023 19:52:37 GMT
x-amz-apigw-id
KfWg6F0wvHcFxVA=
x-amzn-requestid
41472a07-d6b3-43ad-99dc-3fca55cf5b29
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FBJXBGD4M8&gtm=45je38s0&_p=972883076&cid=1805245862.1693425152&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1693425152&sct=1&seg=1&dl=https%3A%2F%2Fwww.theonion.com%2F&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theonion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 19:52:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theonion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_2_2/infra/
876 KB
144 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/33_2_2/infra/cmTagFEED_MANAGER.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 -, , ASN (),
Reverse DNS
Software
AmazonS3-br /
Resource Hash

Request headers

Referer
https://www.theonion.com/
Origin
https://www.theonion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-meta-mtime
1692436128
date
Wed, 30 Aug 2023 19:52:37 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
FNGQTH4HWMTFMETX
age
988911
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1692436129
x-amz-meta-mode
33188
content-length
147314
x-amz-id-2
MN7W6Hf8bLwtIH9JedJm20XngKqq77RND71VPiQAal27QoPib3tDv5GBaeCp+3BUOM6KE8aYTq4=
x-served-by
cache-fra-eddf8230032-FRA
last-modified
Sat, 19 Aug 2023 09:08:50 GMT
server
AmazonS3-br
x-timer
S1693425158.881667,VS0,VE0
etag
"f1640eef15c852f06261850f3ed67f83"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
60
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_2_2/assets/css/
60 KB
8 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/33_2_2/assets/css/cmOsUnit.css
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.theonion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-meta-mtime
1692436147
date
Wed, 30 Aug 2023 19:52:37 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
FNGXHV0TQ9C4KWM0
age
988911
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1692436147
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
hboRZWeRQObX9qW9mrCu7rV8WtrYMhyNwr31xPvQPwSOcjLunR69xbMcfns5D6KU3/X0MTJsWdo=
x-served-by
cache-fra-etou8220064-FRA
last-modified
Sat, 19 Aug 2023 09:09:08 GMT
server
AmazonS3-br
x-timer
S1693425158.794142,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
67658
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.4/
0
0

sync
am-match.taboola.com/ Frame 0B2F
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
no.kinja-img.com
URL
https://no.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_542,pg_1,q_60,w_965/197xrjaz7466rpng.png
Domain
as-sec.casalemedia.com
URL
https://as-sec.casalemedia.com/headerstats?s=365217&u=https%3A%2F%2Fwww.theonion.com%2F&v=3
Domain
vidstat.taboola.com
URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.4/OvaMediaPlayer.js
Domain
am-match.taboola.com
URL
https://am-match.taboola.com/sync?dast=V8UrACLAa4zxSqaZlt8xJwnylU0zLb5i0AAABgYID-AMmthhPDZGZaC2c2y1o0s6zcyo1nsRaOdjPHZjDcWDbGISC51XBimMxMa-HMZlmLZpaVW7nxLNbC0W7m2AyGG8vGOAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKQUHeTy250Od3-AAAAAAACAAAAgAQAQj9PCQAZEsET__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQlxLGM4Zl3FQiBbRFGAEAAACA-j8wOzJJJ6hYVPn__--3AnAFACBAESngJT-L7qDEWxgAAAAAMXgZ8lVK1IapYxboYfH7zQ67xu92mf________9_M_9n_tEIHXGlpAkaKPxQ8wsIALDmFxAAgM24AQB4IwAn5GSg6XT4XPd63e93Fx1dfrvTb7dr_G6_6BC0YjBYnYCYHQAAAIA7_____3jwMuSrlKgNU_WAjHM5GJlMhuFkNbNMJqaRyzHxTUY2j3Pjmkwcju1B7LFexQevZ-0jIiyz33cQ8t0uw8PnMoiKrrfF7nCaPQfxQcOwnAyC-ZmwxWg1mWyWw9lyMRkMR8PRaH8GYjEboIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBFO-yWpmmuzWIttm5BZtRha3cjNcuGWz4XKx3Dgng9nELXp9TBeXc7LZzbxIMMBkL5KnRTpRbUaziW83cpgmtonHs9lYXMvhYLFcjIbD4cbkmoglmpNFOpFd9h3ncjAymQzDyWpmmUxMI5dj4puMbB7nxjWZOBz7lm-ympkmu7XIthm5RZuRxa3cDBdu2Wy4XCw3zslgNnGLXh_TxeWcbHYzf2O23Iwmq8VqsW_MlpvRZLVYLfYdJtMz9TkbrTHx5SNzZkY3h-vmNChcBov3JzEtpt3ZwXT2HZ025bbZ2Rn9fr_f7_f7_X6_36D1HMwGhe9b9ht1a7E5WNwcDGKDQRFLBBfpROd3u0xOh2MtOrr8dqffbhFLlKaLdKIv-t0uw8Pn8lfEEsHpIp0I_W6XRf1HDDiYS1aruW6uGExWCQAAAAAAAADAEkwz3QQAAADAyaCGy8Vitk4HMxnOFqPZcgFceJLp-nnnRPWdCkrbJdOYQHYhJGNcrLHHIs7vdpmcDsdadHT57U6_3coALjytmG32GUGs1WpZAwAAEMAGAAAgwE033gSkUHH_____4wAAAMjIoQcAAEC_D4hqdmZmZmaGH0EOZ6P9A1Ah1mq1ut1Yq9UKWHDL3Wozgf____8!&excid=22&docw=0&cijs=1&nlb=false

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| documentPictureInPicture string| countryCode object| blockthrough object| domContentLoaderPromise object| dataLayer object| defaultPageContext string| GoogleAnalyticsObject function| ga object| _comscore object| LongTaskObserver object| LUX object| LUX_ae object| LUX_al object| _taboola function| taboolaInit object| kinja object| googletag object| headertag number| interval function| _fasttoken object| _user object| webpackJsonp object| COMSCORE object| ns_p object| google_tag_data object| gaplugins function| _typeof object| TRC object| _tblConsole undefined| msg function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| apstag object| pbjs object| videoHtml5Controllers function| stopVideoHtml5 function| deleteVideoHtml5Controller object| EUo3QW2 function| EUo3QW3 object| xop object| krd8f676axo object| tnad4esjg1s object| regeneratorRuntime function| veritasStart string| veritas_version function| filterCSS function| filterXSS object| _sf_async_config number| _sf_endpt string| ENTRY_POPUP object| google_tag_manager object| ggeac object| google_js_reporting_queue object| pbjsChunk object| _pbjsGlobals object| Ot1Hda2 function| Ot1Hda3 function| xblocker number| taboola_view_id object| nxKG0J function| nxKG0m object| xblacklist object| _aps boolean| apstagLOADED object| apscustom object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| BULBS_ELEMENTS_ADS_MANAGER object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog function| initVideoHtml5 object| closure_lm_770235 object| _ml undefined| channel string| trackonomicsId object| scrEm boolean| creativeVendorLibraryLoaded object| gaGlobal object| gaData undefined| google_measure_js_timing object| Criteo object| placementData string| nam object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt object| closure_lm_820618 object| trx function| md5 function| setImmediate function| clearImmediate object| ats object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo_identitytag_140 object| cmTag number| google_unique_id boolean| __bt_already_invoked object| _cm_wfCounters object| GoogleGcLKhOms object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| google_image_requests

46 Cookies

Domain/Path Name / Value
www.theonion.com/ Name: geocc
Value: DE
.theonion.com/ Name: KinjaBucket
Value: c
www.theonion.com/ Name: KinjaSetBucket
Value: c|1693425000|EU4TQ15l7l3+VPerzIO+XuxWRpaOTLQbUaY+yw6gWZw=
www.theonion.com/ Name: lux_uid
Value: 169342515081221432
kinja.com/ Name: KinjaSession
Value: 6770d7b7-f781-446c-bba4-7562093d51d9
.kinja.com/ Name: KinjaBucket
Value: c
kinja.com/ Name: KinjaSetBucket
Value: c|1693425000|EU4TQ15l7l3+VPerzIO+XuxWRpaOTLQbUaY+yw6gWZw=
www.theonion.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.theonion.com/ Name: _cb
Value: B_wjc7S4K5iCJtZGD
.theonion.com/ Name: _chartbeat2
Value: .1693425152005.1693425152005.1.Bu2uUzjBS1ND6xQSLDxPc7zCix0aJ.1
.theonion.com/ Name: _cb_svref
Value: null
www.theonion.com/ Name: pageDepth
Value: 1
.theonion.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.theonion.com/ Name: _gid
Value: GA1.2.268950501.1693425152
.theonion.com/ Name: _gat_unique
Value: 1
.theonion.com/ Name: _gat
Value: 1
.liadm.com/ Name: lidid
Value: d8df461f-0cf0-42f0-8c14-a792124eb80e
www.theonion.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3De725f427-d63d-43db-938a-668919c9206b-tuctbe9237f
.theonion.com/ Name: _ga
Value: GA1.1.1805245862.1693425152
.theonion.com/ Name: _ga_FBJXBGD4M8
Value: GS1.1.1693425152.1.1.1693425152.0.0.0
www.theonion.com/ Name: vtas_f
Value: c55914e3c22325aaeecb5b97aeff1d2851390aec
www.theonion.com/ Name: vtas_version
Value: 1.1.2
.kargo.com/ Name: ktcid
Value: bf349694-efaa-0c8a-1cf8-a35a7ad09039
www.theonion.com/ Name: _lr_geo_location
Value: DE
.rubiconproject.com/ Name: khaos
Value: LLY5M2B0-25-CKCH
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoJ741TDvuaKwNb0fGVcfL/XWaA1sYWTLE9gLr7Yht2fU4+H0LtRovRgXKALezHt0LVxh1uxPoukUgcdj94p/Mz8swGE9jw2UAijy0RC4Zd8SKPLRELhl3xpmvllXEtYN4=
.criteo.com/ Name: uid
Value: 3f54bd21-4ac0-4dbd-a0c0-a240aa588575
.adnxs.com/ Name: icu
Value: ChgI64dgEAoYASABKAEwgLy-pwY4AUABSAEQgLy-pwYYAA..
.adnxs.com/ Name: uuid2
Value: 6260265004866764285
www.theonion.com/ Name: vtas_kv
Value: {"veritas-segments":"5, 8","veritas-iab":"2, 20"}
.theonion.com/ Name: cto_bundle
Value: LJOkmV9KeG5aN0p0eGY5eTFGS0lCZk5UUlQ2ZlRVcGl3czhxWmhmcjlXV09JeEtFYXhEdFhMZkVyUG5oZVhCamUzTUdaS2phRWExTGQwSzZDRll5aTNWdlhpUXgzN1JKd01LMmJTc3czdk1LQWRPTDNzRzN1b3ZQMG1UJTJCTTlEZktPSmM5SWFYa3R2TkZ3bHlWSHRrMHl0d0hqZyUzRCUzRA
.theonion.com/ Name: __gads
Value: ID=92e81376854e61af:T=1693425152:RT=1693425152:S=ALNI_MbzOdkrdSZjpeJnm9VNYYYCDzgAHw
.theonion.com/ Name: __gpi
Value: UID=00000c6b906a96b1:T=1693425152:RT=1693425152:S=ALNI_ManjweTYEDitwr3ae4MVSA79S_4EA
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.casalemedia.com/ Name: CMID
Value: ZO.eA-s1Azo8vqzsEB23iwAA
.casalemedia.com/ Name: CMPS
Value: 5296
.casalemedia.com/ Name: CMPRO
Value: 5296
.pubmatic.com/ Name: SyncRTB3
Value: 1694563200%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F02062A7-9101-42E1-8193-944FEB5BA771
.bidswitch.net/ Name: tuuid
Value: 55729693-17c2-4a00-a1e7-0e9cfc7fcfdf
.bidswitch.net/ Name: c
Value: 1693425155
.bidswitch.net/ Name: tuuid_lu
Value: 1693425155
.doubleclick.net/ Name: IDE
Value: AHWqTUlXTJK841V2sKt4_9QolBG4GdLm4grwCOLi9wUCFta1yPpsm2yuzvgTYi3IxMo
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_7a0dcb19-3845-402d-a38c-e14b1afcdd5f
.pubmatic.com/ Name: pi
Value: 161204:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2

4 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning URL: https://tagan.adlightning.com/gomedia/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://www.theonion.com/
Message:
Access to XMLHttpRequest at 'https://as-sec.casalemedia.com/headerstats?s=365217&u=https%3A%2F%2Fwww.theonion.com%2F&v=3' from origin 'https://www.theonion.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://as-sec.casalemedia.com/headerstats?s=365217&u=https%3A%2F%2Fwww.theonion.com%2F&v=3
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ampcid.google.com
ampcid.google.de
api.btloader.com
api.rlcdn.com
as-sec.casalemedia.com
ats.rlcdn.com
bidder.criteo.com
btloader.com
c.amazon-adsystem.com
cd2020116f48f83919f82302ca852368.safeframe.googlesyndication.com
cdn-magiclinks.trackonomics.net
cdn.speedcurve.com
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
direct.adsrvr.org
dsum.casalemedia.com
eb2.3lift.com
f.kinja-static.com
fastlane.rubiconproject.com
fr-actions.trackonomics.net
geo.privacymanager.io
grid.bidswitch.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.kinja-img.com
ib.adnxs.com
id.sv.rkdms.com
idx.liadm.com
image2.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
imprammp.taboola.com
insight.adsrvr.org
js-sec.indexww.com
kinja-com.videoplayerhub.com
kinja.com
krk2.kargo.com
match.adsrvr.org
ml314.com
mug.criteo.com
no.kinja-img.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel.adsafeprotected.com
pr-bh.ybp.yahoo.com
prod.tahoe-analytics.publishers.advertising.a2z.com
region1.google-analytics.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sonata-notifications.taptapnetworks.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
tagan.adlightning.com
tlx.3lift.com
tpc.googlesyndication.com
trc.taboola.com
trx-hub.com
ups.analytics.yahoo.com
vidstat.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.theonion.com
x.bidswitch.net
x.kinja-static.com
am-match.taboola.com
as-sec.casalemedia.com
no.kinja-img.com
vidstat.taboola.com
104.18.39.155
108.139.240.30
108.156.60.35
13.225.78.58
130.211.23.194
141.226.224.32
141.226.228.48
142.250.184.226
151.101.1.44
151.101.129.44
151.101.130.166
151.101.194.166
151.101.66.217
172.217.18.6
172.64.149.180
178.250.1.11
18.193.211.202
18.244.179.50
18.65.39.56
18.65.39.76
18.66.202.223
18.66.218.104
185.64.189.112
185.64.190.80
185.80.39.216
198.47.127.18
2001:4860:4802:32::36
2600:9000:2057:e600:18:1fcd:353:c61
2600:9000:2394:9800:1d:8c8c:47c0:93a1
2602:803:c003:200::31
2606:4700:20::681a:78b
2606:4700:20::ac43:4513
2606:4700:20::ac43:4acf
2a00:1450:4001:806::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2004
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:813::2006
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2001
2a00:1450:400c:c00::9b
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a04:4e42:600::300
2a05:d018:d29:3605:f14:89f9:e156:6aa1
3.71.149.231
3.73.110.75
3.73.214.37
34.111.234.236
34.120.133.55
34.198.203.196
35.157.81.77
35.164.154.107
35.171.55.47
35.71.161.21
37.252.171.52
44.214.10.54
52.222.139.15
52.223.40.198
52.57.222.132
54.76.72.139
76.223.111.18
011dad980a801289498cce97d90465afa8000729e8113a04f25acb0a2922425f
03d3f85197360e4684f26a00d33541910a8e4c157c6372d09e41994ad039a727
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
067aa3b61bb22a73852b83b49e46e3c54923a017dd005502f370527a32582162
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
075756bfad52cede356f64b59cd8cac36d0a078521c29a145c03d914385d7284
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08287b770e249e7603fcbdfc0eadf23b4c25b1ddb85fd8f4d33f1eb65169dba6
0c0a1f0308c22240b60162df6a17beb841cafc3146f4ccebfdc2f8f731413c40
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0c7f06d5926f4da53559d7f0e3b7db9c2f0d1ec51884459c31348a6377903114
0cb3dda9190f5e8cf6164631ed25c9bc3cf44070c6b35d4d17cdff94a2f22a16
0ce7dc858fc20bc7655a839b7402c2722a90da5dd0a85da45b71f7140cc24502
0f5c414f6dae43aec01f9b92791103b1edece23c0c24e529c24b63e567b5f429
0feb5a032ce68024e6d9ec40424b2c19679e405f71a91a469ce17e1d27a2190a
115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388
12cec41b495be9d7330ff0b3c38089b3a71be9c0d193b008e90e7d1b0ce30fb4
12d795d53e04086036bd662081c08ad28f375df8675dd0e12985361f993d3123
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
1942e9a6d7cc728e89d461f0c50c861584598ad5290e9665e27513db150b850b
19ba9863368ec6a16b4635113402ef605b257182f83b37211033786977613d19
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1e34222b88bb8dd60c1200d0422c58749ca77f9bd11f914adfa547112b594a0a
1fa89096d7cc21077c145c2319d8092c900ea407ce4e5a17f962c30a21375263
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
25101228f817fa931cc3d76917b2b05d65c9e8f6e65915e0840a88272bf70417
2526556bd92f6b632bb706aa61537c52af57299446623e9babc618bb4bc5be7c
25428aa45d22c9d26d2b20bfbfd9e96193e186148d722369cfcf39200ef06114
25ac7ebc6f8b030b8f4226372357c109c1defb5383a2a83bce7a4d4027ea618b
26d73a488bbcf3c70fd2f307c0115d3d12fd15d6d4edf8c57e56ea1d467d6573
287799dfa205b711ffeb45d34647b7b77655d51630264a6c26bfa5418a62c082
32a4f630fcc22ae4d318d9d3a94ab47e165cb2026c21e58de13260c54d4eba74
32ba30fabef8a3646d3449ae6e2af4a6fadd893988410fd1ea78759403cd5f81
33e4c57f54b9f3dd00e385d9347391d4cd5b4e891c269d697ff92ce66993b145
35a5eb23e381237ec64332615f53eccc57572bafecc2de4747a557bcd05cedf2
37cad418c36ef3bcbffbee28600e2cdb2339a754ef141fb75c0de3c15523cd44
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ab71542224e581180e9f24246bc8cc18692b536d3035e4ad325b93cc79af169
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3e154c70088aabc1d14600fab649eca01dfbac0ab1eb63adc0f13306fbb97f06
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
4187d54bac080e9b6d8060da70abe3459746b9f19bd42f5acd9af3ed7a72de24
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47449bd34722210f6f8cb399080c98c5c8fabd45fcfcbf670e16c2b2c709494d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d09caf38492137c2f30630c2ed96167d45eeb1bbc70391e0b65827b0547f05
491021a15a27ce05ca03cd910559cd9412215d9ec38f63d6c0083e1a3d2b7ded
4a7156fea92ed64e11e0665a650ea523af28501a918e44a0d39d1363eb03a2cb
4b54947dc9df808e61308f3e1dd35b407a66a4aecccdd72a10c400a348a86fab
4d9ac822663d0d4cf50e91a47908374106fc3e7e47aa47d11c6167bbb63baa71
4e418ca723712dd77e0837394c7c4f8c9be9c8db41a622975d1d5b8b044bc04f
4ea3c3316e2f39673402c4f916463eb485afae106e5db774f81d305b28358762
4f7aab041bcd6e908d4424a13eb5efa50b35fa22543be394c47918f086c5ac86
4f90ca0b46fb737cc8e898eedf81d9562452783fd2c6ac0882a97a230c4bbbc3
530f401690d1fc7a011a220171db7aa395d116efc1a7daf496cbde561aef2510
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557f64e58e17972bffbe930e0534973a28d06da7e906ee34414a57d6cc245ccd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc
5aec3208c45f71dcf99908719a1a0280691ba83c134f3638c01046f05632a110
5c47a818a096c5acf2e79cfba0286462760d36e0ba5a336d45c281d8a723b868
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e7e337e9b90ce3eae8fb267bbc624428a3d3e24b01f093176ad8790727e9e7a
5eaa4605d7bf9fdb19b1a0835723b82de7d2e59f507aae2dc942bcb6b0c90c6f
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
5f1d1f27b205284c3c522013ba3818bcb2544d98efac07813b42ac193a22c0b1
6151afd17448b143a40e19bab756dabbcb6ca8a032642b937f8f14487d1e794e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622fb51880ca649d2bec903515a6ce45ceb17a8b146b38f1909f08cc96874c8f
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
655bc22a6b2d7d5161454d0706bd97843734351a48de91cbf51c9dfa50bd7a78
684b4de220f2acb97bbd72a8d06ad77da72693f611a47ada428892ba3018c9d8
6a7965a7807b59a503fc3320316550e921afcc5705d2862c06592a139687d4c7
6abd8e5ba4fd48f35ac63b4dbb53bbe8c0fb38c44c5d294a90c3ed30fbd865e1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d87c7ff3d2452025a212149a7dac507a9c36b0dcc9f851a52a29d2d87e8ba2b
6f0aa097b5acae03fa57058abcc4abcab6678b91dad284a8c9c27b3b069d0157
70171f700f143805bb7e6ad7ea966a9359d48899ddab946e7c9481c0eb3cf1fd
72bdedc9235a631a54746266f91519c028e486cd6383972881ea60be96eaa079
73d9d8fc86dc4b57966a9d421e592002d51af516f619cb1625d0d157d7422aae
7433cb53a5e5c007e4b84f82a48864554f9521f269e2b658c12cf3de67629a2a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74e372d1f292862c4f8060083ed8a9a50fe27d5bae7e5cd9790aef511b5a49a0
75827b6112bd46c888c92d68fe66b636f4ad89f6f82d3c64eb56de0e9d7ecfd7
758fa6eb2a74c0d914aecf819e64c0876671b0eb9f0b8dc13b3d3560176c8887
759cc925f137be357585ba1ae5b99415642585ea6ecc4c8645a63cc1d42517d2
7997f9816bd6a6827c4eaf047157533998af3231fb50762a4dd073caca37020c
7a7494491d0075de9164dc24492a7d902835ad5af0fb68cb3b9116bf4d8099b8
7bc2fa1c7926439dbaeb0c159fb6adc3e815fc24cabb1eeacb7c3a3444ad4b4e
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
80438ece7a3caadc84087a78ad2053385c3fd8e06aed6f889e33fb332278f607
814bdf26ab61d460b95d4deb56acf804d12552ffe53a08804976bfc4fe50b82c
81ef30240bc48ae773988015839cc195340d0ab7ce8c589d6a09ee750ca0f94c
83d89707023bdabe596c878ceaf2caeed2d81ec5c406dbc6e9396a20b9db6f76
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858b04b7c370059a2bdb4d78839ae04ad617b015389fd26d5aa76e42cb1be422
85bbf272feffac2bd7fd0371dc10bcaa37c9dd8929927ccdac0a980015617e76
86a58df4c6c4931186ebbd0d4e8bb9637ea7d028f9357aafa8793cf5806e8b32
88b01f2a93eef3a3cde4f6675dbf98162901d2bcd653ce2380b70cd05c9e60b9
895fe95f9252951d1b3acfba50546376d3224bb5a19fa40df3be17e6571e844b
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a9c90b2af89cb5d0c21fe54f79d301c1755ae1d70769cf60502f1bc96cd9606
8ab8dab0bfccdfd35b06c441f5cff15059c12e49217f565a4a437de2f2644ea0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec37f730dd44accf4345633e54ea237ab173c6e1f257b721bf8123c194cb4d4
9653a847897107ec0dea87337c6ab54924c44cab284f729784f652e90eb2964b
98555f82ad12532d426de758a88dbfe0d27a0d57f42a62cce2c700a6891ae6c0
9866cd24b956df5275bb71ef89a505a94756c7b42e6a034abfe04c153ff0fad3
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a072e7ac80c8b36d36bd2a48bfbe367bb3730628c62e8af8c8f0cb67281ac87
9a4a675c58ebdb96761ce6492beb887ce9cc56ad902827c7dca796681647add7
9b25e8d6ab605efc7fb035c3749028e470773aac72e9da160823eacc67eca9f9
9c596cd2bad0ad9c8a38a6324fad0f24fca7ff62667d3658b7e8398a26a84a5f
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
9e9cdfa9d3a839148c31e94bfc0b388015fff3dcd434deeef2f534679beddce8
9eaf796a5a664d8047a052c20e7b6e6ddd19b8b83e2ea8b4bf250f8eb1dd77ea
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a46765c3a8228486ba77199273289136a3fbe42c2d316573b359f8d0b2f3f660
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a58790e8db5fa9a70903dedea6617b5d109b16a0144d6884577f5468823fd8d0
a7ebec103c04aedd9c1b8e8136c0afc3d979b46c8d1cc92f8a4a9ea62dc6f3aa
a9572e29501bb30575de5f0a10e4b13994ccaba8584234eb648195af33f7c90f
aa4a10fb18a7cf972ee266856700400200e09d0557441a4aed5adf6f1d4a94a0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef1eed9da2f24886beef595dd97420413c814b854ef64eb056fa2a7681b8790
b03be9ed219161fed91726154c0305605a3a7872da39b0be1251ce92e26c426f
b0719ecb2765c96a0ed53d5133f54ae746a78478cc2caf48006c7420ed63b196
b081f758eb4f787016ce0140a615934de59a34e01843db159c37bfe059440986
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34781cea14bc4049c068db0c857b50f4f1d2cd0069ce99b98b649944d1d51b6
b38414436bcbc1f552127d33a308114b2d9e7a1b8c487cb46fde965dec10ed0d
b4e23aed9ac19925c7e8912d1a3b3ced0988ef769ae5dea27fbb971e5d04404f
b660ee3c158d1107d3a9e0c5a27720b93e725453600bad7adab4321188b42f4e
b72413abfb85928ae206daaa9d49fb61d47248beba8c25d07a7155f38a0f2fe2
b87fc020edf51a572f638022539a8914153564893be93f6075bb59fdb4cf2ba3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdd47ea16a872a4a04b26f2c0f3a87b3bef4d111e11ba5d240f6c668ec3a67ce
c0762dd2825f8237a7275865ca79a2aa38803f9a6dac6553de920746cfde9bc1
c1a756786b261a5222a1450b07a730a72bc1a4a8fe08022f6e9c9119f070e348
c2ac3c6ad856125bd1122c6e35f74a5ee649282ad8fe4e8f8f5faf16c24a8adf
c369f770945f1818718f1f266abc0bc6d970ff1fc7b4116538b534b77c212baa
c5c24f7ca1c946fa4dfd44407409c8e11ec6e41f0e1c7c45bf8381b42afb31f1
c5e1aa2464402f34c43a8f2b133e717ab7eb51fdfe5e8f5691cd9f313e2eb6f6
c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948
c7b739323f788f43777d94f5a11b01dfde61f9ff8233fd0ce5d9d50b36875c75
c8a533caec5589dc47cf3cdfb96df6abc0c1c74a49b11895e205f4d621787fc1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf63e82bd1a86cf85c62989cc15541677669740180c62e7855e00a967f18ba06
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
d3e6ff2649ac9a0611e35d957b3a5b693d0efb3a53c2ebe79e990f178a7e5768
d5f66632bddb38e311ebbee305ba5dd4b3d3ea1ba78dbb60db1ff27295ac5863
d6dffc62434507a58d1f4fca274b181a24ef055e31dcd997a2ff12aa91fa15a1
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9e08da8f03bfc136e84f23144e1d9c6837ebed60f4c61b6c8cafc8215f77585
d9f0196a37642b04ecaf289a2772042f8d51629c622b87a35b8876315c89f8ef
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dcd77f1c12cf4430ee903db699a5e01d5a5ce637532f2f73244bfbd10e22e881
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0545e68feb0aafb0072d79dbcbb983943db06ba045e139ee2c40925ce1dc006
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8171b2fd69a68706ff771e33d26ff77b2f49801b4a3aa7bcdebcc00c42584f2
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874
e9697b427ff68f57dffe803235d58c59686e7b4fb2435967ef024d7c4a367182
ed40e16159c08476c9285c93b2aa86f35e24f201a6e99e94540a67e24b444bb6
eecdb27bb1651ba9b6ea7d362462042d834db5a119d8933967c35c8968e87304
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39914fc25519caa344f949aa026d297a84fb2af1d96f9cd9892cb97820b846b
f4a0923db6f375bb95c5e1711d0343658f1d7a066ade8e2e3c62d4eb2508a77a
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f72ac06186a8830f72d15cde95559cf9ade12ecf132be6af5903a2de02ece7de
fd31044e33045dfe8878039347b75587c0e08127c89ee4264fbd0b01178e97fd
fd5b86c44264d85bc83ce8ebc7c8b76067fd6f28f6cacdb308066c917e3ec3da