www.theonion.com Open in urlscan Pro
151.101.66.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.theonion.com/
Effective URL:
https://www.theonion.com/
Submission: On June 08 via manual (June 8th 2023, 12:05:01 am UTC) from US — Scanned from DE

Summary HTTP 375 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 90 IPs in 9 countries across 56 domains to perform 375 HTTP transactions. The main IP is 151.101.66.166, located in United States and belongs to FASTLY, US. The main domain is www.theonion.com. The Cisco Umbrella rank of the primary domain is 109254.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q3 on July 25th 2022. Valid for: a year.

This is the only time www.theonion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 74	151.101.66.166 151.101.66.166	54113 (FASTLY) (FASTLY)
9	151.101.194.166 151.101.194.166	54113 (FASTLY) (FASTLY)
2	13.32.121.37 13.32.121.37	16509 (AMAZON-02) (AMAZON-02)
1	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
18	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
2	52.204.157.234 52.204.157.234	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.98.4 143.204.98.4	16509 (AMAZON-02) (AMAZON-02)
2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:236... 2600:9000:236e:e000:1d:8c8c:47c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.59 13.32.99.59	16509 (AMAZON-02) (AMAZON-02)
2 6	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
7	18.66.147.69 18.66.147.69	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
13	52.209.156.69 52.209.156.69	16509 (AMAZON-02) (AMAZON-02)
4	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	52.57.223.127 52.57.223.127	16509 (AMAZON-02) (AMAZON-02)
4	3.66.253.225 3.66.253.225	16509 (AMAZON-02) (AMAZON-02)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
4	52.223.4.62 52.223.4.62	16509 (AMAZON-02) (AMAZON-02)
5	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	18.195.189.38 18.195.189.38	16509 (AMAZON-02) (AMAZON-02)
4	138.197.55.50 138.197.55.50	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	52.209.133.172 52.209.133.172	16509 (AMAZON-02) (AMAZON-02)
2	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
4	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	18.196.248.215 18.196.248.215	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	104.18.10.47 104.18.10.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::681a:832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:205... 2600:9000:2057:de00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
7	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.218.56.233 3.218.56.233	14618 (AMAZON-AES) (AMAZON-AES)
1	54.164.253.83 54.164.253.83	14618 (AMAZON-AES) (AMAZON-AES)
1	34.198.228.54 34.198.228.54	14618 (AMAZON-AES) (AMAZON-AES)
7	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
8	2a02:26f0:480... 2a02:26f0:480:9::210:ee0e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	13.32.27.60 13.32.27.60	16509 (AMAZON-02) (AMAZON-02)
4	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
12	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2600:9000:211... 2600:9000:211e:600:11:9be7:da80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	52.92.251.26 52.92.251.26	16509 (AMAZON-02) (AMAZON-02)
4 12	35.214.168.80 35.214.168.80	15169 (GOOGLE) (GOOGLE)
2 5	2a05:d018:d29... 2a05:d018:d29:3602:caa5:9f17:65ef:189f	16509 (AMAZON-02) (AMAZON-02)
1	18.156.189.239 18.156.189.239	16509 (AMAZON-02) (AMAZON-02)
4	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1	99.86.4.115 99.86.4.115	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.90 18.66.147.90	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:223... 2600:9000:223f:4800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	130.211.44.5 130.211.44.5	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
12	2600:1f13:800... 2600:1f13:800:7781:a9:f316:c651:5d12	16509 (AMAZON-02) (AMAZON-02)
5 7	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 5	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 2	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1 2	67.220.226.232 67.220.226.232	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.212.88.20 23.212.88.20	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
375	90

74 151.101.66.166 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.theonion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.kinja-img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kinja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.194.166 (United States)

ASN54113 (FASTLY, US)

f.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
no.kinja-img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.204.157.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-157-234.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-4.fra50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:e000:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-magiclinks.trackonomics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-59.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:d::d (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.147.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-69.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.209.156.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-156-69.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6c36ba0810346b66fb1f3b0a1e8f9fb1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.223.127 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-223-127.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.66.253.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-253-225.eu-central-1.compute.amazonaws.com

krk.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.4.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac9557e2e67bd8033.awsglobalaccelerator.com

direct.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

fusion-media-group-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.195.189.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-189-38.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.197.55.50 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

ads.resetsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.209.133.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-133-172.eu-west-1.compute.amazonaws.com

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.196.248.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-248-215.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:832 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kinja-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:de00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.218.56.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-56-233.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.253.83 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-253-83.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.228.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-228-54.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:480:9::210:ee0e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.27.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-60.fra56.r.cloudfront.net

cdn.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:211e:600:11:9be7:da80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2cli4kgl5uxre.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.92.251.26 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

onlinertb-us.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.214.168.80 (Groningen, Netherlands) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 80.168.214.35.bc.googleusercontent.com

trace-eu.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a05:d018:d29:3602:caa5:9f17:65ef:189f (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.189.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-189-239.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-115.fra6.r.cloudfront.net

fr-actions.trackonomics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-90.fra60.r.cloudfront.net

trx-hub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:223f:4800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:1f13:800:7781:a9:f316:c651:5d12 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.139 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.74.194 (Staten Island, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.143.56 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.226.232 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 749 static.adsafeprotected.com — Cisco Umbrella Rank: 634 dt.adsafeprotected.com — Cisco Umbrella Rank: 573	401 KB
32	theonion.com 1 redirects www.theonion.com — Cisco Umbrella Rank: 109254	716 KB
28	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 959 trc.taboola.com — Cisco Umbrella Rank: 632 vidstat.taboola.com — Cisco Umbrella Rank: 2912 am-trc-events.taboola.com — Cisco Umbrella Rank: 13315 imprammp.taboola.com — Cisco Umbrella Rank: 12482 am-match.taboola.com — Cisco Umbrella Rank: 12545 am-vid-events.taboola.com — Cisco Umbrella Rank: 11724 pips.taboola.com — Cisco Umbrella Rank: 1625 cds.taboola.com — Cisco Umbrella Rank: 1923 vidstatb.taboola.com — Cisco Umbrella Rank: 5650 sync.taboola.com — Cisco Umbrella Rank: 1077	605 KB
26	kinja-static.com f.kinja-static.com — Cisco Umbrella Rank: 32779 x.kinja-static.com — Cisco Umbrella Rank: 30578	338 KB
24	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 244 cdn.adnxs.com — Cisco Umbrella Rank: 1632 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6133	209 KB
24	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 stats.g.doubleclick.net — Cisco Umbrella Rank: 121 ad.doubleclick.net — Cisco Umbrella Rank: 182 cm.g.doubleclick.net — Cisco Umbrella Rank: 248	199 KB
24	kinja-img.com i.kinja-img.com — Cisco Umbrella Rank: 25126 no.kinja-img.com — Cisco Umbrella Rank: 72753	188 KB
16	mediago.io 4 redirects cdn.mediago.io — Cisco Umbrella Rank: 7431 trace-eu.mediago.io — Cisco Umbrella Rank: 16190	13 KB
16	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 503 tps.doubleverify.com — Cisco Umbrella Rank: 520 tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 9622	425 KB
13	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 526 eus.rubiconproject.com — Cisco Umbrella Rank: 627 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1154 token.rubiconproject.com — Cisco Umbrella Rank: 636 pixel.rubiconproject.com — Cisco Umbrella Rank: 375	25 KB
12	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 413 bidder.criteo.com — Cisco Umbrella Rank: 742 mug.criteo.com — Cisco Umbrella Rank: 2161	21 KB
11	adsrvr.org direct.adsrvr.org — Cisco Umbrella Rank: 3666 insight.adsrvr.org — Cisco Umbrella Rank: 582 match.adsrvr.org — Cisco Umbrella Rank: 385	3 KB
11	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 353 aax.amazon-adsystem.com — Cisco Umbrella Rank: 443 s.amazon-adsystem.com — Cisco Umbrella Rank: 335 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1023	64 KB
8	pubmatic.com 3 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 545 image8.pubmatic.com — Cisco Umbrella Rank: 712 image2.pubmatic.com — Cisco Umbrella Rank: 971	1 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 127 6c36ba0810346b66fb1f3b0a1e8f9fb1.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 154	40 KB
7	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2329	185 KB
5	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 454	3 KB
5	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 1067 x.bidswitch.net — Cisco Umbrella Rank: 356	1 KB
5	openx.net fusion-media-group-d.openx.net — Cisco Umbrella Rank: 43939 u.openx.net — Cisco Umbrella Rank: 723	857 B
5	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 605 eb2.3lift.com — Cisco Umbrella Rank: 406	2 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 106 www.google.com — Cisco Umbrella Rank: 3 ampcid.google.com — Cisco Umbrella Rank: 2285	2 KB
4	amazonaws.com onlinertb-us.s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 84219	113 KB
4	cloudfront.net d2cli4kgl5uxre.cloudfront.net	457 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	219 KB
4	media.net prebid.media.net — Cisco Umbrella Rank: 1537 cs.media.net — Cisco Umbrella Rank: 1595	2 KB
4	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1222	633 B
4	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 589 as-sec.casalemedia.com — Cisco Umbrella Rank: 1982 dsum.casalemedia.com — Cisco Umbrella Rank: 1549	3 KB
4	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 3996	2 KB
4	resetsrv.com ads.resetsrv.com — Cisco Umbrella Rank: 14917	1 KB
4	kargo.com krk.kargo.com — Cisco Umbrella Rank: 2637	3 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 7760 ampcid.google.de — Cisco Umbrella Rank: 53818 www.google.de — Cisco Umbrella Rank: 5056	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 57 region1.google-analytics.com — Cisco Umbrella Rank: 1892	21 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 1063 api.btloader.com — Cisco Umbrella Rank: 1168	7 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 562	73 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	191 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1355	104 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1143	1 KB
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 489	347 KB
2	trackonomics.net cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 6433 fr-actions.trackonomics.net — Cisco Umbrella Rank: 11750	28 KB
2	ml314.com ml314.com — Cisco Umbrella Rank: 1958	11 KB
2	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 2342 api.rlcdn.com — Cisco Umbrella Rank: 1078	78 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 826	456 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 157	3 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 390	651 B
1	trx-hub.com trx-hub.com — Cisco Umbrella Rank: 6527	466 B
1	adnxs-simple.com acdn.adnxs-simple.com — Cisco Umbrella Rank: 2158	43 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1295	201 B
1	liadm.com idx.liadm.com — Cisco Umbrella Rank: 4145	313 B
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 5818	168 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1660	15 KB
1	videoplayerhub.com 1 redirects kinja-com.videoplayerhub.com — Cisco Umbrella Rank: 38923	458 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 692	16 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	17 KB
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1994	607 B
1	kinja.com kinja.com — Cisco Umbrella Rank: 30626	1 KB
1	speedcurve.com cdn.speedcurve.com — Cisco Umbrella Rank: 5810	8 KB
375	56

	Domain	Requested by
32	www.theonion.com	1 redirects www.theonion.com tagan.adlightning.com
23	i.kinja-img.com	www.theonion.com
18	x.kinja-static.com	www.theonion.com tagan.adlightning.com
16	securepubads.g.doubleclick.net	www.theonion.com tagan.adlightning.com securepubads.g.doubleclick.net
13	pixel.adsafeprotected.com	x.kinja-static.com tagan.adlightning.com www.theonion.com
12	dt.adsafeprotected.com
12	trace-eu.mediago.io	4 redirects www.theonion.com
12	ams3-ib.adnxs.com	tagan.adlightning.com cdn.adnxs.com
11	cdn.taboola.com	www.theonion.com cdn.taboola.com
8	static.adsafeprotected.com	tagan.adlightning.com www.theonion.com
8	cdn.doubleverify.com	tagan.adlightning.com www.theonion.com
8	ib.adnxs.com	x.kinja-static.com www.theonion.com
8	f.kinja-static.com	www.theonion.com
7	tagan.adlightning.com	www.theonion.com tagan.adlightning.com
6	match.adsrvr.org	js-sec.indexww.com imprammp.taboola.com am-match.taboola.com eus.rubiconproject.com
6	gum.criteo.com	2 redirects cdn.taboola.com tagan.adlightning.com
5	cm.g.doubleclick.net	3 redirects eus.rubiconproject.com
5	pr-bh.ybp.yahoo.com	2 redirects imprammp.taboola.com am-match.taboola.com
4	tpsc-ew1.doubleverify.com	cdn.doubleverify.com
4	token.rubiconproject.com	4 redirects
4	tps.doubleverify.com	tagan.adlightning.com www.theonion.com
4	eus.rubiconproject.com	am-match.taboola.com eus.rubiconproject.com
4	onlinertb-us.s3.us-west-2.amazonaws.com	cdn.mediago.io
4	d2cli4kgl5uxre.cloudfront.net	www.theonion.com
4	cdn.adnxs.com	tagan.adlightning.com
4	cdn.mediago.io	tagan.adlightning.com
4	www.googletagservices.com	tagan.adlightning.com
4	vidstat.taboola.com	tagan.adlightning.com
4	btlr.sharethrough.com	x.kinja-static.com
4	hbopenbid.pubmatic.com	x.kinja-static.com
4	hb.yellowblue.io	x.kinja-static.com
4	ads.resetsrv.com	x.kinja-static.com
4	grid.bidswitch.net	x.kinja-static.com
4	bidder.criteo.com	x.kinja-static.com
4	fusion-media-group-d.openx.net	x.kinja-static.com
4	direct.adsrvr.org	x.kinja-static.com
4	krk.kargo.com	x.kinja-static.com
4	tlx.3lift.com	x.kinja-static.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	aax.amazon-adsystem.com	c.amazon-adsystem.com
3	image8.pubmatic.com	2 redirects
3	pixel.rubiconproject.com	1 redirects eus.rubiconproject.com
3	am-trc-events.taboola.com	cdn.taboola.com
3	prebid.media.net	x.kinja-static.com
3	tpc.googlesyndication.com	tagan.adlightning.com
3	static.criteo.net	tagan.adlightning.com x.kinja-static.com static.criteo.net
3	c.amazon-adsystem.com	www.theonion.com c.amazon-adsystem.com
3	www.googletagmanager.com	www.theonion.com www.googletagmanager.com
3	www.google-analytics.com	www.theonion.com www.google-analytics.com
2	dsum.casalemedia.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects eus.rubiconproject.com
2	s.amazon-adsystem.com	1 redirects eus.rubiconproject.com
2	i.clean.gg	acdn.adnxs-simple.com
2	am-match.taboola.com	tagan.adlightning.com
2	api.btloader.com	kinja-com.videoplayerhub.com
2	ad-delivery.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.google.com	tagan.adlightning.com
2	mug.criteo.com
2	trc.taboola.com	cdn.taboola.com
2	adservice.google.com	tagan.adlightning.com
2	adservice.google.de	tagan.adlightning.com
2	imasdk.googleapis.com	www.theonion.com tagan.adlightning.com
2	ml314.com	www.theonion.com ml314.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	sb.scorecardresearch.com	www.theonion.com
1	sync.taboola.com	am-match.taboola.com
1	vidstatb.taboola.com
1	image2.pubmatic.com	1 redirects
1	eb2.3lift.com
1	u.openx.net
1	cs.media.net
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	trx-hub.com
1	fr-actions.trackonomics.net	cdn-magiclinks.trackonomics.net
1	acdn.adnxs-simple.com	tagan.adlightning.com
1	x.bidswitch.net	imprammp.taboola.com
1	am-vid-events.taboola.com
1	imprammp.taboola.com	tagan.adlightning.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	www.google.de
1	ad.doubleclick.net
1	ping.chartbeat.net
1	idx.liadm.com	js-sec.indexww.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	ampcid.google.de	www.google-analytics.com
1	insight.adsrvr.org
1	static.chartbeat.com	tagan.adlightning.com
1	btloader.com
1	kinja-com.videoplayerhub.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	ampcid.google.com	www.google-analytics.com
1	js-sec.indexww.com	tagan.adlightning.com
1	htlb.casalemedia.com	x.kinja-static.com
1	fastlane.rubiconproject.com	x.kinja-static.com
1	6c36ba0810346b66fb1f3b0a1e8f9fb1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	s0.2mdn.net	imasdk.googleapis.com
1	geo.privacymanager.io	ats.rlcdn.com
1	cdn-magiclinks.trackonomics.net	www.theonion.com
1	ats.rlcdn.com	www.theonion.com
1	kinja.com	www.theonion.com
1	no.kinja-img.com	www.theonion.com
1	cdn.speedcurve.com	www.theonion.com
375	107

This site contains links to these domains. Also see Links.

Domain
theonion.com
avclub.com
deadspin.com
gizmodo.com
jalopnik.com
jezebel.com
kotaku.com
qz.com
theroot.com
thetakeout.com
theinventory.com
store.theonion.com
facebook.com
twitter.com
www.reddit.com
rogiestemelugin.com
popup.taboola.com
fortunts.com
trc.taboola.com
intouch.wunderweib.de
lhlrtvx.com

Subject Issuer	Validity	Valid
*.avclub.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-07-25` - `2023-08-26`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-19` - `2024-05-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
ml314.com GTS CA 1D4	`2023-06-07` - `2023-09-05`	3 months	crt.sh
*.trackonomics.net Sectigo RSA Domain Validation Secure Server CA	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M02	`2023-02-22` - `2023-09-24`	7 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-07`	4 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.dev.kargo.com Amazon RSA 2048 M01	`2023-02-13` - `2024-03-12`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
resetsrv.com E1	`2023-05-16` - `2023-08-14`	3 months	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-19` - `2024-05-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-22` - `2024-05-21`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
prebid.media.net GTS CA 1D4	`2023-05-09` - `2023-08-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
securedvisit.com Amazon RSA 2048 M01	`2023-03-01` - `2023-11-26`	9 months	crt.sh
*.liadm.com Amazon RSA 2048 M01	`2023-02-21` - `2023-10-29`	8 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.mediago.io Amazon RSA 2048 M02	`2023-02-24` - `2023-10-05`	7 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-28`	9 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.trx-hub.com Amazon RSA 2048 M02	`2023-01-21` - `2024-02-19`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2023-05-24` - `2023-08-22`	3 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://www.theonion.com/
Frame ID: B8312264D580A4ADF910C5CAA031973D
Requests: 254 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Frame ID: 55E725B59619AAE82B817DB4B718DD71
Requests: 1 HTTP requests in this frame

Frame: https://6c36ba0810346b66fb1f3b0a1e8f9fb1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 92DFC719275980039A57F8D93ED6B938
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.theonion.com
Frame ID: C0D1CBD2E949B9FAE74DC5DB09D5C5E1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3823BBD7E3A14FCCBE34845AE78979DC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3C4F0688A6FA3378C9D5A8DD64BDA24E
Requests: 2 HTTP requests in this frame

Frame: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Frame ID: 0FF9EA7154AD3449170170DEA09EFF3D
Requests: 16 HTTP requests in this frame

Frame: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Frame ID: 5EB22E82DE92610CAD290DD0C1BD6CC9
Requests: 16 HTTP requests in this frame

Frame: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Frame ID: FE88E2D434744F18A60D7634E709217F
Requests: 16 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8OkUCLAbYhoTN5h365xGwDQmbzTv0zysAAABgYID-AEnMXI7JbrRZSxYu01q0Mi7WEodjs5Z4fMuVYeGxrFaeISCJmcsx2Y02a8nCZVqLVsbFWuJwbNYSj2-5Miw8ltXKMwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJwwC6n4fr0-QMAAAAACAAAAAASAAj9PCUAZEgET_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyCzWZ8JHUgfiBToFWEEAAAAIBvocuDIJJ2gYlHl__-_3wrAFQCAAERMKQWmLLqDEm9hAAAAAMTgZchXKVEbpo5ZoIfF7zc77Bq_22X-_________838n_lHI9QER5om6KjwQ80vIADAml9AAAA24wYA4I0AnJCTgabT4XPd63W_3110dPntTr_drvG7_aJD0IrBYHUCYnYAAAAA7vz____jwcuQr1KiNkzVA1ITm8VhHOyWw8lisFw5FsuNa-VyeVYOl2vmXGy8p4ds8r-43Lymj4iwzH7fQch3uwwPn8sgKrreFrvDafYcxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9GYjFaIAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRGMTEzG0WDjWCssk41btDBZ1srBYLUWbSwri8e4XA0WG7fo9TFdfAuHYeHaIsGAkr1InhbpROOyuRYLw3K0Gs08K99o4li5VrbNYrgxDQaTzW4ilmhOFulEdtm3JjaLwzjYLYeTxWC5ciyWG9fK5fKsHC7XzLnY-CsTk3E02DjWCstk4xYtTJa1cjBYrUUby8riMS5Xg8XGLXp9TBffwmFYuPaN2XC2GE5my82-MRvOFsPJbLnZd5hMz9TnbLTGxJePynw131wqm9OgcBks3p_EtJh2ZwfVyXd0qjzOZVFn9Pv9fr_f7_f7_X6D1nMwGxS-v9_vbUZDCr92nHIcDIpYIrhIJzq_22VyOhxr0dHltzv9dotYojRdpBN90e92GR4-l78ilghOF-lE6He7LOo_YpDFbi4bzRWrxVyzSgAAAAAAAAAAlmCa6SYAAAAATgY1XC4Ws3U6mMlwthjNlgvgwpNM14_6Ro-2MNLYLpnGBLILIRnjYo09FnF-t8vkdDjWoqPLb3f67VYGcOFpxWyzzwhirVbLGgAAgAA2AAAAAW668SYwdYr7____HwcAAEBGDj0AAAD6fUBT0AAAAAAA_ApiMdkM9g9AhVir1ep2Y61WCw!&cmcv=&pix=undefined&cb=1686182694690&uv=3288&tms=1686182694690&abt=nonrv_vA!t45!testmsn_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=1fe12743-2ae4-4e81-ba13-bc79e0ac25e3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: E0908CDAA194B3E926D613305BCB2C7E
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8OkUCLAbYhoTN5h365xGwDQmbzTv0zysAAABgYID-AEnMXI7JbrRZSxYu01q0Mi7WEodjs5Z4fMuVYeGxrFaeISCJmcsx2Y02a8nCZVqLVsbFWuJwbNYSj2-5Miw8ltXKMwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJwwC6n4fr0-QMAAAAACAAAAAASAAj9PCUAZEgET_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyCzWZ8JHUgfiBToFWEEAAAAIBvocuDIJJ2gYlHl__-_3wrAFQCAAERMKQWmLLqDEm9hAAAAAMTgZchXKVEbpo5ZoIfF7zc77Bq_22X-_________838n_lHI9QER5om6KjwQ80vIADAml9AAAA24wYA4I0AnJCTgabT4XPd63W_3110dPntTr_drvG7_aJD0IrBYHUCYnYAAAAA7vz____jwcuQr1KiNkzVA1ITm8VhHOyWw8lisFw5FsuNa-VyeVYOl2vmXGy8p4ds8r-43Lymj4iwzH7fQch3uwwPn8sgKrreFrvDafYcxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9GYjFaIAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRGMTEzG0WDjWCssk41btDBZ1srBYLUWbSwri8e4XA0WG7fo9TFdfAuHYeHaIsGAkr1InhbpROOyuRYLw3K0Gs08K99o4li5VrbNYrgxDQaTzW4ilmhOFulEdtm3JjaLwzjYLYeTxWC5ciyWG9fK5fKsHC7XzLnY-CsTk3E02DjWCstk4xYtTJa1cjBYrUUby8riMS5Xg8XGLXp9TBffwmFYuPaN2XC2GE5my82-MRvOFsPJbLnZd5hMz9TnbLTGxJePynw131wqm9OgcBks3p_EtJh2ZwfVyXd0qjzOZVFn9Pv9fr_f7_f7_X6D1nMwGxS-v9_vbUZDCr92nHIcDIpYIrhIJzq_22VyOhxr0dHltzv9dotYojRdpBN90e92GR4-l78ilghOF-lE6He7LOo_YpDFbi4bzRWrxVyzSgAAAAAAAAAAlmCa6SYAAAAATgY1XC4Ws3U6mMlwthjNlgvgwpNM14_6Ro-2MNLYLpnGBLILIRnjYo09FnF-t8vkdDjWoqPLb3f67VYGcOFpxWyzzwhirVbLGgAAgAA2AAAAAW668SYwdYr7____HwcAAEBGDj0AAAD6fUBT0AAAAAAA_ApiMdkM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 54FF9890BB999F90FA66F902673D54E0
Requests: 3 HTTP requests in this frame

Frame: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Frame ID: B6DE8A0E87D13584923B6BDA76C36282
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: FDAEA496B0A085188ADE0909FEDAB374
Requests: 11 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931294&campId=728x90&pubId=4531748607&chanId=22405397127&placementId=4601586157&pubCreative=138271806400&pubOrder=2260375129&cb=1422380071&adsafe_par&impId=107f6dd0-0590-11ee-93a7-06d8cca89c2a&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-01
Frame ID: 17A64279E690C41DCAB5670BA1A77237
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3886.js
Frame ID: 55516622654ADE3085FFBE2144104A52
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com
Frame ID: 4B48AC2410EEA3BFD15443909629A8B0
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931294&campId=970x250&pubId=4531748607&chanId=22405397127&placementId=4601586157&pubCreative=138271807375&pubOrder=2260375129&cb=232953696&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-02
Frame ID: 1EE4C8570F8A376191BAE0C8C923B27E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3886.js
Frame ID: 2260A3548AE4F20D0A3A7B7C8114488F
Requests: 3 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931294&campId=970x250&pubId=4531748607&chanId=22405397127&placementId=4601585758&pubCreative=138271807375&pubOrder=2260375129&cb=768511596&adsafe_par&impId=&custom2=top&custom3=&custom4=&custom5=top-01
Frame ID: 16E433E6D8419112621A8433EBD0E64E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3886.js
Frame ID: 83FFDDD8DDC588C34CDF71D22FFCE0C8
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D199F727CF8C2268423EB1D9645346BE
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931294&campId=728x90&pubId=4531748607&chanId=22405397127&placementId=4601586157&pubCreative=138271806403&pubOrder=2260375129&cb=48184410&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-03
Frame ID: 153BCC9F80D8FAC9F382D2867697788B
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3886.js
Frame ID: E81CF59330463A368DA5C588E7C741A4
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A70514A2A51151B0308CAB0711E5C695
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 1794268A2D2C46A5DBB1E755633A7473
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C331EC456938C0538C04350B85F908C8
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8OkUCLAbYhoTN5h365xGwDQmbzTv0zysAAABgYID-AEnMXI7JbrRZSxYu01q0Mi7WEodjs5Z4fMuVYeGxrFaeISCJmcsx2Y02a8nCZVqLVsbFWuJwbNYSj2-5Miw8ltXKMwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJwwC6n4fr0-QMAAAAACAAAAAASAAj9PCUAZEgET_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyCzWZ8JHUgfiBToFWEEAAAAIBvocuDIJJ2gYlHl__-_3wrAFQCAAERMKQWmLLqDEm9hAAAAAMTgZchXKVEbpo5ZoIfF7zc77Bq_22X-_________838n_lHI9QER5om6KjwQ80vIADAml9AAAA24wYA4I0AnJCTgabT4XPd63W_3110dPntTr_drvG7_aJD0IrBYHUCYnYAAAAA7vz____jwcuQr1KiNkzVA1ITm8VhHOyWw8lisFw5FsuNa-VyeVYOl2vmXGy8p4ds8r-43Lymj4iwzH7fQch3uwwPn8sgKrreFrvDafYcxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9GYjFaIAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRGMTEzG0WDjWCssk41btDBZ1srBYLUWbSwri8e4XA0WG7fo9TFdfAuHYeHaIsGAkr1InhbpROOyuRYLw3K0Gs08K99o4li5VrbNYrgxDQaTzW4ilmhOFulEdtm3JjaLwzjYLYeTxWC5ciyWG9fK5fKsHC7XzLnY-CsTk3E02DjWCstk4xYtTJa1cjBYrUUby8riMS5Xg8XGLXp9TBffwmFYuPaN2XC2GE5my82-MRvOFsPJbLnZd5hMz9TnbLTGxJePynw131wqm9OgcBks3p_EtJh2ZwfVyXd0qjzOZVFn9Pv9fr_f7_f7_X6D1nMwGxS-v9_vbUZDCr92nHIcDIpYIrhIJzq_22VyOhxr0dHltzv9dotYojRdpBN90e92GR4-l78ilghOF-lE6He7LOo_YpDFbi4bzRWrxVyzSgAAAAAAAAAAlmCa6SYAAAAATgY1XC4Ws3U6mMlwthjNlgvgwpNM14_6Ro-2MNLYLpnGBLILIRnjYo09FnF-t8vkdDjWoqPLb3f67VYGcOFpxWyzzwhirVbLGgAAgAA2AAAAAW668SYwdYr7____HwcAAEBGDj0AAAD6fUBT0AAAAAAA_ApiMdkM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: E4A4A14CB3055749198DC192F4627B7A
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 7C7C174607940335B6AD838629EF86AD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Onion | America's Finest News Source.

Page URL History Show full URLs

http://www.theonion.com/ HTTP 307
https://www.theonion.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

375
Requests

95 %
HTTPS

36 %
IPv6

56
Domains

107
Subdomains

90
IPs

9
Countries

5099 kB
Transfer

14704 kB
Size

49
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://theonion.com/
Title: The Onion

Search URL Search Domain Scan URL

URL: https://avclub.com/
Title: The A.V. Club

Search URL Search Domain Scan URL

URL: https://deadspin.com/
Title: Deadspin

Search URL Search Domain Scan URL

URL: https://gizmodo.com/
Title: Gizmodo

Search URL Search Domain Scan URL

URL: https://jalopnik.com/
Title: Jalopnik

Search URL Search Domain Scan URL

URL: https://jezebel.com/
Title: Jezebel

Search URL Search Domain Scan URL

URL: https://kotaku.com/
Title: Kotaku

Search URL Search Domain Scan URL

URL: https://qz.com/
Title: Quartz

Search URL Search Domain Scan URL

URL: https://theroot.com/
Title: The Root

Search URL Search Domain Scan URL

URL: https://thetakeout.com/
Title: The Takeout

Search URL Search Domain Scan URL

URL: https://theinventory.com/
Title: The Inventory

Search URL Search Domain Scan URL

URL: https://store.theonion.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer.php?u=https%3A%2F%2Fwww.theonion.com%2Fbee-fact-did-you-know-1850514614%3Futm_medium%3Dsharefromsite%26utm_source%3Dfacebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.theonion.com%2Fbee-fact-did-you-know-1850514614%3Futm_medium%3Dsharefromsite%26utm_source%3Dtwitter&text=Bee%20Fact%3A%20Did%20You%20Know%3F
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fwww.theonion.com%2Fbee-fact-did-you-know-1850514614%3Futm_medium%3Dsharefromsite%26utm_source%3Dreddit&title=Bee%20Fact%3A%20Did%20You%20Know%3F
Title: Reddit

Search URL Search Domain Scan URL

URL: https://rogiestemelugin.com/5861e86f-c0ab-4988-b212-f5cdf2ef8cce
Title: Treppenlift-Hauslift.de

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=gomedia1-theonion&utm_medium=referral&utm_content=thumbs-feed-01-b-delta:Below%20Homepage%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://fortunts.com/collections/bras
Title: fortunts.com

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/gomedia1-theonion/log/3/click?pi=%2F&ri=cef51a09454f3e74b1e5e6318c400237&sd=v2_5bfba807982109e119c5eee3eae5f91c_2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5_1686182693_1686182693_CIi3jgYQ5LxeGJyUyMKJMSABKAEwODib4wlAjIoQSJGs2QNQ____________AVgAYABo___734HB_v8JcAA&ui=2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5&it=text&ii=~~V1~~3430323035598890944~~P0mvnNIBBMj_CACvopcxwG9OE0-lrKN62zRFWmN-j236nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdGP6mCOrMydSrc5toiHgFWAp-3Jybkbg7ntaoS2VbkfQGUkHQ3_G_JxGjhw9TrdPb_HE79lMnEshhClK6-ItHTlNH3EBEsSbolrdhJgUTJ0SUnfDueH3AwhvTfauyFTuVnIBhMVuagGFjnMgWNrlFALu73ETmnfNFJzU3BmMA-FGrSKCvTMNihR0Kv3XR8PzKKvuvMET7zjtHu_AE_2i5FYST2daYEcMwDOOmbsjJFaAgPd-lvQjEbEz1XvwXi7rc92dbZOu9M3dpQXDz-I-vn79BgZFz4ZpKL_ET6vXmF4kycUbXIafn6bcwOmL6qsuwrqtfNB9PSjDBlig62vbwfc&pt=home&li=rbox-h2v&sig=750b525916125ea6f5760c3c0beade7bb79a37cf348d&redir=https%3A%2F%2Ffortunts.com%2Fcollections%2Fbras%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiB9-0-IJyB8SgTw0Df2r-0BjqhDgI_ffkm_BweSDmIiCSDK3V0o2YX5t5vOxboS%23tblciGiB9-0-IJyB8SgTw0Df2r-0BjqhDgI_ffkm_BweSDmIiCSDK3V0o2YX5t5vOxboS&vi=1686182693404&p=baidusearch-greermy-sc&r=6&lti=deflated&ppb=CJIE&cpb=EhMyMDIzMDYwNy0zMS1SRUxFQVNFGAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTU4gK6Cyg1Am-MJSIyKEFCRrNkDWP___________wFjCPRDENVZGDBkYwirQhDeVxgyZGMIzf__________ARDN__________8BGDNkYwjXFhDVHxgjZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCXHBgYZGMI7wMQiwcYCWRjCOskEIEyGB1kYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogB98en7QGQARyYAbqUyMKJMQ&cta=true
Title: Shop Now

Search URL Search Domain Scan URL

URL: https://intouch.wunderweib.de/curvy-models-plus-size-models-98772.html
Title: InTouch

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/gomedia1-theonion/log/3/click?pi=%2F&ri=cef51a09454f3e74b1e5e6318c400237&sd=v2_5bfba807982109e119c5eee3eae5f91c_2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5_1686182693_1686182693_CIi3jgYQ5LxeGJyUyMKJMSABKAEwODib4wlAjIoQSJGs2QNQ____________AVgAYABo___734HB_v8JcAA&ui=2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5&it=photo&ii=~~V1~~5267363416642179638~~mO5M0rntzJMWRpS1r4EConrAF_zzsQcM5R69SsoJtgT6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdGP6mCOrMydSrc5toiHgFWAp-3Jybkbg7ntaoS2VbkfQGUkHQ3_G_JxGjhw9TrdPb_HE79lMnEshhClK6-ItHTlNH3EBEsSbolrdhJgUTJ0SUnfDueH3AwhvTfauyFTuVnIBhMVuagGFjnMgWNrlFALu73ETmnfNFJzU3BmMA-FGrSKCvTMNihR0Kv3XR8PzKKvuvMET7zjtHu_AE_2i5FZPwp9aGhBUCewGpVCI868tno6M4KD2MX42bOutgwJTJgpqWkMpmWWM4vaPDmbUXqymWeTTSTpBBd1sgCTnxBl7DsmmjsnFApAqbasdk3ySMym0TygppQBly8H6NbmVifk&pt=home&li=rbox-h2v&sig=6d2a8308b6aeb5cd23c921dccf00a35b2c445fe6fd74&redir=https%3A%2F%2Fintouch.wunderweib.de%2Fcurvy-models-plus-size-models-98772.html%3Futm_source%3Dtaboola%26utm_medium%3Dcampaign%26utm_campaign%3D12489956%26utm_term%3D3571891596%26utm_content%3Dtheonion.com%23tblciGiB9-0-IJyB8SgTw0Df2r-0BjqhDgI_ffkm_BweSDmIiCSC77UUorYmAra7gw6_IAQ&vi=1686182693404&p=bauerxcelmediadeutschlandkg-intouch-sc&r=21&lti=deflated&ppb=CJIE&cpb=EhMyMDIzMDYwNy0zMS1SRUxFQVNFGAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTU4gK6Cyg1Am-MJSIyKEFCRrNkDWP___________wFjCPRDENVZGDBkYwirQhDeVxgyZGMIzf__________ARDN__________8BGDNkYwjXFhDVHxgjZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCXHBgYZGMI7wMQiwcYCWRjCOskEIEyGB1kYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogB98en7QGQARyYAbqUyMKJMQ&cta=true
Title: Weiterlesen

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=gomedia1-theonion&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Homepage%20Thumbnails%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/gomedia1-theonion/log/3/click?pi=%2F&ri=ae961e001e74d23b11a4df0dd00435f4&sd=v2_5bfba807982109e119c5eee3eae5f91c_2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5_1686182693_1686182693_CIi3jgYQ5LxeGJyUyMKJMSABKAEwODib4wlAjIoQSJGs2QNQ____________AVgAYABo___734HB_v8JcAA&ui=2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5&it=text&ii=~~V1~~4870767560869916469~~Me8Jb9ro2Ri8_v2vHzcICNwH5mliO22YM7mSEW9CMU76nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpL08AYb8cdeHjF8sfGvJ-9SdvawdnxERG0Az1DkNGQRltPpjZKZj2wutoMIjC-8kArCf1dscj8sMQo3yvFHNAgc7lMMYORlvzbmP64qTsBGwg&pt=home&li=rbox-h2v&sig=3ef0b744a6bd4c636cc8fe3f011b53e2e6053a1b3100&redir=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN718661.4271785TABOOLAEUROPELTD.%2FB29860133.366142999%3Bdc_trk_aid%3D557166139%3Bdc_trk_cid%3D191287121%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D%3Bdc_tdv%3D1%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiB9-0-IJyB8SgTw0Df2r-0BjqhDgI_ffkm_BweSDmIiCSD96lkok8DCot_c_vrQAQ%23tblciGiB9-0-IJyB8SgTw0Df2r-0BjqhDgI_ffkm_BweSDmIiCSD96lkok8DCot_c_vrQAQ&vi=1686182693404&p=starcomgermanygmbh-alfaromeo-sc&r=19&lti=deflated&ppb=CJwG&cpb=EhMyMDIzMDYwNy0zMS1SRUxFQVNFGAEgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTU4gK6Cyg1Am-MJSIyKEFCRrNkDWP___________wFjCPRDENVZGDBkYwirQhDeVxgyZGMIzf__________ARDN__________8BGDNkYwjXFhDVHxgjZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCXHBgYZGMI7wMQiwcYCWRjCOskEIEyGB1kYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogB98en7QGQARyYAbqUyMKJMQ&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://lhlrtvx.com/click
Title: KetoXplode

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.theonion.com/ HTTP 307
https://www.theonion.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://www.theonion.com/undefined HTTP 301
https://www.theonion.com/

Request Chain 147

https://gum.criteo.com/sid/json?origin=publishertagids&domain=theonion.com&sn=ChromeSyncframe&so=0&topUrl=www.theonion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=cOEeonxIWnFTU01aTGE2ZTNSK0NheDN5UzhQOUE1NERvVTQ1OGVtcWM5dE8wUHJPeXY4b3Y3VFJET3JKOXY0RmJDU1JKSHo0R000Yk52WERlZ3hCMWprZEV4REZsUTBhSTRYZEZHdDVSM0ViM3VCTEQ1L3EwdXU2SHBiWDZCOUU0MHlOS2MrZDduVzZDSTlaQXEzb2hWMlhWTHVSMjZ5eHdjdFhOcU9ncEloSWhsNitPbjFEckkvYklRN1hkWkQzdnFjYnkxKzBJR1BxMVg5bFJ3c2txeWc5WkFPL3dQbHZ2TnpsdlVVbWdPc1V1ajk2dWlVaXFxT3VVVGhqUGFRYTdKNHY4MndIR291NWxFaXc3aS9qN01xbEI5MUlEVXd0V2FxZ3NuU2hsSlpYTFpXST18&cppv=2

Request Chain 180

https://kinja-com.videoplayerhub.com/gallery.js HTTP 301
https://btloader.com/tag?h=kinja-com&upapi=true

Request Chain 249

https://trace-eu.mediago.io/cs/xandr?rdid=7b75ae74ca50ac4c63237833e361ca60 HTTP 302
https://ib.adnxs.com/setuid?entity=529&code=6a4ad7962b6e34d5288849ab134a4550

Request Chain 280

https://trace-eu.mediago.io/cs/xandr?rdid=2aefc6e3586164d7c4153d1575f56a28 HTTP 302
https://ib.adnxs.com/setuid?entity=529&code=6a4ad7962b6e34d5288849ab134a4550

Request Chain 288

https://trace-eu.mediago.io/cs/xandr?rdid=6d08e3de81e28f1beb8be8800493049d HTTP 302
https://ib.adnxs.com/setuid?entity=529&code=6a4ad7962b6e34d5288849ab134a4550

Request Chain 307

https://trace-eu.mediago.io/cs/xandr?rdid=dab518c1c06d4adf482f115d17ed003d HTTP 302
https://ib.adnxs.com/setuid?entity=529&code=6a4ad7962b6e34d5288849ab134a4550

Request Chain 309

https://gum.criteo.com/sid/json?origin=publishertag&domain=theonion.com&sn=ChromeSyncframe&so=3&topUrl=www.theonion.com&bundle=I3-Iu19iM243VW4wdmtjWkQ1OTRYUEhyWlYlMkJ1dmtTR05nckY1WEpzJTJGSGxpSkhMVlVqdEdyQ2RRWnJSWlEzSWlXaks3bzlNc0pEbzlaUkglMkZaREFEdTR2ZVFVRVU3SXJtUjZBa2RLMkJZaFlGTU5SU3VQTFhHR0k4T0JweElNJTJCVVp1cFJpaXdaWkxkT3Z5OXhLZjdrMm9uR2EwdyUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=yh4BknxkME9td2E1Rk5EZnR4enRrS1FXVlVUUThhcmxNemNWaTVvdU50aDZkSFFaQS9SY1hLc1oweVp4cjhPRVFjMmJ5RWpjZnI2cHdGdS9id00zb3d3VWwwUXYzLzNtRW9SNjd2MThPV1ZwRFhReHNPWUhBd0VWbjJJdGd2RG9pSERoRHBGa1RHamJQbXF0REJTcFp1b3FQd2RUZEtFVmlwVTgxY0taQmpyYzhieGNid1JQMlE5M29rRFJtRHRxakZlWXJDYXRKOENNUUR1UDM3WnU5cjV4blVsQXh2UTBQVDkyTHVJUEVFQlZNUzEyeC93MEV5TVN2T3NLa21RdzhQdHcrVzljdHBFU0RvOUQrSnMreHo3cUppOS83Wk9ZajRiM2xkTFJpS0c2VVdoOD18&cppv=2

Request Chain 326

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIMDN14J-G-HMV8&gdpr=1&us_privacy=1---

Request Chain 327

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzE5ZWRkNzA1ZjUxNTJiZjBkM2NmZDY4YThkOTEzNzkxNzQ0ZGY5Zg&gdpr=1&us_privacy=1---

Request Chain 328

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 329

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEIlYQ2fxi1atsMMHUIMOqws&google_cver=1

Request Chain 330

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElNRE4xNEotRy1ITVY4&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEJ5KAftTBN4Jaq_bxSHIN0M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElNRE4xNEotRy1ITVY4&google_push=&gdpr=1

Request Chain 331

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 332

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/Kn1TcBu5BFB3APESRfS7ww?csrc=&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zlmuWZtE2oKssTzcgyoiNVn066SGiIrwoya7RQ--~A

Request Chain 358

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/ZIEbKENjrNzwsOTOXUSMxAAADI0AAAIB?gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid=

Request Chain 362

https://image8.pubmatic.com/AdServer/ImgSync?p=161204 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=161204&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDk5MENFNTYtNzQ5Ri00M0Y4LUI4QUItMjJGMEQyRjBCMEE2&gdpr=-1&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 376

https://pr-bh.ybp.yahoo.com/sync/taboola/2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-88i0IXZE2oSYWfegVq3_2tXJSSt.0caTsDsz_A--~A

375 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.theonion.com/
Redirect Chain

http://www.theonion.com/
https://www.theonion.com/

392 KB
63 KB

74ms
9ms

Document
text/html

151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

515b5c5dceb7a507f6e57d679ca415ac060e9a4ea5c3f85497b5f60157fa811c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 74
cache-control: stale-if-error=86400, stale-while-revalidate=300
content-encoding: gzip
content-length: 63172
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Thu, 08 Jun 2023 00:04:52 GMT
etag: W/"61ff9-qGZZmiMQrqhX12S2k02F/zXiqjE"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Authorization
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 19, 1
x-cdn-fetch: mantle-default
x-content-type-options: nosniff
x-googlenews-bot: false
x-kinja: kinja-magma-kube03-75d469f7db-whxbd #4170
x-kinja-build: 4170
x-kinja-gdpr: true
x-kinja-revision: 80a44da0f443fac5bd82de372634851d4345e5d5
x-kinja-server: kinja-magma-kube03-75d469f7db-whxbd
x-kinja-superheroloaded: true
x-powered-by: Express
x-served-by: cache-iad-kiad7000116-IAD, cache-iad-kiad7000116-IAD, cache-fra-eddf8230060-FRA
x-timer: S1686182692.098485,VS0,VE2
x-ua-device: desktop
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.theonion.com/
Non-Authoritative-Reason: HSTS

GET
H2 200 roboto_condensed_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 15 KB
16 KB 72ms
9ms Font
binary/octet-stream 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_reg-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 563YCJKW05V1F2RY
age: 103
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 15700
x-amz-id-2: AOKxzz7KSbFSOyL3zNGyVkWEUqPiBupH3OftBYWSJZHKHUSOjz1C4hDPF5kql0C5GChjPyVv8j21pmB3FP+uCktlL1r9aUcS
x-served-by: cache-fra-eddf8230139-FRA
last-modified: Fri, 13 Jan 2023 15:40:59 GMT
server: AmazonS3
x-timer: S1686182692.195710,VS0,VE1
etag: "3d7f7413fca69bff4d231ebdc50aaab0"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 roboto_condensed_reg_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 17 KB
17 KB 71ms
9ms Font
binary/octet-stream 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_reg_it-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ab6d5bddb52a980ebe7658cca937e1ce087c1478cbeb13715876e463b2dd7f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 8GHTYNXVE2RRBXQQ
age: 78
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17376
x-amz-id-2: SGztQ9AUQgEgIqBR2BPMuChKgxT0vVpXn9Gsu13lu0MsNUWrkCn9gzil+iUJaoAqlIx6Y2Zy5zw=
x-served-by: cache-fra-eddf8230139-FRA
last-modified: Fri, 13 Jan 2023 15:40:59 GMT
server: AmazonS3
x-timer: S1686182692.195694,VS0,VE1
etag: "8e134f1169d65556e833a4f33fd78242"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 roboto_condensed_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 15 KB
15 KB 77ms
15ms Font
binary/octet-stream 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_bold-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: GCSMRVJXDDS48WB9
age: 33
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 15660
x-amz-id-2: MFymAouKCPN+z67dmwLx9HJmPb6P+cZz7LizC5BV5onV/uwT7hXQTqWDuwHNVnaxDUaQ46p4tZ8=
x-served-by: cache-fra-eddf8230139-FRA
last-modified: Fri, 13 Jan 2023 15:40:57 GMT
server: AmazonS3
x-timer: S1686182692.195676,VS0,VE1
etag: "d7b0b953a50fddaa88089b5b787cf719"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 roboto_condensed_bold_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 17 KB
17 KB 77ms
15ms Font
binary/octet-stream 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_bold_it-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

921d6a08298f520a4f4c7444ba3cf32d128706ad4018c6a576f915d79122a8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: VDXDSTHSRT7P02PA
age: 74
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17080
x-amz-id-2: fuXpV/ZN1oa9xO2+Bx8DBOcTLwXPABK8PlJWBmycpaxyuFQxMttlyu5fj/CtdKONeNjCvaUU3OQ=
x-served-by: cache-fra-eddf8230139-FRA
last-modified: Fri, 13 Jan 2023 15:40:56 GMT
server: AmazonS3
x-timer: S1686182692.195941,VS0,VE1
etag: "e43aefe2f0b22276ca8ade3f8040749b"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/ 18 KB
18 KB 68ms
7ms Font
binary/octet-stream 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: FVP1VNSQ085N11QY
age: 104
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17984
x-amz-id-2: ytgAJ2cqu3UEANmICP6jIyMgyHyqavCy2JxA+aHn/GEyh7AmpdNcrJwX1udtNF/r1Asvaozq0Mg=
x-served-by: cache-fra-eddf8230139-FRA
last-modified: Mon, 29 May 2023 16:10:31 GMT
server: AmazonS3
x-timer: S1686182692.195964,VS0,VE0
etag: "0518781cd45a71291d17ea1febfcc5fe"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 41ms
7ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 01:02:59 GMT
content-encoding: gzip
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 82914
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: lRazMQ2NuRip75SX7qGgIcwVQXSg4pYxkk3gF9jUrzOIrG74gAtX2A==

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 21 KB
8 KB 33ms
7ms Script
application/javascript 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=527761496
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 5f5fae80f0c98899eeabe0f618454ca066c741eba7ed03141bb60fd47fe27fdc

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-cache-hits: 7
date: Thu, 08 Jun 2023 00:04:52 GMT
via: 1.1 vegur, 1.1 varnish
content-encoding: gzip
age: 5620
x-cache: HIT
content-length: 8026
x-served-by: cache-fra-eddf8230117-FRA
last-modified: Wed, 07 Jun 2023 22:31:11 GMT
server: Apache
x-timer: S1686182692.196742,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 22:31:11 GMT

GET
H2 200 b21e5c353e527cff6d18e7df35d68c21.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,q_60,w_645/ 13 KB
13 KB 56ms
8ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,q_60,w_645/b21e5c353e527cff6d18e7df35d68c21.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee42cc4895a8863fdb7d7f9127a18d233c85e4a1f8ce4e78f5851f73670eeba0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: ksX4G853dVgvho_QH08Ro0Zw2Rm9cGI6
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: B8PH1KW5EMY897QY
age: 22787
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=3234807 idim=2000x1125 ifmt=png ofsz=13178 odim=645x362 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 13178
x-amz-id-2: qNdkFxG9nybUVWHb/zxR6BpVajkWJwHZ2RheI6LszlVO+vzLdDrQ9tSDzGaJVT56ZNkmkWe72bM=
x-served-by: cache-iad-kcgs7200055-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.219681,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=362&quality=60&width=645
etag: "zge2xVtgtERn3x1BAdNpy9vpepXLudZlbHBUCgRh2yE"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 16, 1

GET
H2 200 092a51e2855241c6f6b3d50af7ba30a8.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 9 KB
10 KB 56ms
9ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/092a51e2855241c6f6b3d50af7ba30a8.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1b9b63cc4dee950e19d2be6afc55d6fac1263599ff1ce2554f26961948f09a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: FTdlTp1HucKmFEsGXoVISkj6ke5jNs8G
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: 089F59PX9BQD8FXV
age: 97371
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=1468579 idim=2000x1125 ifmt=jpeg ofsz=9640 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 9640
x-amz-id-2: Pk2hHZWUsMcuoO+TWUairC5M80HGmoe6JVXPdtQ4IEV2RFOzjhPDjzFQSgxTv2F55wY2DAyWCSSok6S2pHli4PfsKqn4IyLi+i0CULJSVA4=
x-served-by: cache-iad-kcgs7200124-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.219668,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "Xo6rucW2Q48/a/M12doB8dF0KyQBXtVV8MjwPuLVaMU"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 37, 1

GET
H2 200 ccc5d67a06cd84211536cbac7ea2191c.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 6 KB
6 KB 56ms
9ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ccc5d67a06cd84211536cbac7ea2191c.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd8871fb1793f2de3d938a30c55ca827fc78ecbdef9470357262258e66f5e7e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: RIqdqoSBhIpt8U5jirgaw46g6EzBgjd9
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: MMP0XXFYQ9X7WR4S
age: 40372
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=3816597 idim=2000x1125 ifmt=png ofsz=5768 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 5768
x-amz-id-2: AFD7HDNG1bdJONo9WPLX/Tm4b6VvVf89Kg9/iaZaBozvnipan1ym9Z4zwiWC62xRkIaoDs4+RrpGpCcFWBwYgw==
x-served-by: cache-iad-kcgs7200022-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.219720,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "OqVX1vTa+GBrk6mierjf7T0KkqL3z0Zlb/0kQfL9QHQ"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 718, 1

GET
H2 200 a1glirmtpgnnrgkq96yv.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 9 KB
10 KB 57ms
9ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/a1glirmtpgnnrgkq96yv.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 98555f82ad12532d426de758a88dbfe0d27a0d57f42a62cce2c700a6891ae6c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: AmericanVoice_OG_FINAL
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-meta-cld-interesting: {"eyedea":[[427,10,347,463],[54,70,312,416],[804,10,336,448]]}
x-amz-meta-cld-transformation-id: 10000011314925
x-amz-request-id: B8PDARPP2J9262C9
age: 3232117
x-amz-meta-cld-version: 1526415104
x-cache: HIT, HIT
fastly-io-info: ifsz=761483 idim=1200x627 ifmt=jpeg ofsz=9086 odim=340x191 ofmt=webp
x-amz-storage-class: STANDARD_IA
x-amz-meta-cld-surrogate-key: 518906947868701340742262034292367127578
fastly-stats: io=1
content-length: 9086
x-amz-id-2: Fl0VhEolX4mm2SP0v1Fv5vOp99duK74CwsnK9pVyk3F7TZQ8DncBRA/9Wm4NtsD6D88p5wV4YPg=
x-served-by: cache-iad-kjyo7100116-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.219697,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "PRBmtvRCn9V0E1H9+X/6W8GnpVgLvyY1cPsdlyxihnA"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-meta-cld-original-extension: jpg
x-cache-hits: 5682, 1

GET
H2 200 52188e3c7f527633f5047097dd7bb094.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 7 KB
8 KB 56ms
8ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/52188e3c7f527633f5047097dd7bb094.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6c485f1f666fd7a72c0b41266fbd678fa285711fd2813a176db9b9bbabb953b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: jAMpae0Lro7FnfeXvJE3mQQL5AE0Jm_Z
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: DESKPNM7AJQQVHMN
age: 104095
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=240645 idim=2000x1125 ifmt=jpeg ofsz=7620 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 7620
x-amz-id-2: 6WbaumAT4omvUGJpHBIdCXlYuUP4Rgr4HvsYsh9NhxnH7s68BGdkTltTBNwey+PQaUvasBI0yrUO2gQXVt2edQ==
x-served-by: cache-iad-kiad7000151-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.219651,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "jYsH0Db+m63HCmzzJpHA+UislBiEk38ewf/H1ZE0Elw"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 42, 1

GET
H2 200 197xrjaz7466rpng.png
no.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,pg_1,q_60,w_645/ 54 B
598 B 54ms
7ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://no.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,pg_1,q_60,w_645/197xrjaz7466rpng.png
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ad61602e9db9558662d5280058aee442dbf0b3676a043158ea945439e4f6346

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: original
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: NA9M5P2FC4C10ESW
age: 3749536
x-amz-meta-cld-version: 1388776355
x-cache: HIT, HIT
fastly-io-info: ifsz=95 idim=1x1 ifmt=png ofsz=54 odim=645x362 ofmt=webp
fastly-stats: io=1
content-length: 54
x-amz-id-2: iIwSsUXVMMGb4jzPwd3F8JPi0aWeiQkuc2vx4NXxRuP2vvOEHrxaGbjzDrHMJBBJ/GilhKc8HeE=
x-served-by: cache-iad-kjyo7100146-IAD, cache-fra-eddf8230139-FRA
server: AmazonS3
x-timer: S1686182692.219342,VS0,VE0
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=362&quality=60&width=645
etag: "8BXYySxyyUaE383ZNc2VVYHztHXYmxrVLdcZf6slSps"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 231, 6

GET
H2 200 7d051cbb43689442ede54402d416a621.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 6 KB
7 KB 54ms
7ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/7d051cbb43689442ede54402d416a621.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c9bdc6048330e1ca6023608f60e9dc755dc1f6bd3ca9d35d73242bb929eefd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: aY1JwEjVZKodPFn2Wly_GTIO3KhNFOsh
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: XABNGBZTY0YY8T25
age: 183055
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=1371439 idim=2000x1125 ifmt=jpeg ofsz=6554 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 6554
x-amz-id-2: 80KoJlI6347pcuJO/ACts4SPn+dP/2wsW/O29hA5B2aPomyP88DC4kmZ92YTc5U8rsYFNH60rFc=
x-served-by: cache-iad-kiad7000040-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.218995,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "4i0oVH2UrHWfeop/U3rUF1GzQjrbs8Spb71iI/HsWCc"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 24, 1

GET
H2 200 e4cf78092c4fcc323debae9a0e86dd90.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 10 KB
10 KB 10ms
8ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/e4cf78092c4fcc323debae9a0e86dd90.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43f7925d2866f6457a8a1329ca62170e0b997097e7aef7f7b6c8d7e6f4dd6275

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: EOEHo0OLc4MFqBcZxg7zQ47dPJ6cI0yz
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: PQGZ1B8VV6YZPDGB
age: 132531
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=4501704 idim=2000x1125 ifmt=png ofsz=10056 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 10056
x-amz-id-2: HFXuUK40NrJ1aZ6zsI45uDpDNq2NawbVBvjZEG5XQ2epgqnKPckELprCWNRvQwQZ7xqngJhh10dZZXj/7JTk49FPTL1rQY0MDnaIliyfQC8=
x-served-by: cache-iad-kjyo7100045-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.229770,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "QSKGsmKxVlPwSWSryH2UmoOo7q6H5Hwi0MLOYe+7NuE"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 34, 1

GET
H2 200 d5bdef466f56026fa8f8a4760c20d1fb.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 3 KB
3 KB 9ms
8ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/d5bdef466f56026fa8f8a4760c20d1fb.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18b87c6319166b2ec849c666ebcae958363e85913f3df2e610c0f7b0aa5d198a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: ipaKvvh1UW3UmH8_P_MMQXtu8zEN.LcQ
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: 8FMP9CY51AC9RJ2G
age: 199899
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=311131 idim=1121x631 ifmt=jpeg ofsz=2952 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 2952
x-amz-id-2: Q5lqvbGTBkzSsj45WO3wS8yz3ziSS7poYPnlL6YgyCB6BRDlu5IvlTWcvprk7osnIU34phJW6zQ=
x-served-by: cache-iad-kiad7000085-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.230057,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "qzLoUv62PgpDf2EemGiZ+fR+M5xKDPR1htWcEPk7R3E"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 54, 1

GET
H2 200 dcf9b9f3f1e0193a931a49305cd4f69d.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 14 KB
14 KB 9ms
8ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/dcf9b9f3f1e0193a931a49305cd4f69d.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4234ad97764d2add90c7b99de87dfb85ec66b13cd08adbb5672252039422263

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: AEEUzyxShlSeHscs5B43gJFyyNL.1CAx
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: BY8CPHGGAR8JNSEG
age: 50603
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=3334153 idim=2000x1125 ifmt=jpeg ofsz=14244 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 14244
x-amz-id-2: QXps57lNYOW1UlqTUwXiI4HAr2zfDME7uDMw6p6GN+oKiXLfNNzrWORyiIYm7ZpK0VFYXbQCYMD1Pzkyq7u5BXtuUIXp0oC0m/cPXV1l8SQ=
x-served-by: cache-iad-kjyo7100078-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.230007,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "hF3yEGUyW+/7axiFV2Sz4rljpKATf3bcWgSvFaeltD4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 1c40a8c7a442772444533306f0238ac7.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 8 KB
8 KB 10ms
9ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/1c40a8c7a442772444533306f0238ac7.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 248f505a8b5ee4ce8e884057589eae2ed0e5f6cef657cbffb05028d5dc7cf502

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: WyOUB6FxdAV9bJvAd_7w9o.X9fOdmsJX
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: FBMH9GFXX8SD06XG
age: 561016
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=1200035 idim=2000x1125 ifmt=jpeg ofsz=7994 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 7994
x-amz-id-2: Mgb1iIxq/B+RIgEms6uHpLsED5gF4QBEhcNW5UG3FJmom5Qp3WZEeJDlhf4IjNn+KJ/U3Qkte4s=
x-served-by: cache-iad-kjyo7100071-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.229990,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "I5gQcuDaZsf9IKl9wQmb/Pcn/XpPun02yZWL1qu1KvA"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 5430, 1

GET
H2 200 a637b8a14e0961f1ae08301602f07d52.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 7 KB
7 KB 10ms
10ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/a637b8a14e0961f1ae08301602f07d52.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40a29eed6bf6c05ed40be089eb27a2323d2ee0eeee21b44422a9cae0c02b955a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: XrB8aDBAvZgscWgz8CVSEb2Puj6xpohP
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: CK99KYVEWPXC91Z5
age: 534392
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=2890812 idim=2000x1125 ifmt=png ofsz=6802 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 6802
x-amz-id-2: WNCke5XtlIG1yt/qdhFANyQtaicCwxzqGWnLN71yUBkw/pnPKJZnRuBLGTK1HhQSPxQtJfdG4rg=
x-served-by: cache-iad-kjyo7100086-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.230368,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "WvLDl9v6oeY+/XDb+0AQGUZUrcs7IV41QXenmY/77V8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 23, 1

GET
H2 200 b5b062fa700336e423f3724671dfc521.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 7 KB
8 KB 10ms
10ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/b5b062fa700336e423f3724671dfc521.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45a62d4fd5b29deae5aacc4e325ee0b962c86a2b4f41f3b3e4d4afc74926f52a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: QevIFHbYMBU1A6a5hd9tC14QtvJ5uNut
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: 4FYYN9EFS842QT75
age: 734830
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=295401 idim=2000x1125 ifmt=jpeg ofsz=7260 odim=340x191 ofmt=webp
x-amz-storage-class: STANDARD_IA
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 7260
x-amz-id-2: /l081BBdwuEHQ9hEtkPpcLzSZFgn84PyjFBez+TFxjunVwaCSzv01kHpdYIqKhtnjvyydExJ3LA=
x-served-by: cache-iad-kcgs7200113-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.230356,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "Ejek16NIePyHI1Gan1sLAGOZwTKcAEGORkRRIHAZPYI"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 6, 1

GET
H2 200 367859b8909a538fdc190ecdb45ab9bf.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 7 KB
7 KB 11ms
10ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/367859b8909a538fdc190ecdb45ab9bf.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53cfaf25e39926c20727a9c13a7f28a59f378e50a056c701dc93ec8d3b790e3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: JTy6QnG6XmXNreejO5wup.4x55cir9Hy
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: KWZM80T3CSMFF6Y5
age: 531698
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=1821766 idim=2000x1125 ifmt=jpeg ofsz=6812 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 6812
x-amz-id-2: WX89lwWl67iLHrDZoln9zrPAVmDlqxdUrk0mxJg6FILsG3Vzmq3Kn2x457ImeG1A9/KDq6Vg9HA=
x-served-by: cache-iad-kcgs7200072-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.241047,VS0,VE3
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "O38yhNININQLvOkcta8Wtqr43ZIlyGpeNEXLHrnfbVI"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 73, 1

GET
H2 200 abwm6w3prjmdcyvoqfxn.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 9 KB
10 KB 8ms
7ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/abwm6w3prjmdcyvoqfxn.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b630399dc87169c912b553c7dc294e6a7af0ca96a3186f27086566d7dd87ca41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: AmericanVoice_OG_FINAL_2
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-meta-cld-interesting: {"eyedea":[[719,0,433,578],[440,57,358,477],[28,96,351,468]]}
x-amz-meta-cld-transformation-id: 10000011314925
x-amz-request-id: 7JN462E85K0P7P76
age: 2544810
x-amz-meta-cld-version: 1513026540
x-cache: HIT, HIT
fastly-io-info: ifsz=837776 idim=1200x627 ifmt=jpeg ofsz=9144 odim=340x191 ofmt=webp
x-amz-storage-class: STANDARD_IA
x-amz-meta-cld-surrogate-key: 388542581494185918882418185766411367189
fastly-stats: io=1
content-length: 9144
x-amz-id-2: 4JgX1JSERUGknDZi3C5jXNddr8gb/fa114d0sdVm4tV5vxzBDRuyEa7zqCThR1SzHYx5axQo9/YmW1TKGlMKzCKJyp2MQaMZ
x-served-by: cache-iad-kjyo7100157-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.241037,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "y7SPZ2SgZOpy1XS+3sgmR1gOf2pXElDkczkCG+3fIU0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-meta-cld-original-extension: jpg
x-cache-hits: 9234, 1

GET
H2 200 ff0b0b55297da365c1752f21eaaed180.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 6 KB
7 KB 9ms
8ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ff0b0b55297da365c1752f21eaaed180.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9435d9c9100ba30429173f07afc84a22c1e141e58a008db1531ff5d86b3dece7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: ._.scQ6SZXCZG1zXVvSqCPluD0gjIh3P
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: D583TKGXNJMA0KFS
age: 545845
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=3259804 idim=2000x1125 ifmt=png ofsz=6396 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 6396
x-amz-id-2: +0Ju6GF1MXSIT9A3O5X+aHu6r9auMXUZOUJszML9YpDuG5MiIorI/Iokm9rZbkSYQWkCefrfhoI=
x-served-by: cache-iad-kiad7000061-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.241357,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "b/cntXrm+WCodzoHZXiDs8E1w2gfwWXjoo0HZDHAMsk"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 6, 1

GET
H2 200 60227de3b0878ada874dffb6ca469aca.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 10 KB
10 KB 9ms
9ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/60227de3b0878ada874dffb6ca469aca.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32879eba9b2433c53f34f9e1e3ed09e6fa564fca84252541b75526a2148ddcd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: Ijy2C8d1xS1zU55fczZbyjYpXTxq7CEa
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: 2VQPZ3KESHTEC645
age: 1259350
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=3239790 idim=2000x1125 ifmt=png ofsz=10014 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 10014
x-amz-id-2: RFqQ9bBe/dCjCEafc5yGZ4O8daIrq2oAqoRlXSeQs39Gai3eZx+yrL/FWF0+J5oseiaUaEmRm/c=
x-served-by: cache-iad-kcgs7200148-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.241350,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "MNRnLg8THId6sbUV9zXU1IBaTk+dOSjvCYoukAwvur4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 2, 1

GET
H2 200 e8ca589e64c4a134a0a6e350b7d1705e.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 7 KB
7 KB 10ms
9ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/e8ca589e64c4a134a0a6e350b7d1705e.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a543c35e7050946b66d2c94dae4e311486abc4e409c990859eadd278eae34ba9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: i0axhlzwhTQeGROx6wolA7DD2I7.eNqx
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: WJ9ACYD8864TET63
age: 706015
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=3437967 idim=2000x1125 ifmt=png ofsz=6768 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 6768
x-amz-id-2: N4E5fnjHgJh+DfsDlxZM3Vx9k8DmbP+LuZ1kY5vOoK/84rdR5VUAP4n+bc6yY6w5//rSGlA0aGA=
x-served-by: cache-iad-kcgs7200088-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.241337,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "EWqb9LBw+KOj0P28Q0vsIFWp7B0+3EWnY+aKoKOZQsM"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 17, 1

GET
H2 200 993b3c9e6ddec2e59476e2a38186b31c.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 6 KB
7 KB 9ms
8ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/993b3c9e6ddec2e59476e2a38186b31c.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a583b77715e15dfe3d4cc866ad834858822a83c82ce50a321203c361955ec55b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: cvdcdrkRq6SAVRFtZdfvPBo0DEcrKkqA
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: MDE9WDYTR1CVT4JJ
age: 31324
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=35374259 idim=9794x5304 ifmt=jpeg ofsz=6548 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 6548
x-amz-id-2: CwJXwIGIluUKkZWHGNS4WRR15yEwFlElBsRZKaT3jRr25BuPCpedSpw8KYAmxCZkWhTmN3HbvIk=
x-served-by: cache-iad-kiad7000106-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.241334,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "3iGDvAcQdGBKCIy1Q44zXymlnqh7tiG7U9Jx9SE4uyc"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 6, 1

GET
H2 200 a30a0acca579bfeeed43e3aee308bcb5.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 7 KB
8 KB 10ms
8ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/a30a0acca579bfeeed43e3aee308bcb5.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c2c02181e98099dc48be2710dc0c21d81a2b72001607e99deebe9d73aed72bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: xSu2uz22HQD_Oy6tliGV9s.NMRUxh.W_
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: EVTTWV1RD8RT813H
age: 108537
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=6656607 idim=3438x1918 ifmt=png ofsz=7402 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 7402
x-amz-id-2: mKgxL/m2DO/aaKTcZizA7IExq5jQC6OmXlG9qnGE6eJ4ZuabRGz4wJ6w4XLZmrug+OKVRLXsu+mGXuMsELs/Mg==
x-served-by: cache-iad-kiad7000060-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.251628,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "VMSdOhGCJ6yD9Sgo0dteCcMwd+rLvPdTTLWJgwB7dMw"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 2, 1

GET
H2 200 01d57a4de57ebf2266c5eae71ad4f485.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 9 KB
9 KB 11ms
10ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/01d57a4de57ebf2266c5eae71ad4f485.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d617fb46ef25d32cdfc6459393c2d7933339093ee270b951e1fdb50ab5662140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: NwZu3wWEv9m8p0lAy6OfzRs5.isDdDsp
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: B21HZ85WBZZJY5NM
age: 1309851
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=3275455 idim=2000x1125 ifmt=png ofsz=8888 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 8888
x-amz-id-2: VhYV49GIGxp7AJA7MzebF9OxAHF8FuYXHBj2sgoPQBUflozvFrEdfRBRRV7sT+t9LZbRidZ2w2Y=
x-served-by: cache-iad-kiad7000162-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.251945,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "iJWLJZZChrOfWUTPoJVowbWY5BuAfpp3e2GaHCRELic"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 15047, 1

GET
H2 200 5f3d655b41dff4a340ce7ce0b3ff2083.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 5 KB
5 KB 10ms
9ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/5f3d655b41dff4a340ce7ce0b3ff2083.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2d12302eee2d4e702a095497dd20133916901be34e4f4f7748f5e87385fef5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: fGyZ1SPl_kwUftco9cMVOeadw6GT_xlv
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: WDSZZKGQ31J42D21
age: 1926583
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=347964 idim=2000x1125 ifmt=jpeg ofsz=4836 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 4836
x-amz-id-2: Ze4pn5uo1gXTgS3tkQ2FHIUOpfkg8PAT46o1exVN6C/G1G+8nQx2p3it4Z0G7GTA/zpU/II1ZI4=
x-served-by: cache-iad-kcgs7200158-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.251941,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "D/50CCA6OIhwOSD1LdxXcMNjXRTCdrWBqsoXmwo4DGc"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 3636, 1

GET
H2 200 24a2fb1ad1b2b58f9fc6dea435552c14.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 6 KB
7 KB 11ms
9ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/24a2fb1ad1b2b58f9fc6dea435552c14.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1bcc37432884a16b8c3a3d39f32ea9ef7d6f4330dd92571b760343e89556a42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: U5jObEI6FuavFiYGrYiJh33k2aPVYdLv
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: FD3SB1HH236E2B3Y
age: 651145
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=1562125 idim=2000x1125 ifmt=jpeg ofsz=6600 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 6600
x-amz-id-2: rvlxVTem7+ZgKrAHjWL9a+RInjpWFa0RlO60CTyueXjkbd7bQb2s0fkqIGCqYhbd8Pxg/SiTIns=
x-served-by: cache-iad-kiad7000020-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.251925,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "MRi68yjN38yvPckvCY39Z9SQtJ7XYB4rOHv0hn7wOek"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 6460, 1

GET
H2 200 306410a4faaa91cd97d1213831d7517c.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/ 6 KB
6 KB 10ms
10ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,q_60,w_340/306410a4faaa91cd97d1213831d7517c.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 528a5bcdfe99d459ca9724e827f3ac036b5ef16ed581942fa62f947676c37af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: djMDEqN9CMUt.nCZqjVl2eGMsUCBjnr_
via: 1.1 varnish, 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: TPW1T003PM5Q6HXK
age: 1684680
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=3283571 idim=2000x1125 ifmt=png ofsz=6244 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 6244
x-amz-id-2: VnoBZfYlL1R+U9miWVM23ijO/x2cvtL+2Li2CcaBGA1woD4JV6ErkPrX/jt17nS/aI4/HBCW6sg=
x-served-by: cache-iad-kiad7000153-IAD, cache-fra-eddf8230060-FRA
server: AmazonS3
x-timer: S1686182692.251931,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "o9Torqo81fPuC6Hko5YgXTtYcJoCpr92eYJdrK4KLY0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 42, 1

GET
H2 200 runtime~adManager.89aa8b803e927ecd074a.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
2 KB 9ms
6ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.89aa8b803e927ecd074a.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

406ddebd3743206fce38f8e0243d08af3af04d5e6b9b29769b53ea78b7c56871

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: CWYA1VMFXVE2Z4EZ
age: 453046
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2004
x-amz-id-2: IZ/Yz+9zFRZ0QsFgHEQnNennvg861dwCqiTK/T2oN3SKeyVHzg3thLZwLrpVUl7OFAg4OtZY584=
x-served-by: cache-fra-eddf8230059-FRA, cache-fra-eddf8230060-FRA
last-modified: Fri, 02 Jun 2023 18:07:39 GMT
server: AmazonS3
x-timer: S1686182692.138826,VS0,VE0
etag: "218635e583225307d720e01dd2990888"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 adManager~video-html5-playlist~videoHtml5.2b2422de03ece058fd53.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
2 KB 9ms
7ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adManager~video-html5-playlist~videoHtml5.2b2422de03ece058fd53.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8413176dd89287beafbd21e4fa5586f3d5db9aefa37b1350b34bc7533ca5ef34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 0Q2VAPJKY747P4GQ
age: 679769
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2234
x-amz-id-2: YZ2lC0HAIROAztOTf5ZzfFfxLI5mGB7NCWItACnpoKIS1KbxN2VoiCvl+F2xLufvoHtz6XOLp4Q=
x-served-by: cache-fra-etou8220104-FRA, cache-fra-eddf8230060-FRA
last-modified: Tue, 30 May 2023 19:47:53 GMT
server: AmazonS3
x-timer: S1686182692.139407,VS0,VE0
etag: "16aa057b72959400f9902e832edd0648"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 adManager.6a9d9d91d693ed1f30bb.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 26 KB
9 KB 11ms
9ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adManager.6a9d9d91d693ed1f30bb.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1063c185d2ba098c3c38deeaa02f320ce4850364758330aa5a511441bd313d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: DP3TKYNAG3P6JG8E
age: 696122
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 8801
x-amz-id-2: 8UbaGdlKlzl97BJshXyIZ1gal6gR5RuPsBNdh9iTfguz8iAivMDTATdGrAtkiMKylz2qUQli21U=
x-served-by: cache-fra-eddf8230096-FRA, cache-fra-eddf8230060-FRA
last-modified: Tue, 30 May 2023 19:47:53 GMT
server: AmazonS3
x-timer: S1686182692.139981,VS0,VE0
etag: "af67733e6ec5929b31f5e219919c2b1a"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~a49cb120.5e13e8cba2b642d227d6.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
3 KB 9ms
8ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~a49cb120.5e13e8cba2b642d227d6.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6e5089c7abbd039011d3d00136191a658ab9f713a2c0eaaaf60fd375439734d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: H6QPJJCAQ492FC6J
age: 52659
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2401
x-amz-id-2: E1DhbXCxWlUUnxopY0sfxp8g8pRU5Wd5lAjrB7KEOB0iFSbkn6dqozfYmliqhGiDpWvl0Lcj2us=
x-served-by: cache-fra-etou8220075-FRA, cache-fra-eddf8230060-FRA
last-modified: Wed, 07 Jun 2023 09:23:38 GMT
server: AmazonS3
x-timer: S1686182692.139969,VS0,VE0
etag: "f5be5227f74d42acdb4ae83f7aa05b73"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 runtime~taboolaLoader.8539e99055799d7f071f.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
1 KB 65ms
7ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/runtime~taboolaLoader.8539e99055799d7f071f.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9975431ab3558981df8a558a765319f7268c3d8acfe26b973a5963657f24ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: GP8X5S1M4JYP8J80
age: 85
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 688
x-amz-id-2: tLLiyLqfQByLg4kQrOvN2F4hGQCuM3bGW+1q3iCu8zWBUNCM2cdUzbPoxn0ExfUvfGAcKzGUnt4=
x-served-by: cache-fra-eddf8230090-FRA
last-modified: Tue, 23 May 2023 05:18:28 GMT
server: AmazonS3
x-timer: S1686182692.195752,VS0,VE1
etag: "27f043f95ae2764c07794196a83ca0bc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 taboolaLoader.efa48b0a3ea482abdec7.js Show response
x.kinja-static.com/assets/new-client/ 10 KB
3 KB 65ms
8ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/taboolaLoader.efa48b0a3ea482abdec7.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b83ba15e4744172f5d091199f2dd72657598aed0ea6d7ed89c0a380a3f7d4ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: ZQHKY83Z7BHW3PZW
age: 106
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3034
x-amz-id-2: ntr8wy0mEQnYz7zwcMt5avAmGJEvAwMmqV0PvzoGhh7XgFExb5LmDyd5xjzelxpcyCkOzsqS9nk=
x-served-by: cache-fra-eddf8230090-FRA
last-modified: Tue, 06 Jun 2023 17:20:17 GMT
server: AmazonS3
x-timer: S1686182692.195752,VS0,VE1
etag: "5344c72f3592f205bacbda4cd2bf702a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 runtime~videoMediaQuerySupport.87053d08d5634a107c35.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
1 KB 9ms
8ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoMediaQuerySupport.87053d08d5634a107c35.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: DHP11Q9N1VX8E56B
age: 1899776
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 774
x-amz-id-2: TwN4iYxHe+Te96SUhEALd0zzR7EdPfDcG5qMb84Ouf9Q3gn03mlPAsGeGJ/PXqT41eWcxZ/cKDE/nmfKNsrKXakhblNXQjCUsSVtj5B4jek=
x-served-by: cache-fra-eddf8230083-FRA, cache-fra-eddf8230060-FRA
last-modified: Tue, 16 May 2023 21:57:05 GMT
server: AmazonS3
x-timer: S1686182692.139954,VS0,VE0
etag: "df042ee2742c71b59300a1b35069e3aa"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 videoMediaQuerySupport.b68e2424feab32dd0c91.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 1 KB
993 B 11ms
10ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/videoMediaQuerySupport.b68e2424feab32dd0c91.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: YX34MEBBK42YGAK3
age: 604861
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 683
x-amz-id-2: KM12th3gJsErSvcG+YKJPQFpiNKBsrUi4gy4eI9mFADyzM5hX+DwIs9VXs7rUzX/8ewLtkQUtoE=
x-served-by: cache-wie-etou8220174-WIE, cache-fra-eddf8230060-FRA
last-modified: Wed, 31 May 2023 18:07:43 GMT
server: AmazonS3
x-timer: S1686182692.139939,VS0,VE2
etag: "cd8a0c9965106e2f8e59fd060ddad4f1"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 1

GET
H2 200 accountwithtoken Show response
kinja.com/api/profile/ 243 B
1 KB 143ms
125ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja.com/api/profile/accountwithtoken?jsonp=_fasttoken&newFollows=true

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

183d66c521e43e4f0f8aefc5149605bbd44acf6d45db8c0f9064e439ae927b15

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Jun 2023 00:04:52 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: master-only
x-kinja-gdpr: true
x-cache: MISS, MISS, MISS
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja-continent: EU
x-cdn-fetch: mantle-setcookie
content-length: 224
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100055-IAD, cache-iad-kjyo7100055-IAD, cache-fra-eddf8230060-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1686182692.191519,VS0,VE118
x-frame-options: DENY
vary: Accept-Encoding,Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, private
accept-ranges: bytes
x-kinja-country: DE
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Jun 2023 22:35:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5365
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 08 Jun 2023 00:35:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 107 KB
42 KB 39ms
18ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d366fef3e6d28f4f2f17e273927cb06ebb232a6492eed41b3fa5dbb761e3880e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 42672
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 08 Jun 2023 00:04:52 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ad-units-default.55de892b51749b41a0ec.js Show response
x.kinja-static.com/assets/new-client/ 14 KB
3 KB 7ms
7ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/ad-units-default.55de892b51749b41a0ec.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.89aa8b803e927ecd074a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1a31861a53fec5e0e1135ff6fa3563ceb096a0fd0b5356004dcbc6931101d47a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 7WQQAG2QNDBR4FXE
age: 43
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3035
x-amz-id-2: vUdxVXnEPNfjNKZhSixhVrvYDlmMSUDYv6BRgfr+5dMHIW4ROebNXEqlXn2gWNKfyvRwKG4WLn8=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Thu, 25 May 2023 04:15:16 GMT
server: AmazonS3
x-timer: S1686182692.246059,VS0,VE1
etag: "a2b58fcd26dd23c07362a288cf2ebe23"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 display-theonion-desktop-config.5ab5847a5280d85ddbab.js Show response
x.kinja-static.com/assets/new-client/ 15 KB
2 KB 7ms
7ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/display-theonion-desktop-config.5ab5847a5280d85ddbab.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.89aa8b803e927ecd074a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a66a45787e47ab5de0d1ed07d185f9ce9aa0907b60070c2e5af7f321eb11208f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: WMDAVP0AXA0DB0W8
age: 30
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1457
x-amz-id-2: jqDhCU6D33fPllDDBx2lt9on6mSNJWekyF4954kGmaPnxXdX9U/w1LdM/P7nXx0ABNl3QCzo/bZfSHpQPk/Yvsw9UHfSDiMG2+JFcieBdyM=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Mon, 05 Jun 2023 21:43:03 GMT
server: AmazonS3
x-timer: S1686182692.246157,VS0,VE1
etag: "b4734303f497736db5de02d20c759ef0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 228 KB
56 KB 51ms
6ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/adManager.6a9d9d91d693ed1f30bb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 23:23:04 GMT
content-encoding: gzip
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 19:17:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2509
x-amz-server-side-encryption: AES256
etag: W/"d18b57a80b57082ffb531a2e077b3016"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: TKHzzxA5ilWWVW-fg3RebmJUMFO1G5PqyobM5x_lXeE5BAgOdAnKVQ==

GET
H2 200 prebid-js-prod.71664cf4fdde6f76a812.js Show response
x.kinja-static.com/assets/new-client/ 433 KB
109 KB 8ms
8ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.89aa8b803e927ecd074a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3f5f3be3dcd8039c166b39b0ebbf825484c57373c781f5fb67f29b70e91eea89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 9XA3CDFSPCRWPVDY
age: 37
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 111685
x-amz-id-2: gL4zoASJict/HuagGsvWTQXnZZOZLdu3RiCo9nz+TC00GN7ySH982j1g6K/TE5JK8gc3/evezTg=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Mon, 05 Jun 2023 21:43:05 GMT
server: AmazonS3
x-timer: S1686182692.246614,VS0,VE1
etag: "1923b924651c8f275c430a10f8b695ed"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

/
www.theonion.com/
Redirect Chain

https://www.theonion.com/undefined
https://www.theonion.com/

392 KB
392 KB

10ms
7ms

Image
text/html

151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theonion.com/

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-kinja-server: kinja-magma-kube03-75d469f7db-whxbd
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
content-encoding: gzip
date: Thu, 08 Jun 2023 00:04:52 GMT
age: 74
x-kinja-build: 4170
x-powered-by: Express
x-cache: MISS, HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja: kinja-magma-kube03-75d469f7db-whxbd #4170
x-kinja-gdpr: true
x-cdn-fetch: mantle-default
content-length: 63172
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000116-IAD, cache-iad-kiad7000116-IAD, cache-fra-eddf8230060-FRA
x-googlenews-bot: false
x-timer: S1686182692.278664,VS0,VE0
etag: W/"61ff9-qGZZmiMQrqhX12S2k02F/zXiqjE"
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Authorization
content-type: text/html; charset=utf-8
cache-control: stale-if-error=86400, stale-while-revalidate=300
accept-ranges: bytes
x-kinja-revision: 80a44da0f443fac5bd82de372634851d4345e5d5
x-cache-hits: 0, 19, 3

Redirect headers

x-kinja-server: kinja-magma-kube02-f56c784c-w6tdw
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
date: Thu, 08 Jun 2023 00:04:52 GMT
age: 72
x-kinja-build: 4170
x-powered-by: Express
x-cache: MISS, HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja: kinja-magma-kube02-f56c784c-w6tdw #4170
x-kinja-gdpr: true
x-cdn-fetch: mantle-default
content-length: 35
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000128-IAD, cache-iad-kiad7000150-IAD, cache-fra-eddf8230060-FRA
x-googlenews-bot: false
x-timer: S1686182692.259334,VS0,VE1
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location, Accept, Authorization
content-type: text/plain; charset=utf-8
location: /
cache-control: stale-if-error=86400, stale-while-revalidate=300
accept-ranges: bytes
x-kinja-revision: 80a44da0f443fac5bd82de372634851d4345e5d5
x-cache-hits: 0, 5, 1

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 9ms
9ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6770184&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1686182692265&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2F&c8=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&c9=
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: TsMcpE9URi0fez1UvzdkSSbi2DOGSgjo5nI8um8NbQXEBC3cF5K5Mw==
x-cache: Miss from cloudfront

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 190 KB
63 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c13571ac79df5c4a25b02e19411a2716035623f0d554d9139bc6140740b94f4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 64463
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 08 Jun 2023 00:04:52 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 937 B
1 KB 7ms
7ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3076&u=https%3A%2F%2Fwww.theonion.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: d7d8eda923854d45e87c11183868b806aff279a82906f1226d8752793a17ab67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 22:00:43 GMT
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 7448
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 937
x-amz-cf-id: syBfQIe02gOpEjJdSj7dhm_G16lRiJhjbi-Yp0nA9u5fAsJpM9f6jQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 19ms
6ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding: gzip
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
date: Wed, 07 Jun 2023 01:40:54 GMT
x-amz-cf-pop: FRA56-P6
age: 80639
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 01:35:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: SQKaoIuvvqecRmIGm6pzR8Otn3hhNSsHWXxJZpx4Pi4dfmXS-C4C5A==

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/gomedia1-network/ 156 KB
41 KB 30ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21307638f02ac332e97951c6e723f287a1a88bd9a716d6095419a44c99aa85b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: PCpJdUqGDbirOChK.uykFREwVzbvylPu
content-encoding: gzip
via: 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: TK05P4ZCF3P86HBJ
age: 50
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 41375
x-amz-id-2: v3VgHUrO7N7uXd1WcG6cT0fDJt0dRGP+vBFPeMF45RkD9rAk+8PlAZg3Tetz7mE1qZdfZGgvS3w=
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Wed, 07 Jun 2023 15:41:43 GMT
server: AmazonS3
x-timer: S1686182692.374277,VS0,VE1
etag: "4435e8544b2fe492efeaaa4df8490f84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 56
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 325ms
97ms Preflight 52.204.157.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.157.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-157-234.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theonion.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Thu, 08 Jun 2023 00:04:52 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 236 KB
78 KB 44ms
7ms Script
application/x-javascript 143.204.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-4.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:33:06 GMT
x-amz-version-id: jeUyonxqkYP2I4ph9uCxgrlDU58njHPM
content-encoding: gzip
last-modified: Wed, 07 Jun 2023 08:31:07 GMT
server: AmazonS3
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"a23e5e8674928ef24c6825d63b8d2927"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
age: 55907
x-amz-cf-id: Dakk2455bArJnZpbNottBpwFABd3JhPCtCWlpBu_rrSTy8UTQ6pxDw==

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
456 B 98ms
97ms XHR
text/plain 52.204.157.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.157.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-157-234.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 08 Jun 2023 00:04:52 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
11 KB 41ms
7ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?85
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 23:07:24 GMT
content-encoding: br
age: 3448
x-guploader-uploadid: ADPycdtzW4tmoy1WxjTCIN3GU4aQTHpJBkMp8v27IFd6Zak0X3Q-Ftub3sWJLTc2gb5WecsRrBXD3BwpGCaQ4dOI1AO10qn6LM_p
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10530
last-modified: Mon, 10 Apr 2023 17:13:24 GMT
server: UploadServer
etag: W/"b0965f051977c0dd95ffe2c736cac352"
vary: Accept-Encoding
x-goog-generation: 1681146804366265
x-goog-hash: crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type: application/javascript
cache-id: FRA-fa985ced
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: none

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
86 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb8d647eb02c64dd97f5216d466359807bdd6ab71cfece888e46873f4511c24f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87988
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 08 Jun 2023 00:04:52 GMT

GET
H2 200 gomedia_015a5_the_onion.js Show response
cdn-magiclinks.trackonomics.net/client/static/v2/ 95 KB
28 KB 63ms
7ms Script
text/javascript 2600:9000:236e:e000:1d:8c8c:47c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:e000:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash: 5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 22:01:58 GMT
content-encoding: gzip
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jun 2022 11:07:33 GMT
server: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
x-amz-cf-pop: FRA60-P1
age: 7374
etag: W/"17c61-5e21b75ea5252"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-id: 83g7UzIpNwLtBGzn0XuD1rR2qBR5yDdA9r3_920ik3szPeYj6xEGWQ==

GET
H2 200 impl.20230607-31-RELEASE.js Show response
cdn.taboola.com/libtrc/ 777 KB
162 KB 6ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230607-31-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: aa1733066272743182c6f72df32370b636dea47fbf328bc6d90222d691851ef3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: wkaNwZn_kFiJ92hoCfGhCkkzAqDNTOr2
content-encoding: br
via: 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: MWFWGZCCV7GKV5ZC
age: 3493
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 165698
x-amz-id-2: 9zCUDoTCFOqYuIQSg9d7WR53iS+sfqENq5/AkNBTil9GD95OVuBnomEZ04YURLRXH+Qq8XYNwnc=
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Wed, 07 Jun 2023 15:05:54 GMT
server: AmazonS3-br
x-timer: S1686182692.408015,VS0,VE0
etag: "84dd5058368a9329805e3c721d9ddd7b"
vary: Accept-Encoding
content-type: application/javascript
abp: 84
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1969

GET
H2 200 utsync.ashx Show response
ml314.com/ 62 B
309 B 34ms
32ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=90810&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.theonion.com%2F&pv=1686182692411_ay6xo54eu&bl=en-us&cb=4670492&return=&ht=&d=&dc=&si=1686182692411_ay6xo54eu&cid=&s=1600x1200&rp=&v=2.5.3.49
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:51 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
607 B 32ms
6ms Fetch
application/json 13.32.99.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-59.fra60.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 01:13:32 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront), 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 82280
x-amzn-requestid: caf5413c-3155-4998-be82-0e41b8db918d
x-amzn-trace-id: Root=1-647fd9bc-2887986801fd350616174878;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: GH71bGUSDoEFuGg=
content-length: 28
x-amz-cf-id: Ft6OZvMxpbc3VXK3Iu0wi094RRthBgCwxOx8prkQGcD0F_bl8vSX8w==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 card-interference-detector.20230607-31-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20230607-31-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29f0cee8b0ce369a17cefeb98d0aa4013454e8451dc614fba868e1017d14db09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: s5rdZzWndSqEQ65tPvoz2Ak7jCPlCpUB
content-encoding: gzip
via: 1.1 varnish
date: Thu, 08 Jun 2023 00:04:52 GMT
x-amz-request-id: SYGNDPC9QW6SJYJF
age: 28731
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2182
x-amz-id-2: OPxYXSJeFKKOgaTNefqFT3Nqx3vHd4rHqMUz99DD8EqoELjcpEDueEF3unRrBWDFlR+qsWR1Z6Q=
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Wed, 07 Jun 2023 16:06:02 GMT
server: AmazonS3
x-timer: S1686182692.485200,VS0,VE0
etag: "8f48a1dd54b13d75d555bb1bbf1e7bef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 84
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 12525

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 48ms
16ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230607-31-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:51 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 284261
expires: 60

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 90ms
26ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebfe01273273d6c3d63faac996008471a365f12768869db9202610ffddf7a55f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25258
x-xss-protection: 0
server: cafe
etag: 24 / 19516 / m202306010101 / config-hash: 9074073763038175863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 00:04:52 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/gomedia/ 44 KB
18 KB 42ms
7ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/op.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d361b309ba82eef08d4a7f7a7b30cfe7e729d98c2eaf0f6db1fca2758cb6a5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: xNmaRsGesSlv_oWh4h8FL4LH_kn4ZzVm
content-encoding: gzip
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
date: Wed, 07 Jun 2023 23:27:36 GMT
x-amz-cf-pop: FRA60-P4
age: 2237
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17751
x-amz-meta-git_commit: e09f10f
last-modified: Wed, 07 Jun 2023 20:01:21 GMT
server: AmazonS3
etag: "8d28ab67d1ab24f1f5c278d76f38691e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: gz9oq8yujIAQcu5QU7J1mSX4AzfhtVconNMMzLTUWZuxybJSDVyumA==

GET
H2 200 vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~92116c40.65fbc567cad70ecb2256.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 13 KB
5 KB 8ms
7ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~92116c40.65fbc567cad70ecb2256.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

19b4d2402492b148328f5a15bc52a7f6d74f0f70d66a3ce8a78bd7a5f1414a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: QEWVV14A1ETYZPY8
age: 187557
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 4324
x-amz-id-2: vP4UUEqOhVQrcDcdjkFbufRR5dwv6iuYla9PUPex7jIkFX5AVXZR10wji7yEytJn+zI7dp6o4pU=
x-served-by: cache-fra-eddf8230084-FRA, cache-fra-eddf8230060-FRA
last-modified: Mon, 05 Jun 2023 19:28:09 GMT
server: AmazonS3
x-timer: S1686182693.638635,VS0,VE0
etag: "410b52ce763c4ce107bfde6647974f02"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 3

GET
H2 200 runtime~videoHtml5.c54ad42d439b56c36bf9.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 7 KB
3 KB 9ms
8ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoHtml5.c54ad42d439b56c36bf9.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dc76370178348fbb8bf5d866c8c25ba072fcd2429eae443526586e1013c49409

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 52CZTKGFNP4A58KY
age: 1194110
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2291
x-amz-id-2: DBdoz0XRDIFelaT/tuLHKVXh5tMlsc/qjmZ1fTqaAihffY5dtQB68CfRLx0cAxl0suNXHrHY3Wo=
x-served-by: cache-fra-eddf8230031-FRA, cache-fra-eddf8230060-FRA
last-modified: Thu, 25 May 2023 04:15:20 GMT
server: AmazonS3
x-timer: S1686182693.639033,VS0,VE0
etag: "40b912337d5c458913d315d79e071d38"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 vendor~video-html5-playlist~videoHtml5.3404bd78c2138beb1abe.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 5 KB
3 KB 8ms
7ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~video-html5-playlist~videoHtml5.3404bd78c2138beb1abe.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f8390791fab3a4f38a41db5a1965adb8979102262b3ffbfb12d504b262b6f823

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: V002TQK5V7P8W6RJ
age: 1816733
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2219
x-amz-id-2: 6s/RwSiUWjyVkVh+YVoezfdmWgoPZX1swQV8PmoulzklcATCXvv3Dg4qkQ64uRN3IZIoA9YKmIbtOiQiyMRhk6rxGUXRQ7VxzKotS1wEGTU=
x-served-by: cache-fra-etou8220091-FRA, cache-fra-eddf8230060-FRA
last-modified: Wed, 17 May 2023 23:22:53 GMT
server: AmazonS3
x-timer: S1686182693.639016,VS0,VE0
etag: "eb3014d73b920f7615361db363eba89c"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 video-html5-playlist~videoHtml5.f00fb8f446bd9abc1269.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 48 KB
13 KB 10ms
9ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.f00fb8f446bd9abc1269.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4d0de41b596f1c37d0cf111f5678e895cbb61068a7978f9d9afd342285522a4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 7YANJYGKHQS8XS95
age: 657954
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 13382
x-amz-id-2: oMF0ZzXgxn2leouA7fxUe0DUkm7u1wGMrWRdi650npvF5pcJr0N+irVNw4CFAFKPVRP8bKnZublgPCPYmp1Be92plG+opH3cW4YWDeY3wd8=
x-served-by: cache-fra-eddf8230028-FRA, cache-fra-eddf8230060-FRA
last-modified: Tue, 30 May 2023 19:47:59 GMT
server: AmazonS3
x-timer: S1686182693.639310,VS0,VE0
etag: "294d0f6bc48aefbe4c091d2345c7104a"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 videoHtml5.e912491a92a5aacb98b8.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 12 KB
5 KB 9ms
8ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/videoHtml5.e912491a92a5aacb98b8.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

54623af03af1e784b0549daaf2721f49d5d2135173e160cdc5dc2021bf70620a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: XM5HSWVG5RCXKAMC
age: 187526
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 4378
x-amz-id-2: qaO55Y9CSvKchOFum6v6vjD/o2432Q0kdMJohAMwh2Uuq1Uiv/zgIrjIGlzBGcslY7/H1LwXwkE=
x-served-by: cache-fra-eddf8230060-FRA, cache-fra-eddf8230060-FRA
last-modified: Mon, 05 Jun 2023 19:28:11 GMT
server: AmazonS3
x-timer: S1686182693.639018,VS0,VE0
etag: "d7c64bed3c14bb1b3601b5aaa784c0d3"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 4409

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
121 KB 54ms
20ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.f00fb8f446bd9abc1269.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123120
x-xss-protection: 0
expires: Thu, 08 Jun 2023 00:04:52 GMT

GET
H2 200 b-e09f10f-4415d417.js Show response
tagan.adlightning.com/gomedia/ 77 KB
29 KB 7ms
7ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 895fe95f9252951d1b3acfba50546376d3224bb5a19fa40df3be17e6571e844b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:27:04 GMT
content-encoding: gzip
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id: W1DH6jDxNN9jfL9k8Lwxuy3R7DRroyh6
x-amz-cf-pop: FRA60-P4
age: 200269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29341
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:51 GMT
server: AmazonS3
etag: "2bdbd3c490a4d678a49da1f2123b95f8"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: rWMbWAuanuNbQ1ztgg4O_E6kWFV1O8gmpp5NEt7yrn-NFbi8y4c86Q==

GET
H2 200 bl-84d30c2-99cedb35.js Show response
tagan.adlightning.com/gomedia/ 51 KB
22 KB 9ms
9ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/bl-84d30c2-99cedb35.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96e934c77cb4fffff4b2ae5e3c16ba917d9d0102ef1c67a12c81305e46098430

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 20:27:33 GMT
content-encoding: gzip
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id: 8ZBN6DdS5B6BcQINnbyYsABdrdxty4tQ
x-amz-cf-pop: FRA60-P4
age: 13040
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 21847
x-amz-meta-git_commit: 84d30c2
last-modified: Wed, 07 Jun 2023 20:00:52 GMT
server: AmazonS3
etag: "566cf1b490b9d4fd3665d5335ad6e9b0"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Hol2wjQ6MBfStW1568wZxnZuW7Cav78OsnfW6qaVGkw9P8jGPHKY0g==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/ 406 KB
126 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 20:18:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13569
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128351
x-xss-protection: 0
server: cafe
etag: 10410007902637205610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 06 Jun 2024 20:18:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 231 B
170 B 31ms
15ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.theonion.com&ppc_eid=31075025

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e55fbe6498ca94a60f1cd9ca414f6d22628373d7e9be7992a38a630766069185

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145
x-xss-protection: 0
expires: Thu, 08 Jun 2023 00:04:52 GMT

GET
H2 200 bridge3.578.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 55E7 709 KB
226 KB 8ms
6ms Document
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 165521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231472
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Jun 2023 02:06:12 GMT
expires: Wed, 05 Jun 2024 02:06:12 GMT
last-modified: Tue, 06 Jun 2023 02:03:58 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 353ms
16ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 00:04:53 GMT

GET
H2 200 ad-manager-bulbs.95867e04b1590db5bcfa.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
1 KB 8ms
7ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/ad-manager-bulbs.95867e04b1590db5bcfa.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

481d9f15499469be0a2383c41f759f34dba159d965543af371d466bfb6339f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: QG3EY3WT5Z13JS2G
age: 8
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 891
x-amz-id-2: H2rfIWsCP66f7S5MtsYmzXbC2O+2xkwnAsHLmmv8tFjHzD+rArhEROklHZmLRz68EwgPnmwFfCQ=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Fri, 02 Jun 2023 18:07:34 GMT
server: AmazonS3
x-timer: S1686182693.294733,VS0,VE1
etag: "3c7cc4a5cc3881cbd61e6b14cbc95294"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 367 B
601 B 151ms
51ms XHR
application/json 52.209.156.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-1,ss:%5B1280.720,970.252,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.156.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-156-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0d086e18fbcdb16b8494ccfeb278a2a71db34301920bfe5c68327f0a7579086e

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
server: nginx
x-server-name: app12.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 114ms
53ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=qHq5NOSY8TjxS&cb=0&ws=1600x1200&v=23.517.1921&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-2%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_top-banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: KSR1PE1A2DP21C4Z4012
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: kyj4qNuwINe6hYGZ9JSJvzrWgIRDigDc5wcf1BCx6NDY-DG2Z8afRw==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 381 B
615 B 146ms
52ms XHR
application/json 52.209.156.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-2,ss:%5B970.250,970.251,970.90,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.156.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-156-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 616ffa64c60fe34471c52e6e38e8d48cbab0abc0defa6beb1ee1206e094f1cb9

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
server: nginx
x-server-name: app08.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 51ms
18ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 09 Jun 2023 00:04:53 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 43ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 37ms
14ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 695 B
385 B 45ms
44ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1220447003984965&correlator=4024673543750776&eid=31075025%2C31075122&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1280x720%7C970x252%7C1600x520&ifi=1&adks=353826005&sfv=1-0-40&prev_scp=article_position%3Dnone%26pos%3Dsplashytop%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dsplashytop-01&eri=1&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1686182693348&lmt=1686182693&dlt=1686182692113&idt=1167&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&psz=1280x0&msz=0x0&fws=132&ohw=1600&ga_vid=1322708686.1686182693&ga_sid=1686182693&ga_hid=1748584832&ga_fc=false&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGMCTyMKJMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ed271d4a69ad83c7565e059fcc876d0ddcd3716acf7aa852ca363326b0de94e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 355
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 43ms
22ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9226664623b383be110c81a980d389d914f59d8b8df41fc7f8d6464e790329ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11196
x-xss-protection: 0

GET
H2 200 container.html Show response
6c36ba0810346b66fb1f3b0a1e8f9fb1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 92DF 6 KB
3 KB 84ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6c36ba0810346b66fb1f3b0a1e8f9fb1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 00:04:53 GMT
expires: Fri, 07 Jun 2024 00:04:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
524 B 71ms
9ms XHR
application/json 52.57.223.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.44.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.223.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-223-127.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
accept-ch: sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
x-auction-status: 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
801 B 68ms
11ms XHR
application/json 3.66.253.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22dc0c3962-46ae-4644-bc3b-0bbdfeb6e823%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1686182693366%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%224c0b09900b49cb%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%224c0b09900b49cb%22%3A%5B%5B970%2C250%5D%2C%5B970%2C251%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22e7249f2e-736a-4f7f-bf60-3527fa5e48e9%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F2%2Ftop%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F2%2Ftop%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C251%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-2%22%2C%22transactionId%22%3A%22e7249f2e-736a-4f7f-bf60-3527fa5e48e9%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C251%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%224c0b09900b49cb%22%2C%22bidderRequestId%22%3A%2235a4d3b01a444a%22%2C%22auctionId%22%3A%223a23f80d-aa48-49a5-89a0-12265989c931%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B0.6999988555908203%5D%2C%22userId.mods.uid2.init%22%3A%5B0.6999988555908203%5D%2C%22userId.init.modules%22%3A%5B2.3999996185302734%5D%2C%22requestBids.usp%22%3A0.10000038146972656%2C%22requestBids.userId%22%3A0.10000038146972656%2C%22requestBids.rtd%22%3A55.60000038146973%2C%22requestBids.validate%22%3A0.20000076293945312%2C%22requestBids.makeRequests%22%3A3%2C%22adapter.client.validate%22%3A0.10000038146972656%2C%22adapters.client.kargo.validate%22%3A0.10000038146972656%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.106%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D%7D%5D%2C%22prebidVersion%22%3A%227.44.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.253.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-253-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:53 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Accept-Ch: Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
Nbr: 508
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 379 B
941 B 187ms
74ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=392270&zone_id=2189722&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww.theonion.com%2F&kw=TheOnion&tg_v.iab_segments=1-4&tg_i.domain=theonion.com&tg_i.page=https%3A%2F%2Fwww.theonion.com%2F&tg_i.pbadslot=%2F4246%2Ffmg.onion%2Ffrontpage%2F2%2Ftop&tk_flint=pbjs_lite_v7.44.0&x_source.tid=e7249f2e-736a-4f7f-bf60-3527fa5e48e9&l_pb_bid_id=6d2c0a284aee09&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=e7249f2e-736a-4f7f-bf60-3527fa5e48e9&rp_maxbids=1&p_gpid=%2F4246%2Ffmg.onion%2Ffrontpage%2F2%2Ftop&slots=1&rand=0.5452455835841463
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b6d1f8dc90a0614de544a8d79295937ff00874f4de5821285d9900ad41fe1e2f

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theonion.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 379
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 114ms
33ms XHR
application/json 52.223.4.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.223.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

GET
H2 200 arj Show response
fusion-media-group-d.openx.net/w/1.0/ 73 B
379 B 51ms
17ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theonion.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e7249f2e-736a-4f7f-bf60-3527fa5e48e9&nocache=1686182693371&aus=970x250%2C970x251%2C970x90%2C728x90%2C1600x520&divids=dfp-ad-2&aucs=%252F4246%252Ffmg.onion%252Ffrontpage%252F2%252Ftop&auid=545727625
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 68a328cfa20743ac29e3d6f9f458184ec7f4e625a0eb30a66cd9ef3f8909c321

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.theonion.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
195 B 103ms
35ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=44172868915&lsavail=0

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:52 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
240 B 519ms
116ms XHR
application/json 18.195.189.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.189.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-189-38.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 80ba51ecef4e964cf24743a90a465442838e854bcf28c25f9a305970f1c3aff3

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate
content-length: 49
content-type: application/json

POST
H/1.1 204
No Content / Show response
ads.resetsrv.com/ 0
382 B 471ms
153ms XHR
text/html 138.197.55.50
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.resetsrv.com/
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.55.50 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-methods: GET, POST
content-type: text/html

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 105 B
453 B 113ms
33ms XHR
application/json 52.209.133.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.209.133.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-133-172.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: d43e09e832a9957274ad9ac4f76e4bb7c902eb89eb5e63b7c5a978f5485c4e6e

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
548 B 58ms
24ms XHR
application/json 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=727144
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9baf0334f5b2c482d95fd5a2cf9caf1c5130f4ea2ccca346c008154ea2cce06a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzvkZiih7owppLHbZZe5CG9feCC9mMV0GRaURkPTVRX7RqflkVdsVHCVvwkdyd1Sg8S%2BvEhM43oKPhJBGLQzRuAIvJb9Z%2FOkleXSWSZvWBsoDDarqgfpQAqpcc6f1O7BTvUMFBsJ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7d3ce149dbcd2be6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 43 KB
21 KB 165ms
120ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

80f24dd10cffe926cb56683b016912a201652c7874af4fe934fc0bef3065ecab

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 08 Jun 2023 00:04:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4dd2509d-ac7c-4e4b-8d58-07cbf9bca3a6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 83ms
29ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:51 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
159 B 77ms
12ms XHR
text/plain 18.196.248.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.248.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-248-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:53 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
287 B 16ms
16ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230607-31-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 271889
expires: 60

GET
H2 200 json Show response
trc.taboola.com/gomedia1-theonion/trc/3/ 60 KB
18 KB 477ms
460ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/gomedia1-theonion/trc/3/json?tim=00%3A04%3A53.406&lti=deflated&data=%7B%22id%22%3A887%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1686152478476%2C%22vi%22%3A1686182693404%2C%22cv%22%3A%2220230607-31-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5827%2C%22nsid%22%3A%22gomedia1-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dgomedia1-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A5827.46875%2C%22mw%22%3A1300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Dgomedia1-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230607-31-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a6234f89855eb61bebc7f45e84e68fcb10436de629da84fb262c39498dbd775

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 454
date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230056-FRA
server: nginx
x-timer: S1686182693.427876,VS0,VE454
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.theonion.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Jun 2023 00:04:53 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C0D1 15 KB
6 KB 18ms
17ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 00:04:52 GMT
server: Kestrel
server-processing-duration-in-ticks: 362247
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 50ms
50ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=qHq5NOSY8TjxS&cb=1&ws=1600x1200&v=23.517.1921&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-9%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 25WY35T39QPXJHVE8XEV
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Kwq3vdMpI2oGKtVsZeUt0JvmyM4i_j9zj3F34x9JC8NxvaqZWyYf5g==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 381 B
614 B 54ms
54ms XHR
application/json 52.209.156.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-9,ss:%5B970.250,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.156.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-156-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 37c9730c2bcbb64a54a7d2299eb07c8ba40a8a00e154f4633de25ca3c63370ce

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
server: nginx
x-server-name: app02.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 46ms
46ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=qHq5NOSY8TjxS&cb=2&ws=1600x1200&v=23.517.1921&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-12%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: A2SK92456CQP9QTNSR6Z
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Z-kR3DZZR9o_xy6UPB90jHg6b2OlrD2RvOw-fJ-PtzGVD_mq5Bxi7Q==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 382 B
616 B 54ms
54ms XHR
application/json 52.209.156.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-12,ss:%5B970.250,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.156.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-156-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 40787a521f5a5c8d384e1052fd2a0ed19d0c3a5352466db52374cccf15404777

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
server: nginx
x-server-name: app03.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 50ms
47ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=qHq5NOSY8TjxS&cb=3&ws=1600x1200&v=23.517.1921&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-7%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: N1RRXJYN34KKZZ24HVK7
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: g-qSBjdZuMybcgzH62cBSaqHTJOzF67AZu-wWFMq5CdrYgWD38cpbg==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 381 B
614 B 57ms
56ms XHR
application/json 52.209.156.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-7,ss:%5B970.250,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.156.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-156-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c752c70f36d9eddf540a03b5ea18b6b102d7190239b4397ee181893eebdc3c5b

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
server: nginx
x-server-name: app01.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
636 B 59ms
17ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU74RYRS
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4cb563df4b0335027a98734668269adee2a27a8831fc2bce8c41fd59f6549daf

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 08 Jun 2023 00:04:53 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
523 B 9ms
8ms XHR
application/json 52.57.223.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.44.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.223.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-223-127.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
accept-ch: sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
x-auction-status: 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 70ms
68ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:52 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 105 B
452 B 33ms
32ms XHR
application/json 52.209.133.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.209.133.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-133-172.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 3256e994ac185bcb370b04c6c55ef52bf7fba92bb755588e1578f80918d9f997

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 54ms
32ms XHR
application/json 52.223.4.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.223.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
240 B 420ms
105ms XHR
application/json 18.195.189.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.189.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-189-38.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b9eb1bd9a36bebfbdca0f549cdf5859003022c694f41dc51f0166f0bd47adb0a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
access-control-allow-credentials: true
content-length: 49
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 43 KB
21 KB 135ms
102ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d2b4e5bccd873af97882c8cf0acbdee464d69f422325cea089198ad3ab49e1fd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 08 Jun 2023 00:04:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2e92f117-2acb-43ed-b179-f42344fef79a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content / Show response
ads.resetsrv.com/ 0
382 B 381ms
152ms XHR
text/html 138.197.55.50
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.resetsrv.com/
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.55.50 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-methods: GET, POST
content-type: text/html

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 12ms
12ms XHR
text/plain 18.196.248.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.248.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-248-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:53 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 cdb Show response
bidder.criteo.com/ 2 KB
2 KB 29ms
29ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=62431093497&lsavail=0

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0b38cf602345506ec70d9c829543484918acb86fa77c05ece4ef6cdbdb667b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H2 200 arj Show response
fusion-media-group-d.openx.net/w/1.0/ 73 B
145 B 18ms
18ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theonion.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cff4f49b-2e42-4580-b3f3-113421c8fc44&nocache=1686182693466&aus=970x250%2C728x90%2C1600x520&divids=dfp-ad-9&aucs=%252F4246%252Ffmg.onion%252Ffrontpage%252F9%252Fmid_banner&auid=545727615
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 6e6d776ffaafc0bb1e45286865f3c75d3a01aadfb52e3c107a88437c2bf79fd3

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.theonion.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
801 B 16ms
16ms XHR
application/json 3.66.253.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22dc0c3962-46ae-4644-bc3b-0bbdfeb6e823%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1686182693467%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%225291482f6fdd1eb%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%225291482f6fdd1eb%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22cff4f49b-2e42-4580-b3f3-113421c8fc44%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F9%2Fmid_banner%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F9%2Fmid_banner%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-9%22%2C%22transactionId%22%3A%22cff4f49b-2e42-4580-b3f3-113421c8fc44%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%225291482f6fdd1eb%22%2C%22bidderRequestId%22%3A%2251babbdf085cadd%22%2C%22auctionId%22%3A%229b30be26-d792-4656-ac02-1ae4401b1394%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B0.6999988555908203%5D%2C%22userId.mods.uid2.init%22%3A%5B0.6999988555908203%5D%2C%22userId.init.modules%22%3A%5B2.3999996185302734%5D%2C%22requestBids.usp%22%3A0.1999988555908203%2C%22requestBids.userId%22%3A0.10000038146972656%2C%22requestBids.rtd%22%3A13%2C%22requestBids.validate%22%3A0.10000038146972656%2C%22requestBids.makeRequests%22%3A1.6999988555908203%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.106%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D%7D%5D%2C%22prebidVersion%22%3A%227.44.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.253.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-253-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:53 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Accept-Ch: Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
Nbr: 508
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 cdb Show response
bidder.criteo.com/ 2 KB
2 KB 31ms
31ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=97190477746&lsavail=0

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

92620e80f80057105b30e5e43e971a856d6168de68379ef6c4651e4502730edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H/1.1 204
No Content / Show response
ads.resetsrv.com/ 0
382 B 422ms
202ms XHR
text/html 138.197.55.50
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.resetsrv.com/
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.55.50 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-methods: GET, POST
content-type: text/html

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 67ms
67ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:52 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
240 B 417ms
114ms XHR
application/json 18.195.189.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.189.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-189-38.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 927933cf6aea2ff60db99431d6d505d432507240a014db32d1230c1d9b793db2

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-length: 49
content-type: application/json

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
319 B 44ms
17ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU74RYRS
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8d063cb1212c2499fad0dc70556940e4c2b38d8b85abc8e0a5ab62e299e86d68

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 08 Jun 2023 00:04:53 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 11ms
10ms XHR
text/plain 18.196.248.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.248.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-248-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:53 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 44 KB
21 KB 302ms
277ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5157b962db8aa9af742bb8951b9250f74ef07d2ad7d9202968fa549cd38b0eaa

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 08 Jun 2023 00:04:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 548f7f50-7933-4ec2-8e10-3de1e529b839
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 105 B
452 B 33ms
33ms XHR
application/json 52.209.133.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.209.133.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-133-172.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 1cdc51f72f28493a1d9292d741d0857ccfa9721908d9ca0ae160f2d81b054d1d

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
523 B 9ms
9ms XHR
application/json 52.57.223.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.44.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.223.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-223-127.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
accept-ch: sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect
x-auction-status: 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 70ms
33ms XHR
application/json 52.223.4.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.223.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

GET
H3 200 arj Show response
fusion-media-group-d.openx.net/w/1.0/ 73 B
101 B 19ms
18ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theonion.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cae6b810-0677-4a6f-b174-c8dcc282f6f3&nocache=1686182693480&aus=970x250%2C728x90%2C1600x520&divids=dfp-ad-12&aucs=%252F4246%252Ffmg.onion%252Ffrontpage%252F12%252Fmid_banner&auid=545727615
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: d76bb6629795e99bac7337206450e67d8527b9a8fa6259b391c28364ac822bb4

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.theonion.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
801 B 19ms
16ms XHR
application/json 3.66.253.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22dc0c3962-46ae-4644-bc3b-0bbdfeb6e823%22%2C%22requestCount%22%3A2%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1686182693481%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22784664cc876d399%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%22784664cc876d399%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22cae6b810-0677-4a6f-b174-c8dcc282f6f3%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F12%2Fmid_banner%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F12%2Fmid_banner%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-12%22%2C%22transactionId%22%3A%22cae6b810-0677-4a6f-b174-c8dcc282f6f3%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%22784664cc876d399%22%2C%22bidderRequestId%22%3A%22775f7a9e03e3269%22%2C%22auctionId%22%3A%221ab62910-d5fe-471a-9acc-677f35dac38e%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B0.6999988555908203%5D%2C%22userId.mods.uid2.init%22%3A%5B0.6999988555908203%5D%2C%22userId.init.modules%22%3A%5B2.3999996185302734%5D%2C%22requestBids.usp%22%3A0.09999847412109375%2C%22requestBids.userId%22%3A0.10000038146972656%2C%22requestBids.rtd%22%3A24.100000381469727%2C%22requestBids.validate%22%3A0.10000038146972656%2C%22requestBids.makeRequests%22%3A1.5999984741210938%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.106%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D%7D%5D%2C%22prebidVersion%22%3A%227.44.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.253.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-253-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:53 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Accept-Ch: Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
Nbr: 508
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 105 B
452 B 33ms
32ms XHR
application/json 52.209.133.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.209.133.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-133-172.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 2c2fa630a1a2e79949b76eb8c22e71d7ee17c9c5753226270c36f1e97b47ee43

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 43 KB
21 KB 150ms
125ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d9a7786d5b15433844c6792ca4c07ecf84742964f817446996a52cb7a60c9455

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 08 Jun 2023 00:04:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2ee68c38-d40b-41a6-9a3c-37398a8b61b0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 71ms
33ms XHR
application/json 52.223.4.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.223.4.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac9557e2e67bd8033.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
801 B 22ms
16ms XHR
application/json 3.66.253.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22dc0c3962-46ae-4644-bc3b-0bbdfeb6e823%22%2C%22requestCount%22%3A3%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1686182693487%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%228877bb207691fd1%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%228877bb207691fd1%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%229c616f0c-b670-4908-8860-7d1f2c91b8b6%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F7%2Fmid_banner%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%2F7%2Fmid_banner%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-7%22%2C%22transactionId%22%3A%229c616f0c-b670-4908-8860-7d1f2c91b8b6%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%228877bb207691fd1%22%2C%22bidderRequestId%22%3A%228797fb858b001e9%22%2C%22auctionId%22%3A%22747f636e-3304-4b4f-b4af-e8c4f3ac47b8%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.mod.init%22%3A%5B0.6999988555908203%5D%2C%22userId.mods.uid2.init%22%3A%5B0.6999988555908203%5D%2C%22userId.init.modules%22%3A%5B2.3999996185302734%5D%2C%22requestBids.usp%22%3A0.10000038146972656%2C%22requestBids.userId%22%3A0.10000038146972656%2C%22requestBids.rtd%22%3A32.69999885559082%2C%22requestBids.validate%22%3A0.10000038146972656%2C%22requestBids.makeRequests%22%3A1.7000007629394531%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.106%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D%7D%5D%2C%22prebidVersion%22%3A%227.44.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.253.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-253-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:53 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Accept-Ch: Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
Nbr: 508
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
523 B 13ms
9ms XHR
application/json 52.57.223.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.44.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.223.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-223-127.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
accept-ch: sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
x-auction-status: 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H3 200 arj Show response
fusion-media-group-d.openx.net/w/1.0/ 73 B
101 B 21ms
17ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theonion.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9c616f0c-b670-4908-8860-7d1f2c91b8b6&nocache=1686182693488&aus=970x250%2C728x90%2C1600x520&divids=dfp-ad-7&aucs=%252F4246%252Ffmg.onion%252Ffrontpage%252F7%252Fmid_banner&auid=545727615
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e4456346c8eec65785ebeb77127440fa8d579fd862be866b2fc91c7a25b9d592

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.theonion.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content / Show response
ads.resetsrv.com/ 0
382 B 356ms
152ms XHR
text/html 138.197.55.50
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.resetsrv.com/
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.55.50 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-methods: GET, POST
content-type: text/html

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
241 B 392ms
104ms XHR
application/json 18.195.189.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.189.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-189-38.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a8b76b7932331dbd4dec75f9bc9bac3ae9cce934e40a0e638141b44d3afc71c6

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-length: 49
content-type: application/json

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 31ms
28ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:52 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 13ms
11ms XHR
text/plain 18.196.248.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.248.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-248-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:53 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
319 B 30ms
19ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU74RYRS
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: fc114c7f6486687c5c640a28e50878700373b685cb07ca61a43a47b5de732f7b

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 08 Jun 2023 00:04:53 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 2 KB
2 KB 35ms
34ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=26835719325&lsavail=0

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

354bac5c7ef0c302224db07dd50abcb4f2f6e369accfacd8be11ec6799f13396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame C0D1
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=theonion.com&sn=ChromeSyncframe&so=0&topUrl=www.theonion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=cOEeonxIWnFTU01aTGE2ZTNSK0NheDN5UzhQOUE1NERvVTQ1OGVtcWM5dE8wUHJPeXY4b3Y3VFJET3JKOXY0RmJDU1JKSHo0R000Yk52WERlZ3hCMWprZEV4REZsUTBhSTRYZEZHdDVSM0ViM3VCTEQ1L3EwdXU2SHBiWD...

431 B
667 B

77ms
16ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=cOEeonxIWnFTU01aTGE2ZTNSK0NheDN5UzhQOUE1NERvVTQ1OGVtcWM5dE8wUHJPeXY4b3Y3VFJET3JKOXY0RmJDU1JKSHo0R000Yk52WERlZ3hCMWprZEV4REZsUTBhSTRYZEZHdDVSM0ViM3VCTEQ1L3EwdXU2SHBiWDZCOUU0MHlOS2MrZDduVzZDSTlaQXEzb2hWMlhWTHVSMjZ5eHdjdFhOcU9ncEloSWhsNitPbjFEckkvYklRN1hkWkQzdnFjYnkxKzBJR1BxMVg5bFJ3c2txeWc5WkFPL3dQbHZ2TnpsdlVVbWdPc1V1ajk2dWlVaXFxT3VVVGhqUGFRYTdKNHY4MndIR291NWxFaXc3aS9qN01xbEI5MUlEVXd0V2FxZ3NuU2hsSlpYTFpXST18&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6ad702915d203974cb8318ff80474939eac3310f94468c8ed432f3bc7379ab4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:52 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 843673
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=cOEeonxIWnFTU01aTGE2ZTNSK0NheDN5UzhQOUE1NERvVTQ1OGVtcWM5dE8wUHJPeXY4b3Y3VFJET3JKOXY0RmJDU1JKSHo0R000Yk52WERlZ3hCMWprZEV4REZsUTBhSTRYZEZHdDVSM0ViM3VCTEQ1L3EwdXU2SHBiWDZCOUU0MHlOS2MrZDduVzZDSTlaQXEzb2hWMlhWTHVSMjZ5eHdjdFhOcU9ncEloSWhsNitPbjFEckkvYklRN1hkWkQzdnFjYnkxKzBJR1BxMVg5bFJ3c2txeWc5WkFPL3dQbHZ2TnpsdlVVbWdPc1V1ajk2dWlVaXFxT3VVVGhqUGFRYTdKNHY4MndIR291NWxFaXc3aS9qN01xbEI5MUlEVXd0V2FxZ3NuU2hsSlpYTFpXST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 259986
content-length: 0
expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3823 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11346
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Jun 2023 20:55:47 GMT
expires: Thu, 06 Jun 2024 20:55:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3C4F 783 B
1 KB 37ms
17ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b7299dfd212b74bf30cbc737887bbfcc4398685d4a77bffe1930fa8bd775bfa7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ycEER7e8-TqNfXGpqjPMfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ycEER7e8-TqNfXGpqjPMfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 00:04:53 GMT
expires: Thu, 08 Jun 2023 00:04:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3823 37 KB
14 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Grx7oFpFltq8b-fsl1vgPlw_mz8UVJv5RtxGiy-srTQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 12:38:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 386758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14484
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 12:38:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3C4F 0
0 40ms
40ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306010101&jk=1220447003984965&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3823 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-gS7Dg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 183957-47751755686051.js Show response
js-sec.indexww.com/ht/p/ 47 KB
16 KB 58ms
17ms Script
text/javascript 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 07 Jun 2023 23:50:16 GMT
server: cloudflare
age: 760
etag: W/"904682-bde7-5fd92cc35310d"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 7d3ce14b88ec046a-FRA
expires: Thu, 08 Jun 2023 04:04:53 GMT

GET
H2 200 runtime~trackers.72ff5fb7f8166ed35204.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
2 KB 7ms
6ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~trackers.72ff5fb7f8166ed35204.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d7fa261298e7430c764efe74a192a4bb2b3c975032be043c0402d23d800ca438

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: J52GS6MFFTBE3Q55
age: 155066
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1240
x-amz-id-2: RPVxPybGcJVm2DUMdpuKEhJ5eKuvbTO6n43kMCizHj5/sIlCZx4fAa7BF+n1XhDcVyUA1odzaEk=
x-served-by: cache-fra-eddf8230061-FRA, cache-fra-eddf8230060-FRA
last-modified: Mon, 05 Jun 2023 21:43:07 GMT
server: AmazonS3
x-timer: S1686182694.644916,VS0,VE0
etag: "28ce9e853d973730f3213e688dbbab3d"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~886e9a6a.6e1c977c60811d92a69a.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 39 KB
14 KB 9ms
7ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~886e9a6a.6e1c977c60811d92a69a.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

31f122cf25762924ab70cc26b8a04399f55321e6bc783c7712f9212808671ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: STEYS5ZPXK71FYBB
age: 1194135
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 14556
x-amz-id-2: VSbnAciaWS414cjfKzIZ+n4AesRwKYMetUJ5abfWZqKwirY2s7LdAcNVnHgaLCrMdUhjnUQoWLY=
x-served-by: cache-fra-etou8220071-FRA, cache-fra-eddf8230060-FRA
last-modified: Thu, 25 May 2023 04:15:21 GMT
server: AmazonS3
x-timer: S1686182694.645777,VS0,VE0
etag: "1f939750e5d026c26c9cb3d972c73dc5"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~1409ff5a.dc34ac826f6e0dfcce33.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 99 KB
30 KB 8ms
6ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~1409ff5a.dc34ac826f6e0dfcce33.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

eda853f004cbab26e1308fcbb0ec2dff1f2ed5fa3fa4bec7dc69090325809e4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: STESAV15CDT40J80
age: 1194135
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 30787
x-amz-id-2: zAokE5fXbH772XpZ1R0h9vSFCBusP632RSvdyOYAb2PNg+uXf9tBtEFomOcGAeY+e7YLvgMicac=
x-served-by: cache-fra-etou8220079-FRA, cache-fra-eddf8230060-FRA
last-modified: Thu, 25 May 2023 04:15:21 GMT
server: AmazonS3
x-timer: S1686182694.645764,VS0,VE0
etag: "8c7cc9da4e8b271a34a5de79c230ea5c"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~cab46d55.1599951c44aebec8a811.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 82 KB
29 KB 9ms
7ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~cab46d55.1599951c44aebec8a811.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

32652b0ebf5469b12a85e76375a74f31d902d70add4416eb8042f2d57b3e7c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: STERFMFB1VKHJQYY
age: 1194135
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 29207
x-amz-id-2: qA8Z+cVJmSWVqRvQvqrXwUC6MoD3Wzo/AtMda6bCuY8V77KkMksbWuzW7+4mj1kVnm13hochsmA=
x-served-by: cache-fra-eddf8230110-FRA, cache-fra-eddf8230060-FRA
last-modified: Thu, 25 May 2023 04:15:21 GMT
server: AmazonS3
x-timer: S1686182694.645867,VS0,VE0
etag: "8ce828eee21f862594e695a34530d19f"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~04604846.8b82008429b3b8c4a61c.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 4 KB
2 KB 11ms
7ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~04604846.8b82008429b3b8c4a61c.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4d559368d1c69df951fcf588e171789432de6d00d1dd6b02e573eab3b15f9bbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: STEY7P97Q3Y4VS6K
age: 1194135
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1521
x-amz-id-2: A3E2Yg7D42uQZ44gGfLw66Fm/t0GDOT3bKNcoxsq0M06rNKKtElLGMbysXXY89aDJE3rDHt8aUk=
x-served-by: cache-fra-eddf8230054-FRA, cache-fra-eddf8230060-FRA
last-modified: Thu, 25 May 2023 04:15:21 GMT
server: AmazonS3
x-timer: S1686182694.646707,VS0,VE0
etag: "7a84efaefdbe53adcb04b4bc9042aeb6"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~18b1f5d1.0a25c2ff49f304d9322f.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 3 KB
1 KB 11ms
8ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~18b1f5d1.0a25c2ff49f304d9322f.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6390a22550191d8816d1f55a35acc5d410919f6174c981539306912eec483f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-kinja-gdpr: true
x-amz-request-id: STEWE52HMQWVPCSP
age: 1194135
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1044
x-amz-id-2: JLR6c7sq2dyTdysDwgT0kQ8ugslpqbRhgtz0tQyzhpi8ZZdmLU6q5nHVqNW9dI6TmAeGuoN/DT8=
x-served-by: cache-fra-eddf8230078-FRA, cache-fra-eddf8230060-FRA
last-modified: Thu, 25 May 2023 04:15:21 GMT
server: AmazonS3
x-timer: S1686182694.646917,VS0,VE0
etag: "235aa6d638e59d99897309c6bc296422"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 vendor~curatedHomepage~featureSwitchPageClient~frontPage~modify-commerce-links~renderThumbsModal~sea~f37cf8a0.88978f37716afab12513.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 22 KB
7 KB 12ms
9ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~curatedHomepage~featureSwitchPageClient~frontPage~modify-commerce-links~renderThumbsModal~sea~f37cf8a0.88978f37716afab12513.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9708fbfcf504ef77c5c4170d1e9db38c159049f8ab47d04f6a452e689cf696aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: DN9SA24MKRFXZKFQ
age: 1369477
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 7001
x-amz-id-2: YMXhOjUhg7Mn1Uk49cecD/A7naZS1D4URrHCjXIn3QTjXnddpgsXl3Fn0A9t2BEWsTwFrbVE2x4=
x-served-by: cache-fra-eddf8230106-FRA, cache-fra-eddf8230060-FRA
last-modified: Tue, 23 May 2023 01:32:15 GMT
server: AmazonS3
x-timer: S1686182694.646923,VS0,VE0
etag: "01f64ef2b8592ef8b13bd1f3bfeba967"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 vendor~trackers.9fb1351ec6bf73140995.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 112 KB
40 KB 13ms
9ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.9fb1351ec6bf73140995.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4227e7808bb153943a5c2f8fbb6e877dc2ebea70934f7b223ee112124f8f8d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: EXVZ6H3658VBW1YK
age: 688148
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 40218
x-amz-id-2: /uNgti1XhtbKtWftoxD4loDQPcJBX8396zEzhjmP7rH5MYJiFzSKWkCshlhy7JFhqqy8YADVyRhunYPRgpzZZg==
x-served-by: cache-fra-eddf8230116-FRA, cache-fra-eddf8230060-FRA
last-modified: Tue, 30 May 2023 19:47:59 GMT
server: AmazonS3
x-timer: S1686182694.648457,VS0,VE0
etag: "d23e3dc6ce53d9a54501bb981fe30a5b"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 3

GET
H2 200 adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~b3110a61.a9cf3e4cef5d5ffe6eff.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 13 KB
4 KB 13ms
9ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~b3110a61.a9cf3e4cef5d5ffe6eff.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b942a11b8393dc5124bde5c57052b25bcd4bc801c645fc64fc4b45758eb0b4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 7M1FQ659PKEJ1F82
age: 207870
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 4163
x-amz-id-2: 3/ZplqgJS1RLsPdLuMosa8QLxIWsCoD3R01kwfniIHn0cfU+vnPP/+VLHDfskUrjqSlgjanfsI8=
x-served-by: cache-fra-eddf8230044-FRA, cache-fra-eddf8230060-FRA
last-modified: Mon, 05 Jun 2023 14:14:01 GMT
server: AmazonS3
x-timer: S1686182694.648460,VS0,VE0
etag: "93f0eb8a1235fea61ee735c83bdcd89d"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~7ff72d6a.ad8265a9d7a61b71b01c.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 22 KB
6 KB 14ms
10ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~7ff72d6a.ad8265a9d7a61b71b01c.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d195a6ca13d7b6184b61c3f86ece05bef86b4dea7bacc62539f94495d28225c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: GGAF3XEQMSPMSAXR
age: 77241
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 5931
x-amz-id-2: V8z8itu7+xWptPxQVEDuQJW7dhg9HBqNaZAP6PR75VH4QQe0CfKSbpuLsB0jyFjh88UWtMKn9Ag=
x-served-by: cache-fra-eddf8230049-FRA, cache-fra-eddf8230060-FRA
last-modified: Tue, 06 Jun 2023 18:57:44 GMT
server: AmazonS3
x-timer: S1686182694.648653,VS0,VE0
etag: "75507e0d34f426ae510663b00d0090da"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3, 0, 3

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~3298636b.b065892aff280515f1da.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 36 KB
9 KB 18ms
15ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~3298636b.b065892aff280515f1da.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9ed7e5a5c912084047f32c2ca7e2aae3025561bc00bff66ea3659e0703f46143

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 7M10PZG2TSF9XTEJ
age: 207870
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 9069
x-amz-id-2: UJUMiMhGyqyVQSu0jXW/ZSbGV5g++alTiWvv2QWgH3+9FFeOhjey52sPe0ewKQImDUBP5g045ag=
x-served-by: cache-fra-eddf8230083-FRA, cache-fra-eddf8230060-FRA
last-modified: Mon, 05 Jun 2023 14:14:01 GMT
server: AmazonS3
x-timer: S1686182694.652341,VS0,VE0
etag: "87ae125d458af3b6e2368bd52a11e25c"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~b1952ec8.9cf0d75fcd9d10ee03ec.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 111 KB
45 KB 23ms
20ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHom~b1952ec8.9cf0d75fcd9d10ee03ec.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

91c5700635e65ea0d8dd5cbd0825df02ccb69582117d87d1a1c03fdb28c4548c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: HDNZMNG5TPZ4FEMY
age: 161449
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 46016
x-amz-id-2: gpjNuZFDvHORaKM3dZvdUyWVjp3Tv7ng9ekz3Vlne5ePhebEd5GaRnyQF5bIA00ooWCfzGNPreI=
x-served-by: cache-fra-etou8220097-FRA, cache-fra-eddf8230060-FRA
last-modified: Mon, 05 Jun 2023 19:28:03 GMT
server: AmazonS3
x-timer: S1686182694.652884,VS0,VE0
etag: "e384efe513bacff797c3e9c3422fc78c"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~49489617.adca4d933802a1af9d6f.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 84 KB
13 KB 18ms
15ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~49489617.adca4d933802a1af9d6f.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

11345de24d584dd7bee5d55c4c52c01782e2d9c2fb5cd7977c5bab24b5cc165b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: 9VR81Q861TAJTB7A
age: 57480
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 13077
x-amz-id-2: oOumS5FP8gRSeZx5FXG6KGsNAdkdZoFlQnxrimFuW0x17qFoKvu0hM1TM1xFPhybDoAYG53Wrhk=
x-served-by: cache-fra-etou8220077-FRA, cache-fra-eddf8230060-FRA
last-modified: Wed, 07 Jun 2023 08:00:42 GMT
server: AmazonS3
x-timer: S1686182694.652093,VS0,VE0
etag: "6e03d88faf61bb10733480678771c11b"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.7f1d59f874f28b7d6c30.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 14 KB
5 KB 20ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.7f1d59f874f28b7d6c30.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dfb313ca733fc88f562f966c85f1cc03bf4ed0c21b892e1052a97a59c9776ad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: NT2C8ZVKWBSA1A0K
age: 171204
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 5059
x-amz-id-2: AjCNoaTbs1iJQw9Kf85FhI/yb5RPsSUaKITUcYmAZAEZUon/J5NRQV1WIa/XeAN+F0kj5yoKqX4=
x-served-by: cache-fra-etou8220049-FRA, cache-fra-eddf8230060-FRA
last-modified: Mon, 05 Jun 2023 21:43:01 GMT
server: AmazonS3
x-timer: S1686182694.652501,VS0,VE0
etag: "bfbe185c478716ba25e46b4894ea0cdd"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0, 3

GET
H2 200 trackers.fe4e7a222de18e06c3fe.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 11 KB
4 KB 17ms
14ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/trackers.fe4e7a222de18e06c3fe.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0f574044436c9c034b7b2f4b614519487a870cc9375754688e4b4648432d9bae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-kinja-gdpr: true
x-amz-request-id: STEJBTEYTYD2Y9E7
age: 1194135
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 3749
x-amz-id-2: TunNmRDyJJyIhXG8BQPY/tS6vH749GCiSGYnPvCPtDifuANLxcM8C18sJCA1SBtZIHEyl3MWOKc=
x-served-by: cache-fra-eddf8230134-FRA, cache-fra-eddf8230060-FRA
last-modified: Thu, 25 May 2023 04:15:21 GMT
server: AmazonS3
x-timer: S1686182694.652124,VS0,VE0
etag: "3652980f183254bad2f6bde62ffb208a"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0, 3

GET
H2 200 runtime~curatedHomepage.d0b4176dd44edded8fc0.js Show response
x.kinja-static.com/assets/new-client/ 29 KB
6 KB 20ms
17ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/runtime~curatedHomepage.d0b4176dd44edded8fc0.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

603aa6c6d73621d0c3fadad73b5f9fcd5efe05519300fce64722c6547e86c206

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 1YPCWS65R68D8D29
age: 64
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 5524
x-amz-id-2: b+aWzqwLvP1zLN6jYj9TAwqhHSi6XS83CpWVf2SxH0cD5H630pKUd3NPUqr/vO+xZCzdDrH7/bw=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 07 Jun 2023 20:22:56 GMT
server: AmazonS3
x-timer: S1686182694.652091,VS0,VE1
etag: "99c60b1fad2061f35e4b467ec2814029"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~adEditor~alertsUnsubscribePage~biztoolsPage~celebrityPage~channelSectionPage~commerceDashboar~a8323f65.6cb1d474f114a94bc6de.js Show response
x.kinja-static.com/assets/new-client/ 119 KB
33 KB 15ms
12ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~celebrityPage~channelSectionPage~commerceDashboar~a8323f65.6cb1d474f114a94bc6de.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b0a01c6c99df338c4afba8aab124277ffe5ebcdef92d3b67532fbeb547039237

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: JFZGA02ZW5HZPVAT
age: 110
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 33780
x-amz-id-2: MJjtUyyHOIBIeAGhKVH6eNx7Qrpt8DDYHy1R5PVcIG3mC+Dtmopg+D4hc0kl4iW11gC4DHcAoOoDeuIl3YNYVQ==
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 06 Jun 2023 18:57:51 GMT
server: AmazonS3
x-timer: S1686182694.652078,VS0,VE0
etag: "31e1d4b2c53d3c8a3bd73623f291b6b5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~PlaylistCarousels~YMALModule~adEditor~alertsUnsubscribePage~biztools~car-comparator~car-selec~1e23358a.76dcf4a78395f7e74ea6.js Show response
x.kinja-static.com/assets/new-client/ 5 KB
2 KB 15ms
12ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~PlaylistCarousels~YMALModule~adEditor~alertsUnsubscribePage~biztools~car-comparator~car-selec~1e23358a.76dcf4a78395f7e74ea6.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

221c51d6190d8c5cf2217bc17bc7ed47c99c31528fb2b8800c4c0233742a5038

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: NPA5T2CETM49KX2F
age: 103
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1692
x-amz-id-2: C8xy36+BDqjygolTJKOmcBiRaMYv/eZJeBmi1XM7/2bzfmcu/BM35sD+YloUTfP/hSqyY570y00=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Mon, 05 Jun 2023 21:43:08 GMT
server: AmazonS3
x-timer: S1686182694.652090,VS0,VE0
etag: "9ed40de431b082343b1a463413baf555"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~b6f49741.19f7e5273d31fd216307.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
1 KB 18ms
16ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~b6f49741.19f7e5273d31fd216307.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3b37d2310598b93846c2771a556ce6d1577946b972cfa8e6eadf8725f31c6e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 7M112QYW8CE5ZA05
age: 17
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 800
x-amz-id-2: DNLyxz1yiNcIFbcvfnvgGDhCeLYy0udxWa7v5ln/p8Q35+Hae7HcKt6n9jHUKVJyi5BlzffHXMo=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Mon, 05 Jun 2023 14:14:09 GMT
server: AmazonS3
x-timer: S1686182694.651838,VS0,VE1
etag: "3f557b78b7de0245fe8af30ad5aec20c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~curatedHomepage~frontPage~modify-commerce-links~searchPage~tagPage.77f11d3d0d583d537b53.js Show response
x.kinja-static.com/assets/new-client/ 19 KB
7 KB 13ms
11ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~curatedHomepage~frontPage~modify-commerce-links~searchPage~tagPage.77f11d3d0d583d537b53.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b3f483b4c4f941a7cc1860356329639370e23b643ba93da4be31500be0b4c1ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: XTK8G4ZERYTAA05G
age: 69
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 6518
x-amz-id-2: XOxXBflJE3Jtzoa2M1C7YIHkyXObCY+WyNN2IgC6fasaO795PMV2qjyIOfbwUwnqmDQ6AKJ47rY=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 23 May 2023 01:32:15 GMT
server: AmazonS3
x-timer: S1686182694.651824,VS0,VE0
etag: "c7097200d8bc0d095ace2acc71d445ea"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~curatedHomepage.d9da915b21ff1bbca473.js Show response
x.kinja-static.com/assets/new-client/ 4 KB
1 KB 18ms
16ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~curatedHomepage.d9da915b21ff1bbca473.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4e654dc4aa833a34b4871aa86e91240fe6b88560fdffcd9b1023d9cc31d1753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: EQ7AF4JXYVT9VS47
age: 56
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1283
x-amz-id-2: vYITIhV9tBHOVzlPG+cFX72heSMBNk3MLEaAs2H/rqiH86Jpt9bbso47oUbfHJM+xd7xNIvhEW8=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 07 Jun 2023 20:22:58 GMT
server: AmazonS3
x-timer: S1686182694.651801,VS0,VE1
etag: "63343bc59af456cf511770e8acf1469d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 PlaylistCarousels~biztools~commerceDashboard~curatedHomepage~curatedPostsPage~getPopularPostIdsForNe~7378a919.fd61ab5be9c3b78d1110.js Show response
x.kinja-static.com/assets/new-client/ 12 KB
3 KB 12ms
11ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/PlaylistCarousels~biztools~commerceDashboard~curatedHomepage~curatedPostsPage~getPopularPostIdsForNe~7378a919.fd61ab5be9c3b78d1110.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

48232b3eb6d3449819b8dadca15226fbdd9b51976219b2e7faf4a3cad881dd84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 3QBVB96MK4BS4H0D
age: 91
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3002
x-amz-id-2: LHmhXmL+/EwCKi6XaeRy36yn5Py9ObL+QvLuDiIao6E5dA6IMLcOlGZRJVyoFZICrFe54icAr7Q=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 07 Jun 2023 09:23:38 GMT
server: AmazonS3
x-timer: S1686182694.651797,VS0,VE0
etag: "6dc36788152f313c2fbdc24e6ce3ab4e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 curatedHomepage.52dc7ffc5bfd421bd778.js Show response
x.kinja-static.com/assets/new-client/ 132 KB
27 KB 15ms
14ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/curatedHomepage.52dc7ffc5bfd421bd778.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f11ce7d249dc49a2a0fda2e6923560c64c20426f3cb4eba52a85dc27c79e61e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 1YP44E8NS830ZJBR
age: 64
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 27411
x-amz-id-2: kwvurEG+YmQgsGeTN/XgDx1taZLqT2b/1QKiwz9lc7t3mhhGLdiDgyAcKb547wSf/4it0CKym6w=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 07 Jun 2023 20:22:53 GMT
server: AmazonS3
x-timer: S1686182694.651852,VS0,VE1
etag: "7587c907a0bc7cbc37bbf3c975242046"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
440 B 69ms
48ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 37ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FBJXBGD4M8&gtm=45je3650&_p=1748584832&cid=1322708686.1686182693&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686182693&sct=1&seg=0&dl=https%3A%2F%2Fwww.theonion.com%2F&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&uid=none&en=page_view&_fv=1&_ss=1&ep.site_section=1636079510&ep.content_channel=none&ep.content_section=none&ep.content_subsection=none&ep.content_role=&ep.adblock=false&ep.content_type=frontpage&up.adblock=false&up.user_type=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pid Show response
www.theonion.com/api/magma/veritas/ 40 B
841 B 165ms
164ms Fetch
text/html 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/magma/veritas/pid?cb=1686182693746

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.9fb1351ec6bf73140995.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

84499a87fc7dbeb8fcf5dca79fd6618bf5e212331606870ad99737035ca38a9a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-kinja-server: kinja-magma-kube01-fd5dbd858-cf4p6
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
date: Thu, 08 Jun 2023 00:04:53 GMT
x-kinja-gdpr: true
x-kinja-build: 4170
x-powered-by: Express
x-cache: MISS, MISS, MISS
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja: kinja-magma-kube01-fd5dbd858-cf4p6 #4170
x-cdn-fetch: mantle-nocache
content-length: 40
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000133-IAD, cache-iad-kjyo7100106-IAD, cache-fra-eddf8230060-FRA
x-googlenews-bot: false
x-timer: S1686182694.750518,VS0,VE158
etag: W/"28-bPnwDkqz5qOm+vJkH0Z6mLryNYw"
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-Location
content-type: text/html; charset=utf-8
cache-control: private, no-store, no-cache
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-kinja-revision: 80a44da0f443fac5bd82de372634851d4345e5d5
x-cache-hits: 0, 0, 0

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://kinja-com.videoplayerhub.com/gallery.js
https://btloader.com/tag?h=kinja-com&upapi=true

15 KB
7 KB

163ms
130ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=kinja-com&upapi=true
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e4f524c55f2b541fd3f407e6b660f95bd0c046867a1b85a50ea65d30406b383

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 08 Jun 2023 00:02:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a30b95b0a3ff29236466e734e74885a8"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlaEWJmAHcseOm3PfM2OndW%2BvnIQqXqgxTw%2FilFUhC9lrSxr91aKzu7xt%2BYeesNeWkdJvrw26UzTuAzjrRmRuQ65HiUxHpxAM2%2FRNK3c%2F6gtUHl9TDiiGdTZmNBsqgrQdEbFiZX6v6aaLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7d3ce14cad458fe9-FRA

Redirect headers

date: Thu, 08 Jun 2023 00:04:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0Yw%2BaF5tqFwup7s8bkw7VgNk8Med1QKO8Axucy2yDhlO8OT2r4%2FKiOKztk%2BgouuDk7LU9PqabdGwZu3nrf1N0YnutuIo4M9%2BHnwq9COEnUnqAXjJzVAHfeNUq%2FbsZf6MJpOmRSkbYADOUQO09sIZb3vaPwhMT5guQk%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=kinja-com&upapi=true
cache-control: max-age=3600
cf-ray: 7d3ce14c2e9937f8-FRA
expires: Thu, 08 Jun 2023 01:04:53 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 51ms
6ms Script
application/x-javascript 2600:9000:2057:de00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:de00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 00:57:30 GMT
content-encoding: gzip
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 83243
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: wSFVh8ZlOMNmflivC9nvqgWF6qRX3MueduydVlAML78Gf3BvuhRCdg==
expires: Thu, 08 Jun 2023 00:57:30 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
261 B 106ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 iframe-communication.b8862d0cd27d574861d9.js Show response
x.kinja-static.com/assets/new-client/ 3 KB
1 KB 8ms
7ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/iframe-communication.b8862d0cd27d574861d9.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dbca21de82ba69b1bc23cd1c49721d7b763db98007a74397ad196d494e552f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: EBQ1WKF8R8GCPRAN
age: 50
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1218
x-amz-id-2: hpUgwxb2VIGaUNMXHYZvp+bsob/yRZNuwR0e7eVPBG/wKm54df/VYJ0bgHKcuRKo6nJnxO18Kw8=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Mon, 05 Jun 2023 21:43:04 GMT
server: AmazonS3
x-timer: S1686182694.786684,VS0,VE1
etag: "aa0ce04290e2a01380cb9b1ab0a85b3f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 next-video-loader.4d47af2764c1341eda0e.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
944 B 7ms
7ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/next-video-loader.4d47af2764c1341eda0e.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ecc6048b0ab170cfabbfb84ffd407ee53906b0fe898d6d9284f0b6f36220e365

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: V57154A393MCK4YD
age: 40
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 708
x-amz-id-2: MdRNQQT1c/n1dYHhRtPH7Ts1TIE87Cl3zZitc3kQ6BQCmM+D8uaiTlNYxrfOta8h8BkjFUKWnDah5mZP4Dh/NQ==
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Wed, 07 Jun 2023 08:00:45 GMT
server: AmazonS3
x-timer: S1686182694.790155,VS0,VE1
etag: "b9992345f88587674ac0ace56c57f06c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 adEditorComponent~api-video-meta~feed-stream-load-more~getShowBrowserData~in-article-selector~render~352baa22.6071083b0d296c14c828.js Show response
x.kinja-static.com/assets/new-client/ 7 KB
2 KB 8ms
7ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/adEditorComponent~api-video-meta~feed-stream-load-more~getShowBrowserData~in-article-selector~render~352baa22.6071083b0d296c14c828.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

73e0b4849267d52ad5b7ec2770d92fb24b85b127aa7ae835700f6d5d0e755c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: FS19XKJB4ZBWXVG9
age: 50
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1899
x-amz-id-2: SwNSQzfq6ZvFpkR0mSX7O0eprEr5mLvVZY79xfsq+/VmzKKTMv3+ecuoTBo8+kH7SUsT84IgvA8=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Tue, 06 Jun 2023 22:25:30 GMT
server: AmazonS3
x-timer: S1686182694.790269,VS0,VE1
etag: "5cf61bd843998ad94ef5b09e6853d38b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 api-video-meta.0f24c8b17bc45e467906.js Show response
x.kinja-static.com/assets/new-client/ 5 KB
2 KB 8ms
8ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/api-video-meta.0f24c8b17bc45e467906.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a7ebec103c04aedd9c1b8e8136c0afc3d979b46c8d1cc92f8a4a9ea62dc6f3aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 3XG572TPHCE5AM9N
age: 40
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1699
x-amz-id-2: KT/3Tm1Hs4BUuvJHHwwKOvBPzJdtrijYrOqbXzWEWBJRwSG/f8uKi9uhZ5dK52e7le4x3dtopzU=
x-served-by: cache-fra-eddf8230060-FRA
last-modified: Mon, 29 May 2023 16:10:31 GMT
server: AmazonS3
x-timer: S1686182694.790669,VS0,VE1
etag: "7dff80ea9d7a867ec9f469e1ff8843e5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 roboto_condensed_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 15 KB
16 KB 7ms
6ms Font
binary/octet-stream 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_bold-webfont.woff2?11012022

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: GCSMRVJXDDS48WB9
age: 35
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 15660
x-amz-id-2: MFymAouKCPN+z67dmwLx9HJmPb6P+cZz7LizC5BV5onV/uwT7hXQTqWDuwHNVnaxDUaQ46p4tZ8=
x-served-by: cache-fra-eddf8230139-FRA
last-modified: Fri, 13 Jan 2023 15:40:57 GMT
server: AmazonS3
x-timer: S1686182694.799757,VS0,VE0
etag: "d7b0b953a50fddaa88089b5b787cf719"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 roboto_condensed_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto/ 15 KB
16 KB 8ms
7ms Font
binary/octet-stream 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto/roboto_condensed_reg-webfont.woff2?11012022

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 563YCJKW05V1F2RY
age: 105
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 15700
x-amz-id-2: AOKxzz7KSbFSOyL3zNGyVkWEUqPiBupH3OftBYWSJZHKHUSOjz1C4hDPF5kql0C5GChjPyVv8j21pmB3FP+uCktlL1r9aUcS
x-served-by: cache-fra-eddf8230139-FRA
last-modified: Fri, 13 Jan 2023 15:40:59 GMT
server: AmazonS3
x-timer: S1686182694.799864,VS0,VE0
etag: "3d7f7413fca69bff4d231ebdc50aaab0"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/ 18 KB
18 KB 7ms
7ms Font
binary/octet-stream 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: FVP1VNSQ085N11QY
age: 105
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17984
x-amz-id-2: ytgAJ2cqu3UEANmICP6jIyMgyHyqavCy2JxA+aHn/GEyh7AmpdNcrJwX1udtNF/r1Asvaozq0Mg=
x-served-by: cache-fra-eddf8230139-FRA
last-modified: Mon, 29 May 2023 16:10:31 GMT
server: AmazonS3
x-timer: S1686182694.800438,VS0,VE0
etag: "0518781cd45a71291d17ea1febfcc5fe"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
369 B 35ms
14ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
361 B 48ms
15ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
168 B 344ms
124ms XHR
application/json 3.218.56.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=GOMEDIA&sv_domain=www.theonion.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.56.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-56-233.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:54 GMT
access-control-allow-credentials: true
server: nginx/1.22.0
content-length: 2
vary: Origin
content-type: application/json

GET
H2 204 any Show response
idx.liadm.com/idex/ie/ 0
313 B 323ms
102ms XHR
text/plain 54.164.253.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/ie/any

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.253.83 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-253-83.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 08 Jun 2023 00:04:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
trace-id: 2aab4b0ab10f10a4
vary: Origin
request-time: 2

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
390 B 40ms
32ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183957&gdpr=0
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: a03278b60ce0dd9f7965d43d8055f9d63f487e770c0bc32b951941e951364a73

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 08 Jul 2023 00:04:53 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 321ms
102ms Image
image/gif 34.198.228.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=theonion.com&p=%2F&u=DU3sdUbWdLjB0RHAw&d=theonion.com&g=3012&g0=www.theonion.com&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5827&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.theonion.com%2F&b=503&t=BUD_W9CQM-EaC8B1f7BN6KnTCRuIZa&V=139&i=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&tz=0&sn=1&sv=C31wGHBvA2SmBKZlJyXDQPUBOCIT7&sd=1&im=067b2ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.228.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-228-54.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 08 Jun 2023 00:04:54 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 14ms
14ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1748584832&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABFAQCACAAI~&jid=1961938936&gjid=1075354607&cid=1322708686.1686182693&tid=UA-223393-1&_gid=1293780195.1686182694&_r=1&_slc=1&cd34=none&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=frontpage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=frontpage&cd134=1&z=496145938

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 13ms
13ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1748584832&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABFAQCACAAI~&jid=116124527&gjid=1775453372&cid=1322708686.1686182693&tid=UA-142218-33&_gid=1293780195.1686182694&_r=1&_slc=1&cd34=none&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=frontpage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=frontpage&cd134=1&z=717411112

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
11 KB 244ms
244ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1220447003984965&correlator=4024673543750776&eid=31075025%2C31075122%2C676982996&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x520&ifi=2&adks=753366804&sfv=1-0-40&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-01%26amznbid%3D2%26amznp%3D2%26id%3D107f6dd0-0590-11ee-93a7-06d8cca89c2a%26vw05%3D40%26vw%3D40%2C50%26fr%3Dfalse%26ias-kw%3DIAS_1509460_PG%2CIAS_3006645_PG%2CIAS_3006644_PG%2CIAS_3005178_PG%2CIAS_3005118_PG%2CIAS_1500902_PG%2CIAS_3005061_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.70%26hb_adid_appnexus%3D112e6fd0e713d539%26hb_bidder_appnexus%3Dappnexus%26hb_format_criteo%3Dbanner%26hb_size_criteo%3D970x250%26hb_pb_criteo%3D0.10%26hb_adid_criteo%3D107b89f602920a88%26hb_bidder_criteo%3Dcriteo%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.70%26hb_adid%3D112e6fd0e713d539%26hb_bidder%3Dappnexus&eri=1&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&sc=1&cookie=ID%3D371e02de581a672a%3AT%3D1686182693%3ART%3D1686182693%3AS%3DALNI_MZK_LsbvdtsZsXgMG6jHUEKCxNASg&gpic=UID%3D00000c2d44ea9a1c%3AT%3D1686182693%3ART%3D1686182693%3AS%3DALNI_MZ3NiRkkK_5K1RKXJggQy7PhjpltA&abxe=1&dt=1686182693947&lmt=1686182693&dlt=1686182692113&idt=1167&adxs=1200&adys=1399&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=1028&ohw=4000&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1322708686.1686182693&ga_sid=1686182693&ga_hid=1748584832&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGMCTyMKJMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb9d2f50d00b8a7480c4711bf963540095e3d0e8bb4d379db663866bd89d3560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11729
x-xss-protection: 0
google-lineitem-id: 4601586157
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138271806400
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
11 KB 389ms
389ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1220447003984965&correlator=4024673543750776&eid=31075025%2C31075122%2C676982996&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x520&ifi=3&adks=3426865480&sfv=1-0-40&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-02%26amznbid%3D2%26amznp%3D2%26fr%3Dfalse%26ias-kw%3DIAS_1509460_PG%2CIAS_3006645_PG%2CIAS_3006644_PG%2CIAS_3005178_PG%2CIAS_3005118_PG%2CIAS_1500902_PG%2CIAS_3005061_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.70%26hb_adid_appnexus%3D110772b972f40f74%26hb_bidder_appnexus%3Dappnexus%26hb_format_criteo%3Dbanner%26hb_size_criteo%3D970x250%26hb_pb_criteo%3D0.15%26hb_adid_criteo%3D10545c14ea435d08%26hb_bidder_criteo%3Dcriteo%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.70%26hb_adid%3D110772b972f40f74%26hb_bidder%3Dappnexus&eri=1&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&sc=1&cookie=ID%3D371e02de581a672a%3AT%3D1686182693%3ART%3D1686182693%3AS%3DALNI_MZK_LsbvdtsZsXgMG6jHUEKCxNASg&gpic=UID%3D00000c2d44ea9a1c%3AT%3D1686182693%3ART%3D1686182693%3AS%3DALNI_MZ3NiRkkK_5K1RKXJggQy7PhjpltA&abxe=1&dt=1686182693958&lmt=1686182693&dlt=1686182692113&idt=1167&adxs=1200&adys=1957&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=1028&ohw=4000&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1322708686.1686182693&ga_sid=1686182693&ga_hid=1748584832&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGMCTyMKJMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53204c8a3d3cb96a17405b3a243772884943c253da37b59c1bffda4ee6a387ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11688
x-xss-protection: 0
google-lineitem-id: 4601586157
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138271807375
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.0.1/ 111 KB
31 KB 26ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:53 GMT
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 2559483
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 31023
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Tue, 09 May 2023 09:06:26 GMT
server: AmazonS3
x-timer: S1686182694.993783,VS0,VE0
etag: "f42b894e197d2128ee7d3b438e0ac56d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Vhm6dOEKajN0FRv5wq0rnJkAbon7mYzOuY27F6XguPOQ7eVWctdV0A==
x-cache-hits: 85091

GET
H2 200 feed-card-placeholder.20230607-31-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 7ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230607-31-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25007de8764634d8bc211e51d9839d3070df949f2c01d4ac48e4d09d59bce665

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: BblcpSKvnDIwWMcNUMo.aycLikpHo45F
content-encoding: gzip
via: 1.1 varnish
date: Thu, 08 Jun 2023 00:04:53 GMT
x-amz-request-id: 2TZJ3RK1CB63DH1N
age: 28724
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: ArlC5P4TvFxoNKOAPikVz3VHJZNUd4EZD6KVvl+7f55n+DqKQvKHLTFk0nyH6kgdMz5KldXWzhE=
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Wed, 07 Jun 2023 16:06:10 GMT
server: AmazonS3
x-timer: S1686182694.978706,VS0,VE0
etag: "35932427149e76c1510485bc8d2d7965"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 84
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 45310

GET
H2 200 cta-component.20230607-31-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 19 KB
5 KB 7ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20230607-31-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1478ce3a4a4650bacf558bce81b08ddc10a17a20107a59ebbd45532a673a9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: l5JHh80DK6gQATSMXN4Ga4DGCUXxvkID
content-encoding: gzip
via: 1.1 varnish
date: Thu, 08 Jun 2023 00:04:53 GMT
x-amz-request-id: RFDMS0TNGS9D5FMS
age: 28730
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4737
x-amz-id-2: GQBfsMpEvfwOWPW8KrO02KITm2Ja/i44DvASXn4XiF9esiqJTVV7qwxKwpfMt5Dasq3XVcMGBW0=
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Wed, 07 Jun 2023 16:06:03 GMT
server: AmazonS3
x-timer: S1686182694.990536,VS0,VE0
etag: "77e5a66beeef4a86b19f76113af0e7c9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 84
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 2100

GET
H2 200 userx.20230607-31-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230607-31-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b38f0427019bc8f4c8db0b9e53f0a3d94d2b255db6e4b52b79e03648593156a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: pOyzmAI42D_.GhfD8F0raAzCGCvJDwcE
content-encoding: gzip
via: 1.1 varnish
date: Thu, 08 Jun 2023 00:04:53 GMT
x-amz-request-id: 1626EXV7J3HW7MCK
age: 28752
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: MfxHy947yY0w44CTz4g9TCiDxiXD4C14lNQRWnwOr3P985PsVll2bjGx+4Enosz+Zx40sQxZamg=
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Wed, 07 Jun 2023 16:05:41 GMT
server: AmazonS3
x-timer: S1686182694.991660,VS0,VE0
etag: "f948e0a0be3612a853dd4fc8fbe2a568"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 84
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 7270

GET
H2 200 distance-from-article.20230607-31-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
2 KB 8ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230607-31-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b7b266b8bd84e119c203ddd34b31bfbaca6e4941c70118701f1bbfc9ec5a30c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: hRXCstGonMqP1whLDaPuorOGlcEAm19W
content-encoding: gzip
via: 1.1 varnish
date: Thu, 08 Jun 2023 00:04:53 GMT
x-amz-request-id: 12168AED6V0B2FBW
age: 28729
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1136
x-amz-id-2: CsNq3hC6b9lPCvvi3/7z1lzfOXMMfePEeWXTgv0VhItZlKBktvHGEU7O69hBF2Zo6SHJ6kgvsa8=
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Wed, 07 Jun 2023 16:06:05 GMT
server: AmazonS3
x-timer: S1686182694.992079,VS0,VE0
etag: "0be81fd273bad4c1a1a6029bea5e8e7b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 84
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 48744

GET
H2 200 article-detection.20230607-31-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230607-31-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ca7734ed5a4773635f1ae05b0b55c1653d759d3c3513baab8a39d4c96631da4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: X_c1wEKk7DlG2tGZFTcWSZSVrFUxdw5c
content-encoding: gzip
via: 1.1 varnish
date: Thu, 08 Jun 2023 00:04:53 GMT
x-amz-request-id: 4M72P784CK0PZWQ8
age: 28736
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1236
x-amz-id-2: 0eMSd13O04NBl1hEb4ykplNEhGWYB2LdgSp3tvn6+JCJDPHv3NGcFm4/KTSnF/pv1B0RejFfhBE=
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Wed, 07 Jun 2023 16:05:59 GMT
server: AmazonS3
x-timer: S1686182694.992150,VS0,VE0
etag: "2ea17fc1b2ed95675c117f1076ffbd62"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 84
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 48804

POST
H2 204 abtests
am-trc-events.taboola.com/gomedia1-theonion/log/3/ 0
247 B 65ms
16ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/gomedia1-theonion/log/3/abtests?route=AM:AM:V&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1686182693993%7D&tim=00%3A04%3A53.993&id=8706&llvl=2&ri=cef51a09454f3e74b1e5e6318c400237&sd=v2_5bfba807982109e119c5eee3eae5f91c_2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5_1686182693_1686182693_CIi3jgYQ5LxeGJyUyMKJMSABKAEwODib4wlAjIoQSJGs2QNQ____________AVgAYABo___734HB_v8JcAA&ui=2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5&pi=/&wi=3642577999104193222&pt=home&vi=1686182693404&
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230607-31-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: https://www.theonion.com
pragma: no-cache
date: Thu, 08 Jun 2023 00:04:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/gomedia1-theonion/log/3/ 0
231 B 64ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/gomedia1-theonion/log/3/abtests?route=AM:AM:V&lti=deflated&ri=cef51a09454f3e74b1e5e6318c400237&sd=v2_5bfba807982109e119c5eee3eae5f91c_2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5_1686182693_1686182693_CIi3jgYQ5LxeGJyUyMKJMSABKAEwODib4wlAjIoQSJGs2QNQ____________AVgAYABo___734HB_v8JcAA&ui=2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5&pi=/&wi=3642577999104193222&pt=home&vi=1686182693404&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1686182693980%7D&tim=00%3A04%3A53.981&id=352&llvl=2&cv=20230607-31-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 08 Jun 2023 00:04:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 7ms
7ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Thu, 08 Jun 2023 00:04:54 GMT
x-amz-request-id: AYAY8C5RV6VHFQFT
age: 18
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: uXXi/CHzx4H+k/Dav0BANeZz2+huxUaTAYSpYKv6pyAG2ehKzSWgM89aoMgNsGGv1IubO09tKIk=
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1686182694.012587,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 84
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 9

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
11 KB 480ms
480ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1220447003984965&correlator=4024673543750776&eid=31075025%2C31075122%2C676982996&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x251%7C970x90%7C728x90%7C1600x520&ifi=4&adks=2283483005&sfv=1-0-40&prev_scp=article_position%3Dnone%26pos%3Dtop%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dtop-01%26amznbid%3D2%26amznp%3D2%26fr%3Dfalse%26ias-kw%3DIAS_1509460_PG%2CIAS_3006645_PG%2CIAS_3006644_PG%2CIAS_3005178_PG%2CIAS_3005118_PG%2CIAS_1500902_PG%2CIAS_3005061_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.50%26hb_adid_appnexus%3D108f9b5147e38ab2%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.50%26hb_adid%3D108f9b5147e38ab2%26hb_bidder%3Dappnexus&eri=1&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&sc=1&cookie=ID%3D371e02de581a672a%3AT%3D1686182693%3ART%3D1686182693%3AS%3DALNI_MZK_LsbvdtsZsXgMG6jHUEKCxNASg&gpic=UID%3D00000c2d44ea9a1c%3AT%3D1686182693%3ART%3D1686182693%3AS%3DALNI_MZ3NiRkkK_5K1RKXJggQy7PhjpltA&abxe=1&dt=1686182694015&lmt=1686182694&dlt=1686182692113&idt=1167&adxs=1515&adys=303&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&psz=4000x290&msz=4000x290&fws=1028&ohw=4000&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1322708686.1686182693&ga_sid=1686182693&ga_hid=1748584832&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGMCTyMKJMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10e23491a1d0243551fed7a9f1cf016bc37e27b5f57a9ace7567c7461dfc1ff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11707
x-xss-protection: 0
google-lineitem-id: 4601585758
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138271807375
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
11 KB 642ms
641ms XHR
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1220447003984965&correlator=4024673543750776&eid=31075025%2C31075122%2C676982996&output=ldjh&gdfp_req=1&vrg=202306010101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x520&ifi=5&adks=546244911&sfv=1-0-40&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-03%26amznbid%3D2%26amznp%3D2%26fr%3Dfalse%26ias-kw%3DIAS_1509460_PG%2CIAS_3006645_PG%2CIAS_3006644_PG%2CIAS_3005178_PG%2CIAS_3005118_PG%2CIAS_1500902_PG%2CIAS_3005061_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.70%26hb_adid_appnexus%3D1145b58d2574dc92%26hb_bidder_appnexus%3Dappnexus%26hb_format_criteo%3Dbanner%26hb_size_criteo%3D970x250%26hb_pb_criteo%3D0.10%26hb_adid_criteo%3D106d23920c8d7a23%26hb_bidder_criteo%3Dcriteo%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.70%26hb_adid%3D1145b58d2574dc92%26hb_bidder%3Dappnexus&eri=1&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&sc=1&cookie=ID%3D371e02de581a672a%3AT%3D1686182693%3ART%3D1686182693%3AS%3DALNI_MZK_LsbvdtsZsXgMG6jHUEKCxNASg&gpic=UID%3D00000c2d44ea9a1c%3AT%3D1686182693%3ART%3D1686182693%3AS%3DALNI_MZ3NiRkkK_5K1RKXJggQy7PhjpltA&abxe=1&dt=1686182694027&lmt=1686182694&dlt=1686182692113&idt=1167&adxs=1200&adys=2746&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.theonion.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=1028&ohw=4000&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1322708686.1686182693&ga_sid=1686182693&ga_hid=1748584832&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGMCTyMKJMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3447b3844cac8a8f33ae1a5090a1673d960ba0555bc387586b56377d6f926eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11709
x-xss-protection: 0
google-lineitem-id: 4601586157
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138271806403
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 66ms
20ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-223393-1&cid=1322708686.1686182693&jid=1961938936&gjid=1075354607&_gid=1293780195.1686182694&_u=aCDACEAAFAQCACAAI~&z=3356010

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 08 Jun 2023 00:04:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 52ms
21ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-142218-33&cid=1322708686.1686182693&jid=116124527&gjid=1775453372&_gid=1293780195.1686182694&_u=aCDACEABFAQCACAAI~&z=1804056329

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 08 Jun 2023 00:04:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 info Show response
www.theonion.com/api/veritas/ 84 B
794 B 111ms
110ms Fetch
application/json 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/veritas/info?pi=c7a00c9bce623bc72b39e67e0ec336c0b131058e&cb=1686182694077

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.9fb1351ec6bf73140995.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d50327f80f3a8427e88fa31eef4d8bd7c9e3409c0bf53af2e9149cb0aa32bb59

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Jun 2023 00:04:54 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: master-only
x-kinja-gdpr: true
age: 0
x-cache: MISS, MISS, MISS
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 100
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200056-IAD, cache-iad-kcgs7200115-IAD, cache-fra-eddf8230090-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1686182694.082012,VS0,VE104
x-frame-options: DENY
vary: Accept-Encoding, Authorization, X-Valid-Scroll-User
content-type: application/json
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

POST
H2 200 b
www.theonion.com/api/veritas/ 0
0 113ms
113ms Fetch 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/veritas/b?debug=0

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.9fb1351ec6bf73140995.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-Veritas-Version: 1.1.2
Content-Encoding: gzip
Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self'
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 08 Jun 2023 00:04:54 GMT
x-permitted-cross-domain-policies: master-only
x-kinja-gdpr: true
x-cache: MISS, MISS, MISS
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-nocache
content-length: 0
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100071-IAD, cache-iad-kjyo7100071-IAD, cache-fra-eddf8230090-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1686182694.089020,VS0,VE106
x-frame-options: DENY
cache-control: no-cache, no-store, private
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0, 0

GET
H2 200 px.gif
ad-delivery.net/ 43 B
342 B 50ms
17ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1748653
x-guploader-uploadid: ADPycdv8qge5fWlwp9rZXF6LbyExXl2o9Iy5jHQbOEZ0qlQxv_isrzPT7gE5TvR4yPQIXKy-veOtsiFQ4Jd5X0X9m6yejQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqCVFacyn5wehBpOA4%2Fsa5LJ8d1fH13UAUNcEV1HOleKa7K05TTDmjc6ZCgDN%2FJJ0JwhOx1X9qV3mjIED36nUJse8LtAhZRCgw%2BTsvCivCZ%2B2GMlchB6CK61MpmWy9V33tFppi%2Fx%2BTVk15VVHw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7d3ce14e4bde3809-FRA
expires: Thu, 18 May 2023 18:25:18 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
572 B 36ms
6ms Image
image/x-icon 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 18:29:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20098
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 18:29:56 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
867 B 47ms
14ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.8886849237520618
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1748653
x-guploader-uploadid: ADPycdv8qge5fWlwp9rZXF6LbyExXl2o9Iy5jHQbOEZ0qlQxv_isrzPT7gE5TvR4yPQIXKy-veOtsiFQ4Jd5X0X9m6yejQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZmSN%2B0V6HwzonvznUTBAz0xu4a8ZWphbmr5ArkarCLvZyiGQn3PpQSAo%2BMNZe%2Fdgz1y2%2Bd1bUEeOukynCKOhN7muFklcRre4fKYDq4jBC6PnUxwT7LME0aTZcq5uwUHS5T3MtMn4lcOPrwS4g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7d3ce14e4be13809-FRA
expires: Thu, 18 May 2023 18:25:18 GMT

GET
H2 204 abtests
am-trc-events.taboola.com/gomedia1-theonion/log/3/ 0
230 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/gomedia1-theonion/log/3/abtests?route=AM:AM:V&lti=deflated&ri=cef51a09454f3e74b1e5e6318c400237&sd=v2_5bfba807982109e119c5eee3eae5f91c_2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5_1686182693_1686182693_CIi3jgYQ5LxeGJyUyMKJMSABKAEwODib4wlAjIoQSJGs2QNQ____________AVgAYABo___734HB_v8JcAA&ui=2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5&pi=/&wi=3642577999104193222&pt=home&vi=1686182693404&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%2272.46875%22%2C%22eventTime%22%3A1686182694146%7D&tim=00%3A04%3A54.146&id=7967&llvl=2&cv=20230607-31-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 08 Jun 2023 00:04:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 18ms
17ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-142218-33&cid=1322708686.1686182693&jid=116124527&_u=aCDACEABFAQCACAAI~&z=1314026647

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 37ms
17ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-142218-33&cid=1322708686.1686182693&jid=116124527&_u=aCDACEABFAQCACAAI~&z=1314026647

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 146ms
117ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:54 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 148ms
119ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=yXhgxXPT&w=5197056576585728&o=5726495427264512&cv=2.1.12-7-gb1eec29&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.theonion.com%2F&sid=brbPgv3T&upapi=true
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 08 Jun 2023 00:04:54 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
483 B 43ms
19ms XHR
text/plain 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=365217&u=https%3A%2F%2Fwww.theonion.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1UbiLI7ljOqFHGxggGYtX7OMB8bz1w5%2BNU200M3bDCJ%2FVO%2BIQ4h2IolUr3jYfpxtlzCD1%2Fs0t2NAgsJ4Eik4VETPetTLnQIyrtyonU3GvmLctWUDWCU0CLHF0oBapPLuThv1MHF9Y8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7d3ce14ed8a02baa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 b-e09f10f-4415d417.js Show response
tagan.adlightning.com/gomedia/ Frame 0FF9 77 KB
29 KB 7ms
7ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 895fe95f9252951d1b3acfba50546376d3224bb5a19fa40df3be17e6571e844b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:27:04 GMT
content-encoding: gzip
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id: W1DH6jDxNN9jfL9k8Lwxuy3R7DRroyh6
x-amz-cf-pop: FRA60-P4
age: 200271
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29341
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:51 GMT
server: AmazonS3
etag: "2bdbd3c490a4d678a49da1f2123b95f8"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: PtrJUAwVPtp7-LZjLahqALgVmTNg9teGWQ2KqsfviS8VhyE3nWhylA==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0FF9 175 KB
55 KB 52ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 00:04:54 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 0FF9 8 KB
4 KB 135ms
13ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&seltag=1&sadv=4531748607&ord=2260375129&litm=4601586157&scrt=138271806400&unit=728x90&splc=152253218&adu=22405397127&adsrv=104&btreg=4601586157138271806400&btadsrv=4601586157138271806400&cb=1422380071&region=70dvtagver=6.1.src
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3161f812469fd0552b9863a8bf904c86342db3208368ef4460329fe5fc2f8863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 00:04:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2023 09:15:55 GMT
Server: UploadServer
ETag: "71b8beedfc8712992269775dfe385a4e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: ak_p; desc="1686182694418_34664206_79702090_7_402_12_25_-";dur=1
Content-Length: 3374
Expires: Tue, 06 Jun 2023 09:33:39 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0FF9 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNB3kaQFgaz_5TfflE-huK8LUuncnJ7vQu5tYdAO9oaUkK0ORlVq3pvJR5F9ZlZ9Ktt4PwL43sKD3KT60v6OIHu-7kweGY16Z6tmyShaDCadmQQze12STFEsnLdnGFk_OubhgmwkvodrDFoM_sOGzi-2J6VGZDLEdh9Fciyu5ySOZsK4GgY2Nqv3A8IJZcUbI5xfVLaRSTA6pfPitQlrbywlUwUHyuohbet5OxEWOXP8ffhUKkPCks88cy3uCMkfsorw5hEDKl29i7tFL7UPjtYth7BPZoT7peWZ07E2IvnflflTBXp_5XMqz_VfAV4GxNuZUps-teJSYCoQM&sai=AMfl-YS6j_LtzlVVhgWAKVdUoO5Y2CLuy53lF4Bf9AzsVPxQRSgjKbNr-Ovuwrf8j_wf8w_-OKpmXmneevsFHzCsuTjgQ2461InL0TIt4SvFTFp5o2JpuLmNZA7xEUO7lg&sig=Cg0ArKJSzMjbb2nz2yWREAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 style_banner_970x250_standard_7d44cb.css
cdn.mediago.io/js/template/style/ Frame 0FF9 3 KB
3 KB 56ms
6ms Stylesheet
text/css 13.32.27.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediago.io/js/template/style/style_banner_970x250_standard_7d44cb.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93e0d965fc28dca34b0a300a4d52370d9b6fabadcf0fa164cb0c6753f792f946

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: uZLJMoFKPauZuIMR_FpOvuWu6c7DG7K6
date: Wed, 07 Jun 2023 04:41:10 GMT
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 09:07:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 69825
x-amz-server-side-encryption: AES256
etag: "529c45590489c4faa02f32cfefe88610"
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2743
x-amz-cf-id: 3l2Oo6iQ2c9zqeoXQLVd5WiZU8ROtpgIlA0hktVIX6iQI3LdpVLdfg==

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/233/ Frame 0FF9 80 KB
28 KB 70ms
15ms Script
application/x-javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/233/trk.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 096ef6644ebed2ac191e5a20c7c5bf31a24d8739912e2142003fdaa469a13aa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: Wed, 22 May 2024 13:37:49 GMT
Date: Thu, 08 Jun 2023 00:04:54 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 1333626
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27646
X-Served-By: cache-lga21923-LGA, cache-fra-eddf8230050-FRA
Last-Modified: Tue, 23 May 2023 13:36:07 GMT
Server: AkamaiNetStorage
X-Timer: S1686182695.637295,VS0,VE0
ETag: "9016354863c2896e70daab6e27775aa5:1684848967.582788"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 11, 1361303

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 0FF9 0
929 B 93ms
16ms Image
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.theonion.com%252F&e=wqT_3QLGFejGCgAAAwDWAAUBCKW2hKQGEITc5f7e5KraKBgAKjYJ4Sh5dY6B6T8RskLbewJy5j8ZAAAAIIXrF0Ahsg0SACkRJNAxAAAAgD0K8z8w-djzCjjoO0C4aEiRBFCa8pi1AViegnhgAGi6pmR4pPQFgAEBigEDVVNEkgUG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqA7oRCo4RaHR0cAEv8NB0cmFjZS1ldS5tZWRpYWdvLmlvL2FwaS9sb2cvd2lubm90aWNlP3RuPTM5OTM0YzJiZGE0ZGViYmU0YzY4MGJlMWRkMDJmNWQzJndpbmxvc3M9MSZpZD03Yjc1YWU3NGNhNTBhYzRjNjMyMzc4MzNlMzYxY2E2MCZzZWF0X2lkPSR7QVVDVElPTl9TRUFUX0lEfSZjdXJyZW5jeT0ke0FVQ1RJT05fQ1VSUkVOQ1l9JmJpZF9pZD0ke0FVQ1RJT05fQklEX0lEfSZhZF9pZD0kexFPAEEJFwWTgCZpbXBfaWQ9MjkzMzE1NzQzNjc1MTE3OTI2OCZwcmljZR1r8E9QUklDRX0mdGVzdD0wJnRpbWU9MTY4NjE4MjY5MyZkcD1kOWM5aDBQMEtEclRBaHVyOVprZnZyckVFRlZFUXZuRzVzSm03UExBS1BBJmRzcAV49HQIMiZ1cmw9U0dhWmVuNnhGcEI2U2lRbGR0TE1nOUhJWTRTS05wNjhDb04yYl9kVFV5RF9rUFllaEkxTXJCdHIyekdsOFU2RExlQ0lhd0UxMWZhdDROVi1ta3lKNVVQaVptcUtVeVNuMFpDcjJBUUhicHViNGcwWHQ0S1QwS3AxTnhJRXpqTm1CcDNFTDBqWXB2OXRndUdiMmZfQVAtRWJRanVLZ0pHRHVTOWtrWFJoLUNXLUxZbEZvR19KRndKcUJhMHk1MEFFY2VxRV9UNDMzUzRDckxkNGZGZ2diWlpvdnJySWtKaUlhRmtubXFzM1lTcFBCMG16cjc0VU40bzZWbVN1WXh4bmRDd3k3YlZGaUdzUWxmQ3BaRVNCUzlvaGtadFRsRnZJaENQekdBMlhqZlNIa2dUb2c0SHpycEpwX21Ia3hiYkpiTWpJQkFNaExOTk5FN1hqdkp0Q0hJcWZ0ampKc3FqMVZ5Q0JZaW53U0VubmN0Ny04aG1Ua3NnS1ZicUduU3lHQ1BQeUktZHRjTGdvb0l3TjAyTG1KV0hEYmVhNGR6WENDX2JONzN0SjhmZGFQNEtDRnVjTjM3OWdsNkNWbXNLVUtMMXB4WTd0eDZid3lsR0RvalB0cWJOMXE2WmN2UDNMcEtVMmgtb1dHaDNpRlZmR2hadWNvQjdGV3FKeGI4LVhGdUcxcGQyY1VrV0FFTlNqLTk3amhrcHRSUWNBN21SZzAzUzdmbDhSR3czWndVcmcxMVZ4R3U4QV9CTHlsNWx3cnBBV01mUDluUkxTNWlPSkhzQ3VmenNnVGxZRi0wa2JmU3VtVkJkekN2LUVOM2dWalp5T3ZxanJOWGtHVlV3T1FqVURLbVlmcm5QZFE4UENNRXlXMlctWlplYVdXU2dGbDBGNVhHTm1CbWthSG54dXZIMEZQRjZIanAtdkNhVjlidkswWmlBWmRsS3U0LXkwNWl6c0dTYTNZTTdXdWhMdEZMLWVGaVNlTXFHOVdyMUlub1B0ZmdRd0d4TW9oZ3N4NU5qSEtlU294VWU0eDBGZ21IYVBwVDh1QmdlbjNRQXE2OUsyM2pOUS1PVi1LZHZlTjYyV3JnYl91WC1qQU5qaGx6Z1RuN0VRS0Z6MFpVMG9iMklNbUd0VUZYZXE4T2JZN3ZYU0llbHdXbHFaNGFyaWFtQW5aWktkRzB1S2VHamxOdmMwdl9POGFqLThhdzdCaDRJQjU1U3pEY2tkMVVnazhVeExRU0FHNS1IWHItdHdCb2QwTmhPZkdfUWxIYWs1MF9GMlM5a3FJbWd5ZW5oM0FYR0hZWmV3MDc0OTBLeTFoMU1xQ2d4RE1BeGt1UDhla1E2b2JwajVqN1pCNW1zaFhsaHJzRkVUU1NuWmNxUzQ1Nk8zLVpvVUM4a2NsOGZUcjdPaXJzbHpSR01sNlBvNWptZllqWG9WQ2RmRl9QYlJTSFQxSS1OTXRtTVMyZ0RaRk1SZUNUSU1kVnpuMGpfVEtFbUpXMi1ORnRHSEw3aHFHRVhGMWxZYlZ4cW5UbGdtTEdyb1hBLU14MDI0TkIzSjBiMTdhanpBMmU2aW1zQ2FCTFBBT2djQkJhZGY0VEdzNktmMVV1Tm54ek5tbjFaOThfNU5adldzcVpvc0VTNEVBNHo2T1hHci1xbXp1VHZIdDhUTHFIdm5sTDlTLXNNMHJ0dUt4Q0pvXzRrQmpxMkFSWnVIOXE3ZGp1OVVDWWNmUGVGUlZNQ1JKU3dzYk5FN1c0b2VocVN0cm1zaVc4QVBIM24wcmJmSEtycUswNmNnUno0Xzd0eGtheVV0V21WMThmc2c0eElNWW53QzN1SDNLR0RBc2VrXzRzakYxcFk2MmIxazVabURYTE1TQnhvWi0zMlJuNzF2aDFzOTVBMERqUnJkZVBrMWdndlhWSnQwOXV0SldoczdhbWJqR0h4WURxbWdja0IyeFh3TDE3dTBsRFBkdUNQbEpJdkZyWVowVzJYeklGeW9jakNlWnpxeUR4Z0xQX1pCcmxpX3MzNEpVczl6cjF5MHZvSXIxWU8zX1pqZ25kN19OeVV2dVY4MDZyY2FQSTdzYkNUQnhvcGlVMElpMmljTFNWVlRtQWl3R2FSWlBnU2JrVjc2YW95cFU1QUZ2YzJvLU83WWI3S2dYeEZFMjluMTJiT29NRGZQRXBiV0xGbDFsWEdiMVhIckt0TjdVSnlzRE1lUU1tcl9ScWs4UFBRN3l1Z0NCbnliazJvM0xkNFNfUV9BRjdUNjNVZlpmRl9oaEloajNxSTRjbTlMQWRGR0dOZGtqVXY4bm9odS1FdzE2dFlnb2dhaDBubzRaZjRGZmI5OWNPSUYzeE9hMTIzcHg3YyZzcD1Ub1VEV01RNzhqVnRaTzRUaTcxZWdfREZUV3VWbUNIWGV1NnRod0sydGtBGhMyOTMzMTU3NDM2NzUxMTc5MjY4IgkzNzk5OTIzNDYqB01lZGlhR2_AA6wCyAMA2AOOsSTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS4zqAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEp425IsgEANoEAggB4AQB8ASa8pi1AYgFAZgFAKAFk6qckaGeyN1wwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFqrNG-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBtWvBdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBzE3NzIzMTTIB6T0BdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHh-MCiggCEACVCAAAgD-YCAE.&s=52c7cdf26cc4bab10b0f684ba1c9e4159d22cdfe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:54 GMT
AN-X-Request-Uuid: 704b3adb-d32a-44cb-90e1-fd565801dddc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 b-e09f10f-4415d417.js Show response
tagan.adlightning.com/gomedia/ Frame 5EB2 77 KB
29 KB 8ms
8ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 895fe95f9252951d1b3acfba50546376d3224bb5a19fa40df3be17e6571e844b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:27:04 GMT
content-encoding: gzip
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id: W1DH6jDxNN9jfL9k8Lwxuy3R7DRroyh6
x-amz-cf-pop: FRA60-P4
age: 200271
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29341
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:51 GMT
server: AmazonS3
etag: "2bdbd3c490a4d678a49da1f2123b95f8"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 9kFt7KDZEkz9fD0sG3b2xyFws_6QrwXg5RQ_HKsNu7w4W161T3okiA==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5EB2 175 KB
55 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 00:04:54 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 5EB2 8 KB
4 KB 24ms
24ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&seltag=1&sadv=4531748607&ord=2260375129&litm=4601586157&scrt=138271807375&unit=970x250&splc=152253218&adu=22405397127&adsrv=104&btreg=4601586157138271807375&btadsrv=4601586157138271807375&cb=232953696&region=70dvtagver=6.1.src
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3161f812469fd0552b9863a8bf904c86342db3208368ef4460329fe5fc2f8863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 00:04:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2023 09:15:55 GMT
Server: UploadServer
ETag: "71b8beedfc8712992269775dfe385a4e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: ak_p; desc="1686182694639_34664206_79702091_7_672_12_0_-";dur=1
Content-Length: 3374
Expires: Tue, 06 Jun 2023 09:33:39 GMT

GET
H2 200 b-e09f10f-4415d417.js Show response
tagan.adlightning.com/gomedia/ Frame FE88 77 KB
29 KB 19ms
19ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 895fe95f9252951d1b3acfba50546376d3224bb5a19fa40df3be17e6571e844b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:27:04 GMT
content-encoding: gzip
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id: W1DH6jDxNN9jfL9k8Lwxuy3R7DRroyh6
x-amz-cf-pop: FRA60-P4
age: 200271
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29341
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:51 GMT
server: AmazonS3
etag: "2bdbd3c490a4d678a49da1f2123b95f8"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: L5wbFMys2RVXW6PgpESJsl9dAsRYssAaNi9phVr9vfwznKiFArgwQg==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE88 175 KB
55 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 00:04:54 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame FE88 8 KB
4 KB 21ms
21ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&seltag=1&sadv=4531748607&ord=2260375129&litm=4601585758&scrt=138271807375&unit=970x250&splc=152253218&adu=22405397127&adsrv=104&btreg=4601585758138271807375&btadsrv=4601585758138271807375&cb=768511596&region=70dvtagver=6.1.src
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3161f812469fd0552b9863a8bf904c86342db3208368ef4460329fe5fc2f8863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 00:04:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2023 09:15:55 GMT
Server: UploadServer
ETag: "71b8beedfc8712992269775dfe385a4e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: ak_p; desc="1686182694694_34664206_79702253_5_443_16_0_-";dur=1
Content-Length: 3374
Expires: Tue, 06 Jun 2023 09:33:39 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame E090 422 B
349 B 18ms
17ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8OkUCLAbYhoTN5h365xGwDQmbzTv0zysAAABgYID-AEnMXI7JbrRZSxYu01q0Mi7WEodjs5Z4fMuVYeGxrFaeISCJmcsx2Y02a8nCZVqLVsbFWuJwbNYSj2-5Miw8ltXKMwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJwwC6n4fr0-QMAAAAACAAAAAASAAj9PCUAZEgET_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyCzWZ8JHUgfiBToFWEEAAAAIBvocuDIJJ2gYlHl__-_3wrAFQCAAERMKQWmLLqDEm9hAAAAAMTgZchXKVEbpo5ZoIfF7zc77Bq_22X-_________838n_lHI9QER5om6KjwQ80vIADAml9AAAA24wYA4I0AnJCTgabT4XPd63W_3110dPntTr_drvG7_aJD0IrBYHUCYnYAAAAA7vz____jwcuQr1KiNkzVA1ITm8VhHOyWw8lisFw5FsuNa-VyeVYOl2vmXGy8p4ds8r-43Lymj4iwzH7fQch3uwwPn8sgKrreFrvDafYcxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9GYjFaIAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRGMTEzG0WDjWCssk41btDBZ1srBYLUWbSwri8e4XA0WG7fo9TFdfAuHYeHaIsGAkr1InhbpROOyuRYLw3K0Gs08K99o4li5VrbNYrgxDQaTzW4ilmhOFulEdtm3JjaLwzjYLYeTxWC5ciyWG9fK5fKsHC7XzLnY-CsTk3E02DjWCstk4xYtTJa1cjBYrUUby8riMS5Xg8XGLXp9TBffwmFYuPaN2XC2GE5my82-MRvOFsPJbLnZd5hMz9TnbLTGxJePynw131wqm9OgcBks3p_EtJh2ZwfVyXd0qjzOZVFn9Pv9fr_f7_f7_X6D1nMwGxS-v9_vbUZDCr92nHIcDIpYIrhIJzq_22VyOhxr0dHltzv9dotYojRdpBN90e92GR4-l78ilghOF-lE6He7LOo_YpDFbi4bzRWrxVyzSgAAAAAAAAAAlmCa6SYAAAAATgY1XC4Ws3U6mMlwthjNlgvgwpNM14_6Ro-2MNLYLpnGBLILIRnjYo09FnF-t8vkdDjWoqPLb3f67VYGcOFpxWyzzwhirVbLGgAAgAA2AAAAAW668SYwdYr7____HwcAAEBGDj0AAAD6fUBT0AAAAAAA_ApiMdkM9g9AhVir1ep2Y61WCw!&cmcv=&pix=undefined&cb=1686182694690&uv=3288&tms=1686182694690&abt=nonrv_vA!t45!testmsn_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=1fe12743-2ae4-4e81-ba13-bc79e0ac25e3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 84da9d75f50c13dfaf3794682dadba0c6917bba32c63977eb49fa00fce849f02

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Thu, 08 Jun 2023 00:04:54 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230056-FRA
x-timer: S1686182695.697107,VS0,VE9

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 54FF 577 B
662 B 47ms
19ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8OkUCLAbYhoTN5h365xGwDQmbzTv0zysAAABgYID-AEnMXI7JbrRZSxYu01q0Mi7WEodjs5Z4fMuVYeGxrFaeISCJmcsx2Y02a8nCZVqLVsbFWuJwbNYSj2-5Miw8ltXKMwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJwwC6n4fr0-QMAAAAACAAAAAASAAj9PCUAZEgET_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyCzWZ8JHUgfiBToFWEEAAAAIBvocuDIJJ2gYlHl__-_3wrAFQCAAERMKQWmLLqDEm9hAAAAAMTgZchXKVEbpo5ZoIfF7zc77Bq_22X-_________838n_lHI9QER5om6KjwQ80vIADAml9AAAA24wYA4I0AnJCTgabT4XPd63W_3110dPntTr_drvG7_aJD0IrBYHUCYnYAAAAA7vz____jwcuQr1KiNkzVA1ITm8VhHOyWw8lisFw5FsuNa-VyeVYOl2vmXGy8p4ds8r-43Lymj4iwzH7fQch3uwwPn8sgKrreFrvDafYcxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9GYjFaIAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRGMTEzG0WDjWCssk41btDBZ1srBYLUWbSwri8e4XA0WG7fo9TFdfAuHYeHaIsGAkr1InhbpROOyuRYLw3K0Gs08K99o4li5VrbNYrgxDQaTzW4ilmhOFulEdtm3JjaLwzjYLYeTxWC5ciyWG9fK5fKsHC7XzLnY-CsTk3E02DjWCstk4xYtTJa1cjBYrUUby8riMS5Xg8XGLXp9TBffwmFYuPaN2XC2GE5my82-MRvOFsPJbLnZd5hMz9TnbLTGxJePynw131wqm9OgcBks3p_EtJh2ZwfVyXd0qjzOZVFn9Pv9fr_f7_f7_X6D1nMwGxS-v9_vbUZDCr92nHIcDIpYIrhIJzq_22VyOhxr0dHltzv9dotYojRdpBN90e92GR4-l78ilghOF-lE6He7LOo_YpDFbi4bzRWrxVyzSgAAAAAAAAAAlmCa6SYAAAAATgY1XC4Ws3U6mMlwthjNlgvgwpNM14_6Ro-2MNLYLpnGBLILIRnjYo09FnF-t8vkdDjWoqPLb3f67VYGcOFpxWyzzwhirVbLGgAAgAA2AAAAAW668SYwdYr7____HwcAAEBGDj0AAAD6fUBT0AAAAAAA_ApiMdkM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 85a79cb190531ed29057b7ee690bea19b331ac05c833e884053c44bfbd58db9e

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 08 Jun 2023 00:04:54 GMT
machineid: 3407
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 71ms
23ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8OkUCLAbYhoTN5h365xGwDQmbzTv0zysAAABgYID-AEnMXI7JbrRZSxYu01q0Mi7WEodjs5Z4fMuVYeGxrFaeISCJmcsx2Y02a8nCZVqLVsbFWuJwbNYSj2-5Miw8ltXKMwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJwwC6n4fr0-QMAAAAACAAAAAASAAj9PCUAZEgET_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyCzWZ8JHUgfiBToFWEEAAAAIBvocuDIJJ2gYlHl__-_3wrAFQCAAERMKQWmLLqDEm9hAAAAAMTgZchXKVEbpo5ZoIfF7zc77Bq_22X-_________838n_lHI9QER5om6KjwQ80vIADAml9AAAA24wYA4I0AnJCTgabT4XPd63W_3110dPntTr_drvG7_aJD0IrBYHUCYnYAAAAA7vz____jwcuQr1KiNkzVA1ITm8VhHOyWw8lisFw5FsuNa-VyeVYOl2vmXGy8p4ds8r-43Lymj4iwzH7fQch3uwwPn8sgKrreFrvDafYcxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9GYjFaIAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRGMTEzG0WDjWCssk41btDBZ1srBYLUWbSwri8e4XA0WG7fo9TFdfAuHYeHaIsGAkr1InhbpROOyuRYLw3K0Gs08K99o4li5VrbNYrgxDQaTzW4ilmhOFulEdtm3JjaLwzjYLYeTxWC5ciyWG9fK5fKsHC7XzLnY-CsTk3E02DjWCstk4xYtTJa1cjBYrUUby8riMS5Xg8XGLXp9TBffwmFYuPaN2XC2GE5my82-MRvOFsPJbLnZd5hMz9TnbLTGxJePynw131wqm9OgcBks3p_EtJh2ZwfVyXd0qjzOZVFn9Pv9fr_f7_f7_X6D1nMwGxS-v9_vbUZDCr92nHIcDIpYIrhIJzq_22VyOhxr0dHltzv9dotYojRdpBN90e92GR4-l78ilghOF-lE6He7LOo_YpDFbi4bzRWrxVyzSgAAAAAAAAAAlmCa6SYAAAAATgY1XC4Ws3U6mMlwthjNlgvgwpNM14_6Ro-2MNLYLpnGBLILIRnjYo09FnF-t8vkdDjWoqPLb3f67VYGcOFpxWyzzwhirVbLGgAAgAA2AAAAAW668SYwdYr7____HwcAAEBGDj0AAAD6fUBT0AAAAAAA_ApiMdkM9g9AhVir1ep2Y61WCw!&cmcv=&pix=31589837&cb=1686182694690&uv=3288&tms=1686182694690&abt=nonrv_vA!t45!testmsn_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1686182692029!ts:1686182694689&mntl=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:54 GMT
content-length: 0
server: nginx

GET
H2 200 b-e09f10f-4415d417.js Show response
tagan.adlightning.com/gomedia/ Frame B6DE 77 KB
29 KB 19ms
18ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 895fe95f9252951d1b3acfba50546376d3224bb5a19fa40df3be17e6571e844b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:27:04 GMT
content-encoding: gzip
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id: W1DH6jDxNN9jfL9k8Lwxuy3R7DRroyh6
x-amz-cf-pop: FRA60-P4
age: 200271
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29341
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:26:51 GMT
server: AmazonS3
etag: "2bdbd3c490a4d678a49da1f2123b95f8"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 798Tz04VFmp9EWXzsDtSrI5Faj9gctrnqY5AbemQTabSAVMzD7tZXQ==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B6DE 175 KB
55 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55943
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686137816735621"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 00:04:54 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame B6DE 8 KB
4 KB 21ms
21ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&seltag=1&sadv=4531748607&ord=2260375129&litm=4601586157&scrt=138271806403&unit=728x90&splc=152253218&adu=22405397127&adsrv=104&btreg=4601586157138271806403&btadsrv=4601586157138271806403&cb=48184410&region=70dvtagver=6.1.src
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3161f812469fd0552b9863a8bf904c86342db3208368ef4460329fe5fc2f8863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 00:04:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2023 09:15:55 GMT
Server: UploadServer
ETag: "71b8beedfc8712992269775dfe385a4e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: ak_p; desc="1686182694761_34664206_79702302_5_367_15_0_-";dur=1
Content-Length: 3374
Expires: Tue, 06 Jun 2023 09:33:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
54ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306010101&jk=1220447003984965&bg=!LC-lL3vNAAY9J7QfHSc7ADkAdvg8WpOUdztRPJMN_RJdnvoKOR1J-0gi92cZCes5B0OYT2Smx2Z0a09ECAENQlkzc2pFqdWk8tUCAAAAX1IAAAABaAEHCgBfqtS4HnXksg1NQvj578hA1fQ88ZNIC5vw46MainFxmvZSUlvXJXXduEI71l27bm9TNOaFq_mkDjrXpsb8WuRdJF19BMBEhC8CB0UfUaKuummiFRyAqt_NKzIFhZ816HmZAub7kSO9MuTxzXWPaJv_4UCK-f_M5wi49rQYod37RaDYGrHOKw1OqBC7Y-hSpTS3ydCyF2MkwoxGLcbmNuflnzRxA2g6ZiJ15bRtyOjzz-F9Sy-_I3GAEjVf5aBb64kCRoy3NijdNdx-zzWXeMS78r6EvdaGx_7o8V7bt0q1ojbpS6ece-gG6o6tuFStL6kQmfBMQLV97siCJC9kkWR8ofrjQ4lQ1adbSSmTI9e-Ur8WSZxW-WX0oi0oXexQdkeafumuQks2S5wd7ZelyLF02k-g4SwJXvpABRURhsY_oZ7gYmZLvPSfSLMYQDvc1c61-dzFyJyFu6LS5M6roSE9p8wirphUgt1papfARymFfFwG5FpJw7wOx-fxYN5L4dEwyojwsrMWA7vvjLf9N3prQ0rG5pW_E5linhH3WU40uDCjeCTsQliQSrygA5-wHRlyyGJRYBikEDyNP1HuHCr0Fp6_G6VY3wQB2bm3Y5DRpUB4dzG6sO4pmPP7MwAqOrEx5SHLBjKL6HKG0rTq2OV8y6zE3QYsCK7YYvW35rOmwrkOM5juc6iJ_IFc5oMVS4FNz7qSmEFhe81TJHKoLrm0LIajyzT6z6gojYcb4M-fQlzuNbLQDpy7yO6Uf-UX_eHYopjGOuPNLR63p6Djfqxefjxu6ln8LW7aiIKr0Tv8L9SZZ3cpPpP0LM1G2X01bzt2Lv9MCjYp_b1x8WXveFIAyPjbq1pHoA2lGbQdThr2JGhM47AkfF1dlEhf2QDj4aEhzpBNCY30ttOEU2Wv7CZx_BrV3DIkeDHeiKoahrO8iuObP8w7xMczy_18BAGDSujbVMmKXooMQGb1FMPHg2H2_UrYXgbdpABdxn2Ly6tZRY60y4uHIHw2myRc6YL0NdOFmrPLFtnUX8Glu7F6kP4gjHWzv79HO1b4wkRUQNfLXTz-b8AnwFLtQ-PXBYRblOrJhg9kibKiNuq90JOm_sIZpc0H3YI2r6Aq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 200 c5060262564012214fe6aea2cb5c74da__scv1__300x175.png
d2cli4kgl5uxre.cloudfront.net/ML/ Frame 0FF9 114 KB
114 KB 74ms
23ms Image
image/png 2600:9000:211e:600:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2cli4kgl5uxre.cloudfront.net/ML/c5060262564012214fe6aea2cb5c74da__scv1__300x175.png
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:600:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5cfb1037075cb57541adf2406c2fa1afd4dbdb871ae23130d949185087da7103

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: QnrvitjnImevEUyjHrXufHvIzWJ7c7YB
date: Wed, 07 Jun 2023 18:42:44 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 19436
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 116452
last-modified: Fri, 19 May 2023 13:24:55 GMT
server: AmazonS3
etag: "78e823a90306848fbb45ce337cbc55c3"
vary: Origin
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: BTDtSQIRA4YqG2Xu3ZPBZ-q_UF9ugboxV6tc1pq8PxMzREpByAJphA==

GET
H/1.1 200
OK blue-arrow.png
onlinertb-us.s3.us-west-2.amazonaws.com/js/images/ Frame 0FF9 28 KB
28 KB 1248ms
220ms Image
image/png 52.92.251.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinertb-us.s3.us-west-2.amazonaws.com/js/images/blue-arrow.png
Requested by: Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/template/style/style_banner_970x250_standard_7d44cb.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.251.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bf282b4ef41bf52ed9cb27a33190fdcf162f28a2c126beabaad623eef16148d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.mediago.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 00:04:56 GMT
x-amz-version-id: null
Last-Modified: Thu, 10 Feb 2022 06:05:51 GMT
Server: AmazonS3
x-amz-request-id: F57NZ4WR8VVQX2V9
ETag: "3da1ac71a612038f43614f4891129b18"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 28511
x-amz-id-2: 5r6+eKmx+vrbq7zMiOQX/v8x6oyMpny8+hucYF7khO8oCCcl98IYcb+BJ7JVmUf1dwi6BeYxq3Y=

GET
H2 204 ic
trace-eu.mediago.io/ju/ Frame 0FF9 0
111 B 115ms
28ms Image
text/html 35.214.168.80
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace-eu.mediago.io/ju/ic?tn=39934c2bda4debbe4c680be1dd02f5d3&trackingid=155d5883466d3d826fd8ff99fbd9a9ab&acid=21014&data=bNT5KIXSz4qummxW-BUeVSgcz8f962qiCCqPpCT40chTWofeXKza_s62GB9lI0AeSFM8s68wU5xQmKpQmbV-zKQK5L5rhYgp6wWrkTU72-W6fWr2b_pwNk2-XC_UFZ3cC60C-nxXkAAWFI1NZNnABiBqN265Dd9xeldcVr7BQ8ugJBDxf0ubEWULM5YNf0oqicXyLhZKson4INwm3Y1zH7ZJcv1WCvlE9MI7HVPMqUwonLSlPqamig0_pCfAKLOg_FLF5NADjawTA69h9SpcTS7qUOfYupyWEvh6NwZ5nh_cREr6KNXfHRBTfZ77O4RSW_DwOiq6vEZ_6djBrR-Si_HefJQOA2d_ywIPqWCmW1606C4g1onS539fZ3hw7xpYxRdOGeQuLYrb6VDSHfnhaYZLJAs4fRQTBGLtZ_-K6Oq6p_IK0RpP0RBENCKjugWJkJji3GQg72sFRa8Ayct0KG0kWWiNYKz_SZwF0au6cPqzAfzhhTDrUg49EpL5fO8sVyZIP3EcyfNV2xrmXVRXNNu9kkc-do0SDb644HhBHTqQ6XH_ZVxnQffmnh7fuuYUBwk9V9AYnZSLo39_uFsD4iK9v3_SBefmdX7bEgOYu1x-gBG0L1KE3WosFoO2VlL-bQDMt5EhN0sV9fK05oCJn0OxFOEMPTjLrJ2ZSrKhJ4GggV1KMwFEd-0KGXvF_DRgF8scTyHtiog42CVzu0yCMLjEMGRONlwyvzNmPF8bSC5NQubXw4lbRh6Ukew5rM6NfpsBI0iIcHqNGUzTwOn0TOm8iuimdcZurAHGFY6cUK_Xg9yHSigwtAN2KqSNxCHeu4vPSzafo1BA_xOydHpYT-AMcId1LJcBUQe2KgbT9nrqyhxQRDGHcuBCo9afQVqb8ve5HyiwfgqGt1reG1gdGanCVk-f4U5Hy_nfgouukk6hOqlMi4jbHnRP9tAkC1pud5IbQN_8edBIl700cMMUChuaUFZaDssCsq81E6jh7674BTux9b-roLVPeXAUQ_oJKjmZmThFGrhcUvCppfE3uiPPHr9y0HCMkyxuEtOybp4&uid=mid_6a81463d5e3fc0656428b04a94f84c17&mguid=&ap={AUCTION_PRICE}
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 80.168.214.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0FF9
Redirect Chain

https://trace-eu.mediago.io/cs/xandr?rdid=7b75ae74ca50ac4c63237833e361ca60
https://ib.adnxs.com/setuid?entity=529&code=6a4ad7962b6e34d5288849ab134a4550

43 B
1 KB

13ms
13ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=529&code=6a4ad7962b6e34d5288849ab134a4550

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:55 GMT
AN-X-Request-Uuid: 8862ce65-d1ca-4d3f-9c91-6d3097bd95ee
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/setuid?entity=529&code=6a4ad7962b6e34d5288849ab134a4550
date: Thu, 08 Jun 2023 00:04:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 0FF9 0
929 B 21ms
21ms Script
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.theonion.com%2F&e=wqT_3QKaBOgaAgAAAwDWAAUBCKW2hKQGEITc5f7e5KraKBgAKjYJ4Sh5dY6B6T8RskLbewJy5j8ZAAAAIIXrF0Ahsg0SACkRJNAxAAAAgD0K8z8w-djzCjjoO0C4aEiRBFCa8pi1AViegnhgAGi6pmR4pPQFgAEBigEDVVNEkgUG8P2YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOOsSTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS4zqAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEp425IsgEANoEAggB4AQB8ASa8pi1AYgFAZgFAKAFk6qckaGeyN1wwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAeoFDAoIVGhlTwG_ZBIA8AWqs0b6BQQIABAAkAYAmAYAuAYAwQYABQEs8D_QBtWvBdoGFgoQBREdAZgQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxNzcyMzE0yAek9AXSBw0VfgEwCNoHBgFocBgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgB&s=9e7bb7da261a1d660014fffc63fd483d745b890e&bdref=https%3A%2F%2Fwww.theonion.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.theonion.com%2F,https%3A%2F%2Fwww.theonion.com%2F&

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:54 GMT
AN-X-Request-Uuid: 21162b52-9c98-4489-99b7-5ea3236e2ac3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5EB2 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuK2cTUPb-9m79c0GBxpH0AbL9Zk5C4Y5Vcz_WVcOAyDE9vtv6N7KRF1_YLouyKAUC2tWj-K4Zu9SpZXv0YaqMSAk4mNmI6YZyhpyaf1ip1SQrjXhJvhBmPRbINqrImrK8NIpyPwfzx8zU83LMEpj2U-IepWwFOZdJ0R0JElDLRnrxuPJJLZzQO6MjLyDHfdPhZmza2kf3ShzDIR1jtSB5hkmheILUz9jVL9ogAGHyxgM3gZXwOMwX08Vd3zfJ0PKzUF_r_hiyXoe8jDoL1Lu_cy4bcIqz4KuW1uRkuJ6dFTLgbyqnQ_hcScW9FmDmERhWgSzhlLlLKVAcY1A&sai=AMfl-YSH2Ik6NdMpMrZxQukcpKCxSrDsHe2rIjJaT2dwtmFbQ5HdsRlWzdehowxeCIJoPz-DSXGkQtwDr6HcopyNl6zlGcnj0AD83PYpZitgIpGoNVz-iPG0CL0qkYFfog&sig=Cg0ArKJSzB-45_QSmGZuEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 style_banner_970x250_standard_7d44cb.css
cdn.mediago.io/js/template/style/ Frame 5EB2 3 KB
3 KB 9ms
9ms Stylesheet
text/css 13.32.27.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediago.io/js/template/style/style_banner_970x250_standard_7d44cb.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93e0d965fc28dca34b0a300a4d52370d9b6fabadcf0fa164cb0c6753f792f946

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: uZLJMoFKPauZuIMR_FpOvuWu6c7DG7K6
date: Wed, 07 Jun 2023 04:41:10 GMT
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 09:07:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 69825
x-amz-server-side-encryption: AES256
etag: "529c45590489c4faa02f32cfefe88610"
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2743
x-amz-cf-id: ZNWlkXGMbiNwv6pOgsxhbgTcdPhBtBF47SFswCvwLUJl6HE64EqRlw==

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/233/ Frame 5EB2 80 KB
28 KB 15ms
15ms Script
application/x-javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/233/trk.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 096ef6644ebed2ac191e5a20c7c5bf31a24d8739912e2142003fdaa469a13aa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: Wed, 22 May 2024 13:37:49 GMT
Date: Thu, 08 Jun 2023 00:04:54 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 1333627
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27646
X-Served-By: cache-lga21923-LGA, cache-fra-eddf8230050-FRA
Last-Modified: Tue, 23 May 2023 13:36:07 GMT
Server: AkamaiNetStorage
X-Timer: S1686182695.999505,VS0,VE0
ETag: "9016354863c2896e70daab6e27775aa5:1684848967.582788"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 11, 1361304

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 5EB2 0
929 B 30ms
29ms Image
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.theonion.com%252F&e=wqT_3QLGFejGCgAAAwDWAAUBCKW2hKQGEMCY9tn6scDbfBgAKjYJ4Sh5dY6B6T8RskLbewJy5j8ZAAAAIIXrF0Ahsg0SACkRJNAxAAAAgD0K8z8w-djzCjjoO0C4aEiRBFCa8pi1AViegnhgAGi6pmR40vYFgAEBigEDVVNEkgUG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqA7oRCo4RaHR0cAEv8NB0cmFjZS1ldS5tZWRpYWdvLmlvL2FwaS9sb2cvd2lubm90aWNlP3RuPTM5OTM0YzJiZGE0ZGViYmU0YzY4MGJlMWRkMDJmNWQzJndpbmxvc3M9MSZpZD0yYWVmYzZlMzU4NjE2NGQ3YzQxNTNkMTU3NWY1NmEyOCZzZWF0X2lkPSR7QVVDVElPTl9TRUFUX0lEfSZjdXJyZW5jeT0ke0FVQ1RJT05fQ1VSUkVOQ1l9JmJpZF9pZD0ke0FVQ1RJT05fQklEX0lEfSZhZF9pZD0kexFPAEEJFwWTgCZpbXBfaWQ9ODk4NjY1MzI5ODAwNjAwMjc1MiZwcmljZR1r8E9QUklDRX0mdGVzdD0wJnRpbWU9MTY4NjE4MjY5MyZkcD1PQzIwSEdHZDEzWFd5ZmJEdmlDc2E0YkhJMVpXbzc3RkxMaDNNMnBYd3hrJmRzcAF49HUIMjImdXJsPURmT1QwaHhvTEVtekpxN0p2N205d0hhQzBsbHZuMnZvZXFGT2lINXI5YVlZTGhyNExwdUZVZXloYTc5ZnJrMXVFNmxEYmFjNUJMcEVUUVJ3amFCMXROWG53OWtBYUNSTVBxSW5jMkxOX3dOLUFqZ2NVbWsxNWo4YXU2c3pJclNrSS12a2pNcjFUMUhJdzBRZndWTnZ5N0VzekZaSmRvYWV6bnZ4Yy14WWc4a25fbU1MNmw0Qm54N2NCQ2UxaHdDSjlPTE5QNFdEbWlPUU9sbVdaRVlRV3RvLWRwZlZHVFBORkVkb3FudjNFd3lKYUUxdEhMTUVhSHhvUHBNb19OSzFVN2o4aklQTWtkWW9zQVpkX1ljSmpFV3VvMzZfZkZjYVVYRnhFQVFRRk11WVRwSTh4OTRVZ1NzYUR4WTRJV2w1R3VqTGx1cy1BZjVVWWE0WUxIcVY3TmpBZkxoMVA5NTJubzJvQzUtbi05RXVSN3BxeGFHRjJpU1lVRjFsMllwUlJwd3NwTHV0LURGbXpRbGdrdjlXUkdvc0NsVldyUHdUVEpUVFd5QVNmbmVLUmNMVzB6ZW1lMnhsNGxJR2s1aUdPQU1KZm85MWc0X0d5SllfQUg1Tm5HMTJTYllJeGdnSGtXT192ZUJOQU5KU1BZMW8wN21yeHNWYWtoeUE3cDIwVUdSNlFTcmMtbEJWZFExdmI3UGNGZnBzcVkxemR6YU1sSHdCak9PT2tvWktqUGRFMzZjU3FXazdOWFlIakFmcER2Nmo3QzRFZ3JwLVlUMHNQVmNiOWJoWFgxbXRWU3Nwczk2b1Q5dXJzSl96NmpEWXktaW1UMF96SmNZLThwbXRXQlFSc3ZvV3hRTU9ZdHhXS0pRY2M2UENBRnNOWVM1UllqUkp6TFVRUXV6M2pzVDVhUjBhZjN6Z1lyWXRkdWd3YVJ6SzdSV1dvczVSRWhQcFAwdDZyX0VXTDd2eHNlWkNQYzIzUlZDY3J5ZkF4Q25uZnRWVHNJVExVRTk4QlE4U2tWOTZRenoxa21ISk1jV2ZMTDdFWTJWZ2lMR1hwRnFUZ0k2Q3NuN21MLVBpQmdMN0c0amM0bEgwQXczV0ZSOGFjbEhtYmptSjhjbk5hYU1EWmJpSTRKQzVjSkhtNm5WdWRtSWdBb3FlbEpkck9MODc1MFB0bDM5VTVnTlVJVm5rVm5FaGJpbTZ2T2ZFZkgxM0kwb3VycjI2aEdxUFh0T2lldUlPV09ldnJlbkZIejBaZXlhSThqTUtGYnk4cUV6a1EzRjU5d0YzVUhVQnlBNzdwVFExUDNXa2s5XzhiMWZ0UldtR1RQcFEzTUI5Q1otRDRrZDQ2N1VSYzdzTlFfYmJnenN2bHNzVklCWXVjWVdEQWpkamRHY3BKdWZ2bU1tWUI4TjU1bFJGcV83MnhkbjdZQkZCLV83WHNuWmkzNFpuUzlFLTJMSk9TcTFyOHpfdC1VSmx3SVB4aVRyWmtRWHk5Qk82Zm1INEdlOUpsT1dNa0U1eU1ka1dteDVNSEwzSGxVUHdaVmV0X0RmX2VWRzNEQVZvTUd4ZnY3bnduOHFYUTFtYWlzVHloY1k3SjBrLUI4dzJOOW5VdV9JcHBxNlZKYkQwZEtQLUcxNkFQb2FKZENMUDByRmxJclpQWXY2clZTaVpkenh1cUo0b2drb0d4Vk1RWDc2RFk5UW9hR2tEYVdnclN4WHloTXM0LXNyaHNBOXdGcU1ESjNoUUtHRVhsaWxGaTdudjJIZ1RvVkJoaUVQVzRfUGQzMnk1ejRVV0NiNUdyR2F4eWNtenNIWDA1WHRhQmU0bkZYNVZIa2NDUUVZZ3I0MDFrNjdJQXRmNFZGX1U3OF9ySXhqWEJUMHZob1BNVF9RUjQzNXF0X1o4dHZLckRlUFN2eDJHXzQwN0RiRWFQNlRVdzhVcXFPaTJRTDd3T2RBbUJaOTNmVWgzODNIV1ZQbmFJLXZ0YW1oV2pRMHFJaVNVTS1QekNCZzZpS1ZLT0Jjcml1SU01c0JHLXh1WXFsOWFxX25rdmRHSnpibkd3cmpQemJZRjlQSnlYQjI2b0JZQnFpcVpFaDBuMVlTX2w1NGRNdGt0aWUzU1NfdlExdnJZMUJKZENVZWRFNnVxS2VrZmFFN295OEpuRElXbWZxZ1RpUktmdjZiSkZHTThzVGRtNGc3Ml9fdkJoTkd3aktJOEpNdVlfZXZOZGJ1X3hxWEI3Vl9tVU1SWUw2blhSbkk0NkNydXE5R1FEZkNRcFB0NlVqaUZ4R3U5N1ZtUEttbXZ0ZlA0YXlpalF4azlFaWsxbGVpbmtpWmlvWm5CeXVDaUVaUEFGUmNPdWVaVzRkcldkTGcmc3A9ZkpVampGaVdtVUVvSnBLWHVpWG4yUkhTSl9wOHVocGJhazdNQjJtYU83URoTODk4NjY1MzI5ODAwNjAwMjc1MiIJMzc5OTkyMzQ2KgdNZWRpYUdvwAOsAsgDANgDjrEk4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDIxNy42NC4xNTEuM6gEALIEEAgAEAEYygcg-gEoADAAOAK4BADABKeNuSLIBADaBAIIAeAEAfAEmvKYtQGIBQGYBQCgBZnw57zdo4T-PMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaqzRvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbVrwXaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxNzcyMzE0yAfS9gXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgB&s=6515adc2ef6bc28de953b6c281d6adb42a53a7a8

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:55 GMT
AN-X-Request-Uuid: b2da28dd-8f0f-46fa-8458-a55b7872d5bd
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E090 70 B
264 B 38ms
37ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8OkUCLAbYhoTN5h365xGwDQmbzTv0zysAAABgYID-AEnMXI7JbrRZSxYu01q0Mi7WEodjs5Z4fMuVYeGxrFaeISCJmcsx2Y02a8nCZVqLVsbFWuJwbNYSj2-5Miw8ltXKMwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJwwC6n4fr0-QMAAAAACAAAAAASAAj9PCUAZEgET_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyCzWZ8JHUgfiBToFWEEAAAAIBvocuDIJJ2gYlHl__-_3wrAFQCAAERMKQWmLLqDEm9hAAAAAMTgZchXKVEbpo5ZoIfF7zc77Bq_22X-_________838n_lHI9QER5om6KjwQ80vIADAml9AAAA24wYA4I0AnJCTgabT4XPd63W_3110dPntTr_drvG7_aJD0IrBYHUCYnYAAAAA7vz____jwcuQr1KiNkzVA1ITm8VhHOyWw8lisFw5FsuNa-VyeVYOl2vmXGy8p4ds8r-43Lymj4iwzH7fQch3uwwPn8sgKrreFrvDafYcxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9GYjFaIAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRGMTEzG0WDjWCssk41btDBZ1srBYLUWbSwri8e4XA0WG7fo9TFdfAuHYeHaIsGAkr1InhbpROOyuRYLw3K0Gs08K99o4li5VrbNYrgxDQaTzW4ilmhOFulEdtm3JjaLwzjYLYeTxWC5ciyWG9fK5fKsHC7XzLnY-CsTk3E02DjWCstk4xYtTJa1cjBYrUUby8riMS5Xg8XGLXp9TBffwmFYuPaN2XC2GE5my82-MRvOFsPJbLnZd5hMz9TnbLTGxJePynw131wqm9OgcBks3p_EtJh2ZwfVyXd0qjzOZVFn9Pv9fr_f7_f7_X6D1nMwGxS-v9_vbUZDCr92nHIcDIpYIrhIJzq_22VyOhxr0dHltzv9dotYojRdpBN90e92GR4-l78ilghOF-lE6He7LOo_YpDFbi4bzRWrxVyzSgAAAAAAAAAAlmCa6SYAAAAATgY1XC4Ws3U6mMlwthjNlgvgwpNM14_6Ro-2MNLYLpnGBLILIRnjYo09FnF-t8vkdDjWoqPLb3f67VYGcOFpxWyzzwhirVbLGgAAgAA2AAAAAW668SYwdYr7____HwcAAEBGDj0AAAD6fUBT0AAAAAAA_ApiMdkM9g9AhVir1ep2Y61WCw!&cmcv=&pix=undefined&cb=1686182694690&uv=3288&tms=1686182694690&abt=nonrv_vA!t45!testmsn_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=1fe12743-2ae4-4e81-ba13-bc79e0ac25e3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 08 Jun 2023 00:04:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5
pr-bh.ybp.yahoo.com/sync/taboola/ Frame E090 43 B
426 B 824ms
41ms Image
image/gif 2a05:d018:d29:3602:caa5:9f17:65ef:189f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8OkUCLAbYhoTN5h365xGwDQmbzTv0zysAAABgYID-AEnMXI7JbrRZSxYu01q0Mi7WEodjs5Z4fMuVYeGxrFaeISCJmcsx2Y02a8nCZVqLVsbFWuJwbNYSj2-5Miw8ltXKMwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJwwC6n4fr0-QMAAAAACAAAAAASAAj9PCUAZEgET_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyCzWZ8JHUgfiBToFWEEAAAAIBvocuDIJJ2gYlHl__-_3wrAFQCAAERMKQWmLLqDEm9hAAAAAMTgZchXKVEbpo5ZoIfF7zc77Bq_22X-_________838n_lHI9QER5om6KjwQ80vIADAml9AAAA24wYA4I0AnJCTgabT4XPd63W_3110dPntTr_drvG7_aJD0IrBYHUCYnYAAAAA7vz____jwcuQr1KiNkzVA1ITm8VhHOyWw8lisFw5FsuNa-VyeVYOl2vmXGy8p4ds8r-43Lymj4iwzH7fQch3uwwPn8sgKrreFrvDafYcxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9GYjFaIAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRGMTEzG0WDjWCssk41btDBZ1srBYLUWbSwri8e4XA0WG7fo9TFdfAuHYeHaIsGAkr1InhbpROOyuRYLw3K0Gs08K99o4li5VrbNYrgxDQaTzW4ilmhOFulEdtm3JjaLwzjYLYeTxWC5ciyWG9fK5fKsHC7XzLnY-CsTk3E02DjWCstk4xYtTJa1cjBYrUUby8riMS5Xg8XGLXp9TBffwmFYuPaN2XC2GE5my82-MRvOFsPJbLnZd5hMz9TnbLTGxJePynw131wqm9OgcBks3p_EtJh2ZwfVyXd0qjzOZVFn9Pv9fr_f7_f7_X6D1nMwGxS-v9_vbUZDCr92nHIcDIpYIrhIJzq_22VyOhxr0dHltzv9dotYojRdpBN90e92GR4-l78ilghOF-lE6He7LOo_YpDFbi4bzRWrxVyzSgAAAAAAAAAAlmCa6SYAAAAATgY1XC4Ws3U6mMlwthjNlgvgwpNM14_6Ro-2MNLYLpnGBLILIRnjYo09FnF-t8vkdDjWoqPLb3f67VYGcOFpxWyzzwhirVbLGgAAgAA2AAAAAW668SYwdYr7____HwcAAEBGDj0AAAD6fUBT0AAAAAAA_ApiMdkM9g9AhVir1ep2Y61WCw!&cmcv=&pix=undefined&cb=1686182694690&uv=3288&tms=1686182694690&abt=nonrv_vA!t45!testmsn_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=1fe12743-2ae4-4e81-ba13-bc79e0ac25e3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:caa5:9f17:65ef:189f Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame E090 43 B
146 B 579ms
23ms Image
image/gif 18.156.189.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8OkUCLAbYhoTN5h365xGwDQmbzTv0zysAAABgYID-AEnMXI7JbrRZSxYu01q0Mi7WEodjs5Z4fMuVYeGxrFaeISCJmcsx2Y02a8nCZVqLVsbFWuJwbNYSj2-5Miw8ltXKMwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJwwC6n4fr0-QMAAAAACAAAAAASAAj9PCUAZEgET_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyCzWZ8JHUgfiBToFWEEAAAAIBvocuDIJJ2gYlHl__-_3wrAFQCAAERMKQWmLLqDEm9hAAAAAMTgZchXKVEbpo5ZoIfF7zc77Bq_22X-_________838n_lHI9QER5om6KjwQ80vIADAml9AAAA24wYA4I0AnJCTgabT4XPd63W_3110dPntTr_drvG7_aJD0IrBYHUCYnYAAAAA7vz____jwcuQr1KiNkzVA1ITm8VhHOyWw8lisFw5FsuNa-VyeVYOl2vmXGy8p4ds8r-43Lymj4iwzH7fQch3uwwPn8sgKrreFrvDafYcxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9GYjFaIAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRGMTEzG0WDjWCssk41btDBZ1srBYLUWbSwri8e4XA0WG7fo9TFdfAuHYeHaIsGAkr1InhbpROOyuRYLw3K0Gs08K99o4li5VrbNYrgxDQaTzW4ilmhOFulEdtm3JjaLwzjYLYeTxWC5ciyWG9fK5fKsHC7XzLnY-CsTk3E02DjWCstk4xYtTJa1cjBYrUUby8riMS5Xg8XGLXp9TBffwmFYuPaN2XC2GE5my82-MRvOFsPJbLnZd5hMz9TnbLTGxJePynw131wqm9OgcBks3p_EtJh2ZwfVyXd0qjzOZVFn9Pv9fr_f7_f7_X6D1nMwGxS-v9_vbUZDCr92nHIcDIpYIrhIJzq_22VyOhxr0dHltzv9dotYojRdpBN90e92GR4-l78ilghOF-lE6He7LOo_YpDFbi4bzRWrxVyzSgAAAAAAAAAAlmCa6SYAAAAATgY1XC4Ws3U6mMlwthjNlgvgwpNM14_6Ro-2MNLYLpnGBLILIRnjYo09FnF-t8vkdDjWoqPLb3f67VYGcOFpxWyzzwhirVbLGgAAgAA2AAAAAW668SYwdYr7____HwcAAEBGDj0AAAD6fUBT0AAAAAAA_ApiMdkM9g9AhVir1ep2Y61WCw!&cmcv=&pix=undefined&cb=1686182694690&uv=3288&tms=1686182694690&abt=nonrv_vA!t45!testmsn_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=1fe12743-2ae4-4e81-ba13-bc79e0ac25e3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.189.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-189-239.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 54FF 70 B
264 B 37ms
37ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8OkUCLAbYhoTN5h365xGwDQmbzTv0zysAAABgYID-AEnMXI7JbrRZSxYu01q0Mi7WEodjs5Z4fMuVYeGxrFaeISCJmcsx2Y02a8nCZVqLVsbFWuJwbNYSj2-5Miw8ltXKMwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJwwC6n4fr0-QMAAAAACAAAAAASAAj9PCUAZEgET_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyCzWZ8JHUgfiBToFWEEAAAAIBvocuDIJJ2gYlHl__-_3wrAFQCAAERMKQWmLLqDEm9hAAAAAMTgZchXKVEbpo5ZoIfF7zc77Bq_22X-_________838n_lHI9QER5om6KjwQ80vIADAml9AAAA24wYA4I0AnJCTgabT4XPd63W_3110dPntTr_drvG7_aJD0IrBYHUCYnYAAAAA7vz____jwcuQr1KiNkzVA1ITm8VhHOyWw8lisFw5FsuNa-VyeVYOl2vmXGy8p4ds8r-43Lymj4iwzH7fQch3uwwPn8sgKrreFrvDafYcxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9GYjFaIAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRGMTEzG0WDjWCssk41btDBZ1srBYLUWbSwri8e4XA0WG7fo9TFdfAuHYeHaIsGAkr1InhbpROOyuRYLw3K0Gs08K99o4li5VrbNYrgxDQaTzW4ilmhOFulEdtm3JjaLwzjYLYeTxWC5ciyWG9fK5fKsHC7XzLnY-CsTk3E02DjWCstk4xYtTJa1cjBYrUUby8riMS5Xg8XGLXp9TBffwmFYuPaN2XC2GE5my82-MRvOFsPJbLnZd5hMz9TnbLTGxJePynw131wqm9OgcBks3p_EtJh2ZwfVyXd0qjzOZVFn9Pv9fr_f7_f7_X6D1nMwGxS-v9_vbUZDCr92nHIcDIpYIrhIJzq_22VyOhxr0dHltzv9dotYojRdpBN90e92GR4-l78ilghOF-lE6He7LOo_YpDFbi4bzRWrxVyzSgAAAAAAAAAAlmCa6SYAAAAATgY1XC4Ws3U6mMlwthjNlgvgwpNM14_6Ro-2MNLYLpnGBLILIRnjYo09FnF-t8vkdDjWoqPLb3f67VYGcOFpxWyzzwhirVbLGgAAgAA2AAAAAW668SYwdYr7____HwcAAEBGDj0AAAD6fUBT0AAAAAAA_ApiMdkM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 08 Jun 2023 00:04:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 54FF 43 B
425 B 824ms
42ms Image
image/gif 2a05:d018:d29:3602:caa5:9f17:65ef:189f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8OkUCLAbYhoTN5h365xGwDQmbzTv0zysAAABgYID-AEnMXI7JbrRZSxYu01q0Mi7WEodjs5Z4fMuVYeGxrFaeISCJmcsx2Y02a8nCZVqLVsbFWuJwbNYSj2-5Miw8ltXKMwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJwwC6n4fr0-QMAAAAACAAAAAASAAj9PCUAZEgET_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyCzWZ8JHUgfiBToFWEEAAAAIBvocuDIJJ2gYlHl__-_3wrAFQCAAERMKQWmLLqDEm9hAAAAAMTgZchXKVEbpo5ZoIfF7zc77Bq_22X-_________838n_lHI9QER5om6KjwQ80vIADAml9AAAA24wYA4I0AnJCTgabT4XPd63W_3110dPntTr_drvG7_aJD0IrBYHUCYnYAAAAA7vz____jwcuQr1KiNkzVA1ITm8VhHOyWw8lisFw5FsuNa-VyeVYOl2vmXGy8p4ds8r-43Lymj4iwzH7fQch3uwwPn8sgKrreFrvDafYcxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9GYjFaIAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRGMTEzG0WDjWCssk41btDBZ1srBYLUWbSwri8e4XA0WG7fo9TFdfAuHYeHaIsGAkr1InhbpROOyuRYLw3K0Gs08K99o4li5VrbNYrgxDQaTzW4ilmhOFulEdtm3JjaLwzjYLYeTxWC5ciyWG9fK5fKsHC7XzLnY-CsTk3E02DjWCstk4xYtTJa1cjBYrUUby8riMS5Xg8XGLXp9TBffwmFYuPaN2XC2GE5my82-MRvOFsPJbLnZd5hMz9TnbLTGxJePynw131wqm9OgcBks3p_EtJh2ZwfVyXd0qjzOZVFn9Pv9fr_f7_f7_X6D1nMwGxS-v9_vbUZDCr92nHIcDIpYIrhIJzq_22VyOhxr0dHltzv9dotYojRdpBN90e92GR4-l78ilghOF-lE6He7LOo_YpDFbi4bzRWrxVyzSgAAAAAAAAAAlmCa6SYAAAAATgY1XC4Ws3U6mMlwthjNlgvgwpNM14_6Ro-2MNLYLpnGBLILIRnjYo09FnF-t8vkdDjWoqPLb3f67VYGcOFpxWyzzwhirVbLGgAAgAA2AAAAAW668SYwdYr7____HwcAAEBGDj0AAAD6fUBT0AAAAAAA_ApiMdkM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:caa5:9f17:65ef:189f Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FE88 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOSo7K5Tfx5L-gApwDzQCHclfDOIGiL26Il4zqeYzWfXWBc9zZmpxoYSFoGLy9-iP9iXbcDKAudehq8RfGMTdArQ2cLfPZLhUqgi-2HWI69428gPlWAtQgll4Fq-Ve6kF76wz4qJ_CUl5lAVkEOaDDDrieCRf2c4SyVJmO876UBmyKUU9-KlgtUHEN1oU9NpCI4xYiKgP9K97a7C_LhpqHiX7ZmYqPRcb_uqNr4mnmxUY8yBshutZNV4JXq0w5r8GXwVW6WH1sJmqprCM13V-AEM98b5ujSm527nIDEeEPk9MNWbuYoN4gD6dGpn_DbiKZwCxLg04UacmLd_4&sai=AMfl-YT83mMm6TB44okXtt06JDNDJujN8A1_oiX1nffC5FyHPdzj5G7Ch7Hg9hMxX7astIMI-bpoFgqxGAki97B6XeHN6Vp_qWQd0PuMCpFJqK-qsRvguKvxC-dol2qKeg&sig=Cg0ArKJSzKrZ1sPYaIl5EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 style_banner_970x250_standard_7d44cb.css
cdn.mediago.io/js/template/style/ Frame FE88 3 KB
3 KB 6ms
6ms Stylesheet
text/css 13.32.27.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediago.io/js/template/style/style_banner_970x250_standard_7d44cb.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93e0d965fc28dca34b0a300a4d52370d9b6fabadcf0fa164cb0c6753f792f946

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: uZLJMoFKPauZuIMR_FpOvuWu6c7DG7K6
date: Wed, 07 Jun 2023 04:41:10 GMT
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 09:07:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 69826
x-amz-server-side-encryption: AES256
etag: "529c45590489c4faa02f32cfefe88610"
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2743
x-amz-cf-id: RcFnJ-GQ2nY94M69DX6_g1jyOyF6AX3vLvrVC60ALusCvSMa28sGYw==

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/233/ Frame FE88 80 KB
28 KB 7ms
6ms Script
application/x-javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/233/trk.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 096ef6644ebed2ac191e5a20c7c5bf31a24d8739912e2142003fdaa469a13aa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: Wed, 22 May 2024 13:37:49 GMT
Date: Thu, 08 Jun 2023 00:04:55 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 1333627
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27646
X-Served-By: cache-lga21923-LGA, cache-fra-eddf8230050-FRA
Last-Modified: Tue, 23 May 2023 13:36:07 GMT
Server: AkamaiNetStorage
X-Timer: S1686182695.225673,VS0,VE0
ETag: "9016354863c2896e70daab6e27775aa5:1684848967.582788"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 11, 1361305

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame FE88 0
929 B 13ms
13ms Image
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.theonion.com%252F&e=wqT_3QLGFejGCgAAAwDWAAUBCKW2hKQGEI2ymZTjprbQaRgAKjYJ1siutIzU4j8RqALNaxWS4D8ZAAAAQArXGkAhqA0SACkRJNAxAAAAgD0K8z8w_tjzCjjoO0C4aEiRBFCa8pi1AViegnhgAGi6pmR45fQFgAEBigEDVVNEkgUG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqA7oRCo4RaHR0cAEv8NB0cmFjZS1ldS5tZWRpYWdvLmlvL2FwaS9sb2cvd2lubm90aWNlP3RuPTM5OTM0YzJiZGE0ZGViYmU0YzY4MGJlMWRkMDJmNWQzJndpbmxvc3M9MSZpZD02ZDA4ZTNkZTgxZTI4ZjFiZWI4YmU4ODAwNDkzMDQ5ZCZzZWF0X2lkPSR7QVVDVElPTl9TRUFUX0lEfSZjdXJyZW5jeT0ke0FVQ1RJT05fQ1VSUkVOQ1l9JmJpZF9pZD0ke0FVQ1RJT05fQklEX0lEfSZhZF9pZD0kexFPAEEJFwWTgCZpbXBfaWQ9NzYxMTMyMjE5NzA1NTI2NTAzNyZwcmljZR1r8E9QUklDRX0mdGVzdD0wJnRpbWU9MTY4NjE4MjY5MyZkcD1hQTl2WW9heVU3ZTV0SHp6b1RxaHk4d25rT3c0V3pVemtlTEpQM1V2RUNrJmRzcAF49HUIMjImdXJsPUJCLVpHVU92OTZQTGRISlJaU2xmc1JhdHlQdS1BOU1EOThYZGRqRk5yQm9uWWQ4OE9CV3B2ZnQ2VExSYUtNT0J6OWRpbXMxeGhKemhUTGFSekZ3YzJkbERUSmhGaWR2Z3FLczU0dVJqSG1uV2sydEhuMF9JVjhOMmdlX0NJTjVRTEhWSUxuQTFZaUlwUUZPZGIyYWJGdTJCczRGNHRLLXF0TkRIcEVzQkgtTjBUUlQxWEIweEpRQW9JWVRBY2E5Y3gxZDNNWEx5UjF3Tm16NHBYM1hKRWFoMFFNMTI1RkYtdEhtekNMWHlhMEpoM3BIYURreE5CU19ZZlhOOE9oRGQ0TlYwbVhLeldCQVpJYXVtOXpmbElhTGwtX3N3eFU0Uzd4aGJHWVFESU9KclhxNEFjLVZfY3kwMXpBZ1ZPSGljYTdGaWNnS3lMQWItOFluOWNpcDhFYU5kRzVvMmVsWDdPOE10aVloeU5DcTc0Wm1qazFyR0k4RUdXQWN2Y2lqRHViay0wRG5hNDhnejQxOGhERHY5cEdmZEZtdWwxbEpidjVWc19zb09KckFPTWNkc3lsSHRoaGgybDA2QVRDd3QyVjNaZ1ZpTzVLc3l0UlZoQ2tQUEpSOW9iYTZTS3RnZ25Wb0dOaVR4aXBfMkZIS0ZkblNfSWZLQ1BETS14TGI0ekFqYXpfaUdKd21VeEwzNFY1M1NTbm5ZNnh6LTEyc3ZXa1BRd1Q3d2ZWbzk2eG80ZHhXcGZyLVRtajNMYUdrWnFPUkF6SnVaVFAxX2llZFFCbTR4MVRKY00xNnVsQXlpQ3JvV0p5RGJZLUZENGlwUFZsUi1mNHpXWl9VQVBoM3I0MzJXWVM1YjJWMDBMM0F0NnFmdmtjazZHYXpld01Zd1RFcXBQNzBNZmYxQVNkMkd6RUQySzd1WWhsQUJ4eWpINElGLWtraWFjX1J1VnVITjJjQXpuSWRlT2x3ZGxmT29kNUlXSWlIeHlzQjViYU92ejJqWTNTeVhucjhSNW9pb2tJMUNBOHB2MEludzJaX1kxeE8xN0JUQmRNVDhxVWl3WmY1ck9QdXI4VDc0eE12NnFCOWRWV3JsNVAwRExSRUd3clpMMDl0OHpJQUFCeVl0c0VsdWYtMHNmX2ZwSkM3cnlrSUFUX3pxbDZrWWNLcTZ0SEFiVlBwRDBJbHJmTVNzUTM3bm4wYTN4SENZSTB5MkplOGQ3Unh6Si1KQ3MzWFRsT3hucjdkM0JRa2hlYXpnTm9sSW03eHpUUl9xQlBNNWZkYUtWTnk0Qzlsb2Z5YjdQbGk1S0ttRjRJVEtHLVoybzdRcUVCNE5hQlAxd1RTYVU2dnlFeER5TjJYamprUUJYVE5KWTlMTklQSXBvaVdqWTUzU2tLNnVVTUlKVG1ndmZRbVBMeFVoY1dfUnktZkgzQUJONXJVNzJlYmRDcGtpUmxReEFxTG8xOW96LVE1SlpwR3RuTWs2MGRfZThkTTFsbmg4QzItRE1VcnRUTTlaZ1FyckptbVpPcW9lVjdHYWdYemlqOHlYMlFlXzM0N3JTME16SEQyWWthUTR4Vm1sZXZEMFpIdXdQUkc5UVRkbVJYSm1XQ0JWNjNpc1hncHNNOFU3azBVUDBCZ1g4WjRQeU5yS3MzcF84NmZiQmRUVWw5M3BOME1COGNTdm5MZHc3NXFobEduVEhhN2RLVFZ4V3hYZFMxamp4d3J4RmR3eDc1Sm1rZXFEUktEZXBSLXdxNGxUUzhKVkdKZWdkNlAtQ1JZdFB1LU5JMldxTXNXMzMtNG9tenAwT3M0cHJ1LTlBTjhPTDdhUGY5VlpyOUZnVk5MZGx1WE92UkJ1Rnczcnd6a19KQjJteFFJaUFkV3BncDJycDNUbTQzMFA3SVRGalJMNV9JM2VSN0Noakx5b2JHbTBQdHdhS1FVd1gzdzdHV2lKaG5mYUotWDJVdXc0Mll2NFlwOW5wcnhRa3FUUm1CZE9ISjNHQlhTbHJWNjd3eTVnZ2M4QTk4bmhyMUR2LTRXcDd6NFJiYVkxQ1RsdU8tdmhyal9HMHlobmpyOU8wRm8xSFF5WFdBLUtCTFJJTFpkWDZIOGdYX01WSGY4V1o4ZlF1SkxsS0VVVnp1QXV6LThfdzhOMWRpZmxUMUVPakM4ZkhFaGxLQTlndkF5WHo4ZzdCZ0NlUmFLZGFZRWZ0WVUtQm5KQUZOaWZTZTUtU2pYX0cyOERNZEd6YTJYYXlaQ3cxNnlVc2lSYnFhWFgxdTRtdkRsQzk4bUZMbzRSMWlOQ0V6NmhRY3BVOUtwV21BUkhUTzBEUXladUlMek5tQTlVMElCZDZKci1tY29yd0R4SG9JS0JTUjgmc3A9c3BOaXBHTEVVVXIweFp6UGhPTjVsMFZmOHZ1ZUNKNS0xajVfbk96c0pBURoTNzYxMTMyMjE5NzA1NTI2NTAzNyIJMzc5OTkyMzQ2KgdNZWRpYUdvwAOsAsgDANgDjrEk4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDIxNy42NC4xNTEuM6gEALIEEAgAEAEYygcg-gEoADAAOAK4BADABKeNuSLIBADaBAIIAeAEAfAEmvKYtQGIBQGYBQCgBY7wyevwv8KcesAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaqzRvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbVrwXaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxNzcyMzE0yAfl9AXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgB&s=38c3022cb1a86fbbe39bdf6bad6e630a37812216

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:55 GMT
AN-X-Request-Uuid: 9b1f5eef-2051-4a5a-991f-aa8f853a7e2c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 17ms
17ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.71664cf4fdde6f76a812.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 09 Jun 2023 00:04:55 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FDAE 281 B
554 B 71ms
15ms Document
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8OkUCLAbYhoTN5h365xGwDQmbzTv0zysAAABgYID-AEnMXI7JbrRZSxYu01q0Mi7WEodjs5Z4fMuVYeGxrFaeISCJmcsx2Y02a8nCZVqLVsbFWuJwbNYSj2-5Miw8ltXKMwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJwwC6n4fr0-QMAAAAACAAAAAASAAj9PCUAZEgET_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyCzWZ8JHUgfiBToFWEEAAAAIBvocuDIJJ2gYlHl__-_3wrAFQCAAERMKQWmLLqDEm9hAAAAAMTgZchXKVEbpo5ZoIfF7zc77Bq_22X-_________838n_lHI9QER5om6KjwQ80vIADAml9AAAA24wYA4I0AnJCTgabT4XPd63W_3110dPntTr_drvG7_aJD0IrBYHUCYnYAAAAA7vz____jwcuQr1KiNkzVA1ITm8VhHOyWw8lisFw5FsuNa-VyeVYOl2vmXGy8p4ds8r-43Lymj4iwzH7fQch3uwwPn8sgKrreFrvDafYcxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9GYjFaIAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRGMTEzG0WDjWCssk41btDBZ1srBYLUWbSwri8e4XA0WG7fo9TFdfAuHYeHaIsGAkr1InhbpROOyuRYLw3K0Gs08K99o4li5VrbNYrgxDQaTzW4ilmhOFulEdtm3JjaLwzjYLYeTxWC5ciyWG9fK5fKsHC7XzLnY-CsTk3E02DjWCstk4xYtTJa1cjBYrUUby8riMS5Xg8XGLXp9TBffwmFYuPaN2XC2GE5my82-MRvOFsPJbLnZd5hMz9TnbLTGxJePynw131wqm9OgcBks3p_EtJh2ZwfVyXd0qjzOZVFn9Pv9fr_f7_f7_X6D1nMwGxS-v9_vbUZDCr92nHIcDIpYIrhIJzq_22VyOhxr0dHltzv9dotYojRdpBN90e92GR4-l78ilghOF-lE6He7LOo_YpDFbi4bzRWrxVyzSgAAAAAAAAAAlmCa6SYAAAAATgY1XC4Ws3U6mMlwthjNlgvgwpNM14_6Ro-2MNLYLpnGBLILIRnjYo09FnF-t8vkdDjWoqPLb3f67VYGcOFpxWyzzwhirVbLGgAAgAA2AAAAAW668SYwdYr7____HwcAAEBGDj0AAAD6fUBT0AAAAAAA_ApiMdkM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Jun 2023 00:04:55 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B6DE 0
0 54ms
54ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslh6WXVHM53w4N76ZeGgeFyJfETrAVsIpDvolTHJvJnv_K0eerFKw_S_wQde96zr_qxQfNoDorHmL7n_v3EGb3HhHHcxhKxQmgOBYSjLJBs7GtEn_-0W-hvgaukiRCS9Ny0aHyTpxl3oEoPjxjAJ9t5FCQxcGZ7zbhT_wHgBX6N4oNLkfVaBCELu4B3uiNha-wGLdagIvkacagMcaOG1WUV9zTQiE0VyJdC9WDz-toXoEyl7nvQVnnZNpFl6KKBUoRHpqlw8ZX31jiyVnlSsMUyMw8NG_MHtFP-6KhN5cFCBZuBCOdofqGNjKa552qwCXeMQE_b64ZA08bFu0&sai=AMfl-YQr6Uc38mZ84-3YGXzP7cOT05X_2cLLPld7jHclC-UmFkhlTE21ddN7lR-Ljszmg9dtxHb4cLRibn2JHY5xcaWV68QC3_Gsg18Io6axxFZ4vJKPmIDjw8gSlkEgJQ&sig=Cg0ArKJSzMOY2_oX7Qe6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK script.js Show response
acdn.adnxs-simple.com/strikeforce/ Frame B6DE 122 KB
43 KB 357ms
22ms Script
application/javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f63b683b181032b37e4b8a3fe5d001edc0b40a8df47c66b7966e2e7242f0226d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: Wed, 24 May 2023 23:40:38 GMT
Date: Thu, 08 Jun 2023 00:04:55 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 1429
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 43711
X-Served-By: cache-lga13622-LGA, cache-fra-eddf8230057-FRA
Last-Modified: Wed, 10 May 2023 16:21:53 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1686182696.795105,VS0,VE0
ETag: W/"645bc4a1-1e7fc"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 107, 105

GET
H2 200 style_banner_970x250_standard_7d44cb.css
cdn.mediago.io/js/template/style/ Frame B6DE 3 KB
3 KB 7ms
6ms Stylesheet
text/css 13.32.27.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediago.io/js/template/style/style_banner_970x250_standard_7d44cb.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93e0d965fc28dca34b0a300a4d52370d9b6fabadcf0fa164cb0c6753f792f946

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: uZLJMoFKPauZuIMR_FpOvuWu6c7DG7K6
date: Wed, 07 Jun 2023 04:41:10 GMT
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 09:07:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 69826
x-amz-server-side-encryption: AES256
etag: "529c45590489c4faa02f32cfefe88610"
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2743
x-amz-cf-id: smO2h7UO7hEdQDLVaKmcULNliyokLZ54IE8x8tt1_-NrgmfaLYdJww==

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/233/ Frame B6DE 80 KB
28 KB 7ms
7ms Script
application/x-javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/233/trk.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 096ef6644ebed2ac191e5a20c7c5bf31a24d8739912e2142003fdaa469a13aa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: Wed, 22 May 2024 13:37:49 GMT
Date: Thu, 08 Jun 2023 00:04:55 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 1333627
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27646
X-Served-By: cache-lga21923-LGA, cache-fra-eddf8230050-FRA
Last-Modified: Tue, 23 May 2023 13:36:07 GMT
Server: AkamaiNetStorage
X-Timer: S1686182695.452020,VS0,VE0
ETag: "9016354863c2896e70daab6e27775aa5:1684848967.582788"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 11, 1361306

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame B6DE 0
929 B 14ms
13ms Image
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.theonion.com%252F&e=wqT_3QLGFejGCgAAAwDWAAUBCKW2hKQGEKCSsfD48YO6MBgAKjYJ4Sh5dY6B6T8RskLbewJy5j8ZAAAAIIXrF0Ahsg0SACkRJNAxAAAAgD0K8z8w-djzCjjoO0C4aEiRBFCa8pi1AViegnhgAGi6pmR40vIFgAEBigEDVVNEkgUG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqA7oRCo4RaHR0cAEv8NB0cmFjZS1ldS5tZWRpYWdvLmlvL2FwaS9sb2cvd2lubm90aWNlP3RuPTM5OTM0YzJiZGE0ZGViYmU0YzY4MGJlMWRkMDJmNWQzJndpbmxvc3M9MSZpZD1kYWI1MThjMWMwNmQ0YWRmNDgyZjExNWQxN2VkMDAzZCZzZWF0X2lkPSR7QVVDVElPTl9TRUFUX0lEfSZjdXJyZW5jeT0ke0FVQ1RJT05fQ1VSUkVOQ1l9JmJpZF9pZD0ke0FVQ1RJT05fQklEX0lEfSZhZF9pZD0kexFPAEEJFwWTgCZpbXBfaWQ9MzQ5MTQzMjcyMDM1Njg4NjgxNiZwcmljZR1r8E9QUklDRX0mdGVzdD0wJnRpbWU9MTY4NjE4MjY5MyZkcD1LRDhPd0NFNTh1cW1DVkJUWmdRd1J3ZU9DQmpDcElsc045c0VhdzM1RTdBJmRzcAF49HUIMjImdXJsPUVUb2YwckhVamZCaUNTdmJFWVRwTHAzelFuTVhKSEpnNkQ0dEFvLVFWUWRrQTI0d0xreWhaTTlWVVFlQ21TQlNnYjFEalFRcTBnYmRlZGwyNUEtUHJkQmVia0VYdlZJQ2xDMTl3bV82S09Eb2VhNHFRckFkLUJhUks0cENoRTNxekJJSzZvQVdpUWlwQzJ4SlpBSkY1dGRPNVBNOUMtbDc1UTE0ZnZOMTlQTldoa1NDbml6VEdjTW8xOG5zOHlxZVBxVzN5UTc3dUpOZGhrSFZvMUZfcmRrLVlBR3FyY01qeXcwSUVBLUpxQ2MyX2V1T3cwMUkxTG5FUGpQUzQ1R1hlX0Q4LURvSlE1VDAxM3g3b1ZfZjRGRjRDeWFuRncyRXNKdFFWRU5MZVJjb2lVLV9pS0ctaFYzTGlZd3U5Z0t1Njc5eWpRX2x3b0lId0xsNE1IN0xrUzktQW9jZzJSQkhoVTlnLWtVVlVJX0ZrQjUtV0JreFduSFpsMHozUUlMTlZucjFDc2JnblVlRjdwTXpvUFpkcG9xMGptSEt6Qm5BbFBXVkhxV0dKbXlJaDZORzNfdUJnUy1za2VHazd2U2I5cUtodC1ZZlBjei04WFlzNkF0UVNyODQ1TEZfQ0E2cmpxaDlQV2d6SVdSNmhPYXd6NVViVlNkVnQ5c3lOWHZPcmFJZTN2WkszQTdpSnhidmRtTDE1eVk5cmpuRXNTckhiM2RfSzhhcG1PMTROWVdvUVJaQVl1aGhGMk1VVnptRU1rZjJNSWZDMjdlRHlsSWRlRWRQV3BNaVEzZ2JPRmpORVh3aVVoeUUyY2RiTUNQM3ZOQ0hZdm9jWXpncmYzX3FPVk1nalRwSjFEcmZIT0prNDhZT2FrTkdqS1U2YXV3S29mdGR4eVlHTkZKZmZyc2pGQzV3UjVfdXNfYmEyYkxqNVVoQUNWN09tdXloVjQ2NklKdFlUckdFWkZWb0lScnd5RlVSMXNSazl2N0lTbk5iQnd1WE1qczV2RUphazJ3WFBydGZVZS0xRVNLUFdQbDlkNGc3R2s3b0hkVDJjNWdPSVNVR09KRDJ4UUNkT0lmVHhPNW92RUxPV2hOWXV0NEYxTXVqeXBjNEtHbTQwVUtTVGpCeHQwb3hGSWNPT09jSVRXYi1ISjlrckpRYTZyWTZSM2tuTGVoYkRuQXVNZmJRTE5jRGZTTHRTb0xUQ3BlVHJNNkcwdGRyZFQ5bnFJdUh5cnNzTkZmN0l0YUVxeHpCbGVLNENydHVEcTQ5cF9pZE9HZ0FEbG5DdFN2ek8tNVJBb0RKZUFNYWZfWG5Md0YzZDAwMUlDWXRTWmFBUHlSZTU2a2JZT1ZrRzBDU1p0ZkNxUVF0QlhGQ04xZThhU0Jhd19qWmw4cG41QXBQS2N1N1JTbWZRM1QxVk9zczJXNlJ0T0J2N2pHeUJYTzl0bEtrWTlueXZpYWQ4NXpQaE1RenRRTmFZaC1Rc0x3aUQ3Qzd2WHB4dXh4QVpDd01BN1lzaURKVTI3djJGWXhvN0lSdnNidmZMSU85V1lwSjlYUHZ3eHNPX0tieUN0WDBCdDhaYVRqYmtyS0NMbEt1V2NhTGRua3V2MDlJaDhFWUt6WHp6VVFZS3hxYjRwNkZRLTlHMG4tYzBTc3VxZ1BKYWkxOWl4RUVEYkczdXB4bmR3UnBvcXJGc3FGQWJ3YkFCWlVTTXlRcng1UXN6NF9nV1AxRWFPTUhGa0RLNHY3QW9TdlhNWk5GOVdZYlVrUGhvWjhoeFpCakluYTc1QTlmNDRwcUJtNkMxd0hEZTk4MXJvRUZBVnRxaTloZkNFYzFXdkRTLU9HN3dsQTlvUUFxQUFZZ2xMY09MQ2pHRjFOMkNmOEdZSDFDYlFRWWdjSGI0VzFRNEYxM0FrbklWRUxaZXNuTTNZU0VHcGM4QjA3MTQ1RkIzVTJ5bHlVNVgxdDN0TVlXMXZ0M1FjenV3dENOcXhrVlRXVkcyd3ZLdzN1SHNBVXlRdnN6cUExaGpuOFN2M3pvN2V2aU9uMWhLdHVROXM1WlRkZnAwcG9JT3lkWG1hd3RpNHhhTHVUYmZQVXdtQXQyaENaeV81X1BRallsX3pKTFhEM0JFVmQzOUJ0Tm9kNmN4bmlmUThvZGF0UjlSaDRNRXVNQnZFdmtwRnNmeXltcHMxekZtTXJhb1JyVEVJQzBJb2s3RWhsUi1qTHNRWFVmRUdWT2lOamZpcWN0YVJQejcwQlBnX0RFaFhWUFpqdnc1UDVSUW9ucnFYT1VnWVRicldDT1hxVm1SVXR3WmJ5T0JubTkyQ2p6Vk9CRVpHSGZ1LVctc1RXY2RiMTJmX3F6b096bzE5M1RPZTgmc3A9V3o0QnpJMVdoeTVmNEVYbl94bHBpZG9DMGtNRl85ZktIcV9hNlNsSmpQZxoTMzQ5MTQzMjcyMDM1Njg4NjgxNiIJMzc5OTkyMzQ2KgdNZWRpYUdvwAOsAsgDANgDjrEk4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDIxNy42NC4xNTEuM6gEALIEEAgAEAEYygcg-gEoADAAOAK4BADABKeNuSLIBADaBAIIAeAEAfAEmvKYtQGIBQGYBQCgBbSWqNmwzfmqPMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaqzRvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbVrwXaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxNzcyMzE0yAfS8gXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgB&s=752a1198cd34e9ae0cc66a20bd73e5bf07b914c2

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:55 GMT
AN-X-Request-Uuid: 0449aa52-c4fa-4fc9-a488-3410a7ff5ad7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bulk Show response
trc.taboola.com/gomedia1-theonion/log/3/ 0
292 B 16ms
14ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/gomedia1-theonion/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230607-31-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Thu, 08 Jun 2023 00:04:55 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230056-FRA
server: nginx
x-timer: S1686182695.459168,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.theonion.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
630 B 7ms
6ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Thu, 08 Jun 2023 00:04:55 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 5907
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1686182695.460001,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 84
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 582

GET
DATA 200
OK truncated
/ Frame 0FF9 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b790fae4d2155d04d9eea1a5d6ae0ac8de1e981e8d728db136c4d23f44388434

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 17A6 47 KB
13 KB 90ms
32ms Script
application/javascript 52.209.156.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=931294&campId=728x90&pubId=4531748607&chanId=22405397127&placementId=4601586157&pubCreative=138271806400&pubOrder=2260375129&cb=1422380071&adsafe_par&impId=107f6dd0-0590-11ee-93a7-06d8cca89c2a&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-01
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.156.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-156-69.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2ae45e2e1b631f86c147be468e5e55954eb89fe2b21e92c91609f4d2dbf13fad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:55 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK dv-measurements3886.js Show response
cdn.doubleverify.com/ Frame 5551 534 KB
101 KB 15ms
14ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3886.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: f74a971771bbed56a13238f100e81152d4e14e3efb0a3da5772340955160f5d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 00:04:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2023 06:22:01 GMT
Server: UploadServer
ETag: "4bc7e362cab7f510577e8cd49ba8f796"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: ak_p; desc="1686182695524_34664206_79702358_10_860_15_0_-";dur=1
Content-Length: 103299
Expires: Wed, 05 Jun 2024 06:22:07 GMT

GET
H2 204 ic
trace-eu.mediago.io/ju/ Frame 0FF9 0
121 B 20ms
19ms Image
text/html 35.214.168.80
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace-eu.mediago.io/ju/ic?tn=39934c2bda4debbe4c680be1dd02f5d3&trackingid=155d5883466d3d826fd8ff99fbd9a9ab&acid=21014&data=8C1icAJfNeFePjSWUbH2FQOfni89uA-Q6B_jBFmCoYwxJT-KhwuuYkMH1u3Hh_r97axj925VdJ52QpzpypZhiJ3ouPY6HhOutAtpEfesAEZjdy0h_W20oATKsuUV7_aq8MOkMg_B0KKbfrqNTtz355glr4J-HjEsH1FCMrEe7L5A_V9wVx-dw0aNg_hLc8iu3JeyRiaNtF-uMdJ3aaaF9_diL5yifUmVcwVIMMFRc1EJwBzBAc1qi-pl5gfl00VbeCkOJWtysPhAKVGKVu8_uPfjkcL_tW0k0SIeiMZJOXlnZHJMxgUVHdOLr3q_t2LRtAQZExQ9JrB0kn5n6gVMz9HseZj6bH8pzSey_p0AoJEXMgjVzOEFBq1xrrfgrcSRuNvSgWymHbz1wBrPU4F8wwU3C0e7Fo5crW-iZMYLJ-Zq65RmQi2xGbpCEk6HWp99ah2DFsW8eP9BIpMV9bZP3_v3WFY8iZUDQFfpQ_27ZFsfeFUh_EbFl1-0MoajlpWuFSEuHCocZGbF-j4MiiZ7cl_cWSo3EmibmpKDt-oiBtiqmyEX_xRHVBhy0I0xOEKyazWU7SVxGuPk285yI971ZbnciYsQ9gwkK_XbO9oYXyn28YdI4ewOZzjgZBKsm_30XoDY6qj0BqoqD-fc3-rXuDGkjG2xqes9WikdyhJnKfivnIHvNHXHvfsGiVqW_QolpXZi8KtsDnbY2nedTMHJpujW2Mmn4nhK4_yC-LW5kC63JXEhE-tYa49pxJoeNS9iuJQCx0Jwm2xnPz3hIzy9IEngJ-MHtXuhx7mZ6Wkkn-ZeylXe5TnHY3J8omCUil1TjzkpA5bT58tjkcCLTMiMy2pGFrpjNShwNpbRXr-rF1uZ7DkVHBFCveYRdJDpsOu4J3BvEdlym72RfAqAXrE99-LRX1twBzEdJ1nBPTFwuQRXZBG9I5N4nqRVQbDDHURdf1XrnGpBnJ5yY1B86sT7nasYugBQRou_6xoR4KgD8M2VQ_I5NYAgt2nG8fHj9JQx8McZ5s0uGYmHtpnw7-aKWvvKOwB81Upcj5vkAjGgfMo&uid=mid_6a81463d5e3fc0656428b04a94f84c17&mguid=&ap={AUCTION_PRICE}
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 80.168.214.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

GET
H2 200 c5060262564012214fe6aea2cb5c74da__scv1__300x175.png
d2cli4kgl5uxre.cloudfront.net/ML/ Frame 5EB2 114 KB
114 KB 8ms
6ms Image
image/png 2600:9000:211e:600:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2cli4kgl5uxre.cloudfront.net/ML/c5060262564012214fe6aea2cb5c74da__scv1__300x175.png
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:600:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5cfb1037075cb57541adf2406c2fa1afd4dbdb871ae23130d949185087da7103

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: QnrvitjnImevEUyjHrXufHvIzWJ7c7YB
date: Wed, 07 Jun 2023 18:42:44 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 19437
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 116452
last-modified: Fri, 19 May 2023 13:24:55 GMT
server: AmazonS3
etag: "78e823a90306848fbb45ce337cbc55c3"
vary: Origin
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: l2_v6ZjJpPX_cSlGS1LmED1Ua9P6fDdVNc6r6zJ4ASSphXB0wgxP8g==

GET
H/1.1 200
OK blue-arrow.png
onlinertb-us.s3.us-west-2.amazonaws.com/js/images/ Frame 5EB2 28 KB
28 KB 556ms
199ms Image
image/png 52.92.251.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinertb-us.s3.us-west-2.amazonaws.com/js/images/blue-arrow.png
Requested by: Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/template/style/style_banner_970x250_standard_7d44cb.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.251.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bf282b4ef41bf52ed9cb27a33190fdcf162f28a2c126beabaad623eef16148d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.mediago.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 00:04:56 GMT
x-amz-version-id: null
Last-Modified: Thu, 10 Feb 2022 06:05:51 GMT
Server: AmazonS3
x-amz-request-id: F57Y43KHK7ANVSAR
ETag: "3da1ac71a612038f43614f4891129b18"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 28511
x-amz-id-2: y0uMzO2HKwE8hDK/REzaoqwxQgPfQDUIClmWWCZgA19vN2Qav3oPmskyn3wCRZxDASQmwEuQ7sg=

GET
H2 204 ic
trace-eu.mediago.io/ju/ Frame 5EB2 0
38 B 19ms
18ms Image
text/html 35.214.168.80
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace-eu.mediago.io/ju/ic?tn=39934c2bda4debbe4c680be1dd02f5d3&trackingid=507b6066feee1ceda5c4a6cdb9f61ec8&acid=21014&data=j0CXOPlTaiO9rMWId3EoCr5y6EdVImPnXuToWMA4zRedpoB_TNEg8Q_HPRh9eQxOjkDpfad5-oNaO6QZ3BZZ58NzQ77um5vtkg6xEV9KBTUboUmKB0eBiEkqSa4tzZd6mV5z97d9iopM0wqsu71o0mSzl-itipEQDwQyi2eyuYo-xxGb1ZO9RUOvSTvHlya70jlrvPPzaoHpM57F6MlGEIp-Z8G3pZ0l96fsVJ7c4pNyQbsRGQsJPX9jYR9Bmy94DBmW85BbIsbXDJqQ7enDPdzVk-Z-sl-JSKP0bt14TDX58u4NEIngdbk5iVDmjgn4RWBWvloieSuz5QccVStmFG0bkO-SE-plWVoON8Yi1KhKC3Wbaf5d_XZuV3eTKI7O1W_XfEurqSM3oqcMDp6Cp_x530wj4dgD4AWJMxqzCM7dY50Uqvi6iIkpTcbw2uihhipn_mqFeluqjnlunF9Rd5HMYof0yCg8g3Mkf06N-k8SNT29ULdOEC6P3byXKNbcTuQ6zHvCj-ZKR_jYImDOcvJgfl0jd-PqxyfMqT9lS3vibZUi9Hr4r7aDkyxdQoqT4sXSIARepoHrg4L1vdc3oPWJqkS7MdBOFQHICFd-WZnuXI0s8sjdhxM25xB_K6EB2q0YLx36VLnXlpudjAO7pchy5hu8t-0JT0GOjrClPGuXwMD2-GHR3OuRz1iVYvzy5DB7eprxMBBMETKbiuYFvGbF7PD6mRfc1Vdhkwft0yuQUKKNDDytdxG-_qhJF7WdE-uP4TN0Eqayu_5GAL_EETD3rRt-kuqFSH0NtTGHsSOMK-djls9bE4ukqydW6rhgnXEgI7weCuCxMbO9e9ihvaZz7oUHZ-Hwu95UXfvd-1BvQdnRaQsd3khoAFwELvCwCO9lJU-ujfQTa3yJW0U9CKzPz0WdyPsZdjkVSkHX6gce8vqgpGAG9euiy1pByQ62RQbvnSiw7USRDr_arzpiSaRg0kDTCA1H-UlV890gyXCxLo-VKf2aUawandxgex06Avfsu8IAH2eUPm0URWv_5FQlO1IcF_lRs9-a0Phew6k&uid=mid_6a81463d5e3fc0656428b04a94f84c17&mguid=&ap={AUCTION_PRICE}
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 80.168.214.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5EB2
Redirect Chain

https://trace-eu.mediago.io/cs/xandr?rdid=2aefc6e3586164d7c4153d1575f56a28
https://ib.adnxs.com/setuid?entity=529&code=6a4ad7962b6e34d5288849ab134a4550

43 B
1 KB

15ms
14ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=529&code=6a4ad7962b6e34d5288849ab134a4550

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:55 GMT
AN-X-Request-Uuid: 15949834-4e38-46fd-a612-655b55256cbb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/setuid?entity=529&code=6a4ad7962b6e34d5288849ab134a4550
date: Thu, 08 Jun 2023 00:04:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 5EB2 0
929 B 13ms
13ms Script
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.theonion.com%2F&e=wqT_3QKaBOgaAgAAAwDWAAUBCKW2hKQGEMCY9tn6scDbfBgAKjYJ4Sh5dY6B6T8RskLbewJy5j8ZAAAAIIXrF0Ahsg0SACkRJNAxAAAAgD0K8z8w-djzCjjoO0C4aEiRBFCa8pi1AViegnhgAGi6pmR40vYFgAEBigEDVVNEkgUG8P2YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOOsSTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS4zqAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEp425IsgEANoEAggB4AQB8ASa8pi1AYgFAZgFAKAFmfDnvN2jhP48wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAeoFDAoIVGhlTwG_ZBIA8AWqs0b6BQQIABAAkAYAmAYAuAYAwQYABQEs8D_QBtWvBdoGFgoQBREdAZgQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxNzcyMzE0yAfS9gXSBw0VfgEwCNoHBgFocBgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgB&s=c080306c891b12752d1e9edc03a21f95ac01d69f&bdref=https%3A%2F%2Fwww.theonion.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.theonion.com%2F,https%3A%2F%2Fwww.theonion.com%2F&

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:55 GMT
AN-X-Request-Uuid: 744a2772-dc22-4a3b-be65-f20afb8ae11b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 0FF9 0
952 B 13ms
13ms Ping
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.theonion.com%2F&e=wqT_3QLGFejGCgAAAwDWAAUBCKW2hKQGEITc5f7e5KraKBgAKjYJ4Sh5dY6B6T8RskLbewJy5j8ZAAAAIIXrF0Ahsg0SACkRJNAxAAAAgD0K8z8w-djzCjjoO0C4aEiRBFCa8pi1AViegnhgAGi6pmR4pPQFgAEBigEDVVNEkgUG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqA7oRCo4RaHR0cAEv8NB0cmFjZS1ldS5tZWRpYWdvLmlvL2FwaS9sb2cvd2lubm90aWNlP3RuPTM5OTM0YzJiZGE0ZGViYmU0YzY4MGJlMWRkMDJmNWQzJndpbmxvc3M9MSZpZD03Yjc1YWU3NGNhNTBhYzRjNjMyMzc4MzNlMzYxY2E2MCZzZWF0X2lkPSR7QVVDVElPTl9TRUFUX0lEfSZjdXJyZW5jeT0ke0FVQ1RJT05fQ1VSUkVOQ1l9JmJpZF9pZD0ke0FVQ1RJT05fQklEX0lEfSZhZF9pZD0kexFPAEEJFwWTgCZpbXBfaWQ9MjkzMzE1NzQzNjc1MTE3OTI2OCZwcmljZR1r8E9QUklDRX0mdGVzdD0wJnRpbWU9MTY4NjE4MjY5MyZkcD1kOWM5aDBQMEtEclRBaHVyOVprZnZyckVFRlZFUXZuRzVzSm03UExBS1BBJmRzcAV49HQIMiZ1cmw9U0dhWmVuNnhGcEI2U2lRbGR0TE1nOUhJWTRTS05wNjhDb04yYl9kVFV5RF9rUFllaEkxTXJCdHIyekdsOFU2RExlQ0lhd0UxMWZhdDROVi1ta3lKNVVQaVptcUtVeVNuMFpDcjJBUUhicHViNGcwWHQ0S1QwS3AxTnhJRXpqTm1CcDNFTDBqWXB2OXRndUdiMmZfQVAtRWJRanVLZ0pHRHVTOWtrWFJoLUNXLUxZbEZvR19KRndKcUJhMHk1MEFFY2VxRV9UNDMzUzRDckxkNGZGZ2diWlpvdnJySWtKaUlhRmtubXFzM1lTcFBCMG16cjc0VU40bzZWbVN1WXh4bmRDd3k3YlZGaUdzUWxmQ3BaRVNCUzlvaGtadFRsRnZJaENQekdBMlhqZlNIa2dUb2c0SHpycEpwX21Ia3hiYkpiTWpJQkFNaExOTk5FN1hqdkp0Q0hJcWZ0ampKc3FqMVZ5Q0JZaW53U0VubmN0Ny04aG1Ua3NnS1ZicUduU3lHQ1BQeUktZHRjTGdvb0l3TjAyTG1KV0hEYmVhNGR6WENDX2JONzN0SjhmZGFQNEtDRnVjTjM3OWdsNkNWbXNLVUtMMXB4WTd0eDZid3lsR0RvalB0cWJOMXE2WmN2UDNMcEtVMmgtb1dHaDNpRlZmR2hadWNvQjdGV3FKeGI4LVhGdUcxcGQyY1VrV0FFTlNqLTk3amhrcHRSUWNBN21SZzAzUzdmbDhSR3czWndVcmcxMVZ4R3U4QV9CTHlsNWx3cnBBV01mUDluUkxTNWlPSkhzQ3VmenNnVGxZRi0wa2JmU3VtVkJkekN2LUVOM2dWalp5T3ZxanJOWGtHVlV3T1FqVURLbVlmcm5QZFE4UENNRXlXMlctWlplYVdXU2dGbDBGNVhHTm1CbWthSG54dXZIMEZQRjZIanAtdkNhVjlidkswWmlBWmRsS3U0LXkwNWl6c0dTYTNZTTdXdWhMdEZMLWVGaVNlTXFHOVdyMUlub1B0ZmdRd0d4TW9oZ3N4NU5qSEtlU294VWU0eDBGZ21IYVBwVDh1QmdlbjNRQXE2OUsyM2pOUS1PVi1LZHZlTjYyV3JnYl91WC1qQU5qaGx6Z1RuN0VRS0Z6MFpVMG9iMklNbUd0VUZYZXE4T2JZN3ZYU0llbHdXbHFaNGFyaWFtQW5aWktkRzB1S2VHamxOdmMwdl9POGFqLThhdzdCaDRJQjU1U3pEY2tkMVVnazhVeExRU0FHNS1IWHItdHdCb2QwTmhPZkdfUWxIYWs1MF9GMlM5a3FJbWd5ZW5oM0FYR0hZWmV3MDc0OTBLeTFoMU1xQ2d4RE1BeGt1UDhla1E2b2JwajVqN1pCNW1zaFhsaHJzRkVUU1NuWmNxUzQ1Nk8zLVpvVUM4a2NsOGZUcjdPaXJzbHpSR01sNlBvNWptZllqWG9WQ2RmRl9QYlJTSFQxSS1OTXRtTVMyZ0RaRk1SZUNUSU1kVnpuMGpfVEtFbUpXMi1ORnRHSEw3aHFHRVhGMWxZYlZ4cW5UbGdtTEdyb1hBLU14MDI0TkIzSjBiMTdhanpBMmU2aW1zQ2FCTFBBT2djQkJhZGY0VEdzNktmMVV1Tm54ek5tbjFaOThfNU5adldzcVpvc0VTNEVBNHo2T1hHci1xbXp1VHZIdDhUTHFIdm5sTDlTLXNNMHJ0dUt4Q0pvXzRrQmpxMkFSWnVIOXE3ZGp1OVVDWWNmUGVGUlZNQ1JKU3dzYk5FN1c0b2VocVN0cm1zaVc4QVBIM24wcmJmSEtycUswNmNnUno0Xzd0eGtheVV0V21WMThmc2c0eElNWW53QzN1SDNLR0RBc2VrXzRzakYxcFk2MmIxazVabURYTE1TQnhvWi0zMlJuNzF2aDFzOTVBMERqUnJkZVBrMWdndlhWSnQwOXV0SldoczdhbWJqR0h4WURxbWdja0IyeFh3TDE3dTBsRFBkdUNQbEpJdkZyWVowVzJYeklGeW9jakNlWnpxeUR4Z0xQX1pCcmxpX3MzNEpVczl6cjF5MHZvSXIxWU8zX1pqZ25kN19OeVV2dVY4MDZyY2FQSTdzYkNUQnhvcGlVMElpMmljTFNWVlRtQWl3R2FSWlBnU2JrVjc2YW95cFU1QUZ2YzJvLU83WWI3S2dYeEZFMjluMTJiT29NRGZQRXBiV0xGbDFsWEdiMVhIckt0TjdVSnlzRE1lUU1tcl9ScWs4UFBRN3l1Z0NCbnliazJvM0xkNFNfUV9BRjdUNjNVZlpmRl9oaEloajNxSTRjbTlMQWRGR0dOZGtqVXY4bm9odS1FdzE2dFlnb2dhaDBubzRaZjRGZmI5OWNPSUYzeE9hMTIzcHg3YyZzcD1Ub1VEV01RNzhqVnRaTzRUaTcxZWdfREZUV3VWbUNIWGV1NnRod0sydGtBGhMyOTMzMTU3NDM2NzUxMTc5MjY4IgkzNzk5OTIzNDYqB01lZGlhR2_AA6wCyAMA2AOOsSTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS4zqAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEp425IsgEANoEAggB4AQB8ASa8pi1AYgFAZgFAKAFk6qckaGeyN1wwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFqrNG-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBtWvBdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBzE3NzIzMTTIB6T0BdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHh-MCiggCEACVCAAAgD-YCAE.&s=52c7cdf26cc4bab10b0f684ba1c9e4159d22cdfe&type=nv&nvt=5&jm=1003&px=1665&py=1432&bw=970&bh=250&sid=3469778991381070615&vd=ct~0|rr~0&sv=233&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22867065&sw=1600&sh=1200&pw=4000&ph=7976&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/233/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:55 GMT
AN-X-Request-Uuid: 4f7d0c57-c87b-457d-a84a-536c36d61de4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 action_links.json Show response
fr-actions.trackonomics.net/prod/www.theonion.com/ 4 B
448 B 625ms
411ms Fetch
application/json 99.86.4.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fr-actions.trackonomics.net/prod/www.theonion.com/action_links.json
Requested by: Host: cdn-magiclinks.trackonomics.net
URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-115.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5c24f7ca1c946fa4dfd44407409c8e11ec6e41f0e1c7c45bf8381b42afb31f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:01:27 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified: Sun, 19 Dec 2021 11:43:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 210
etag: "5ad5cc4d26869082efd29c436b57384a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Error from cloudfront
accept-ranges: bytes
content-length: 4
x-amz-cf-id: 5vkhNOjwUWipHubiEeJEZ3EkNrjSgDzP7OeAN5v2-tdYAP6300NkTg==

GET
H2 200 i.png
trx-hub.com/i/m/ 128 B
466 B 235ms
22ms Image
image/png 18.66.147.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0iiLS3A48kAV2gA2AZ2Y9IMWGAAOU6jgyiKUsHmqwYYAMbUiAbVBDE-bURAALKFKGEA9DZQOAdBDPVEOLO8ebElGyApoanhqaCDoUwDwKDgkVHRsfFESAF0KTV4hCF9YGjpFEE0BLDkIdXYdQhAAJgAGaoBmAFpagDYWgA4AFVrawlqAFkIAVmHHYYB2WoAtKOVVcogBSpAu1wACAHkPd3WAH3WAQRpoLE0wAHIhdYAxXGos9YA5ahRrgGUjaG1HKKwsBRVf4YACMrQ6rRBHWqrQAnKMppo8AAjKLUABupXUAE9ZKZ2FIgkIhJ4cFEMllfKFYADTHgqdgwLBaiDhmBhupXLB3KTyQCpCC6QysEyWWyOS4dOl+dVTDz3CASEA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 15:54:29 GMT
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 04:40:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 29427
etag: "90eb1bf3b49429bde87a3b5f0b53e6a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 128
x-amz-cf-id: SSMEyWUhHIrZJ3NqrvCKqDKBejvto_ANIljS6SxUkkTwYvAsPxuGDA==

GET
H2 200 c5060262564012214fe6aea2cb5c74da__scv1__300x175.png
d2cli4kgl5uxre.cloudfront.net/ML/ Frame FE88 114 KB
114 KB 7ms
6ms Image
image/png 2600:9000:211e:600:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2cli4kgl5uxre.cloudfront.net/ML/c5060262564012214fe6aea2cb5c74da__scv1__300x175.png
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:600:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5cfb1037075cb57541adf2406c2fa1afd4dbdb871ae23130d949185087da7103

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: QnrvitjnImevEUyjHrXufHvIzWJ7c7YB
date: Wed, 07 Jun 2023 18:42:44 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 19437
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 116452
last-modified: Fri, 19 May 2023 13:24:55 GMT
server: AmazonS3
etag: "78e823a90306848fbb45ce337cbc55c3"
vary: Origin
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: rBkAicPzQznIv4vlpRzwSxyquBPnZL1z8ky_2vZhczOjhSwXfjoXRg==

GET
H/1.1 200
OK blue-arrow.png
onlinertb-us.s3.us-west-2.amazonaws.com/js/images/ Frame FE88 28 KB
28 KB 550ms
198ms Image
image/png 52.92.251.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinertb-us.s3.us-west-2.amazonaws.com/js/images/blue-arrow.png
Requested by: Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/template/style/style_banner_970x250_standard_7d44cb.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.251.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bf282b4ef41bf52ed9cb27a33190fdcf162f28a2c126beabaad623eef16148d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.mediago.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 00:04:57 GMT
x-amz-version-id: null
Last-Modified: Thu, 10 Feb 2022 06:05:51 GMT
Server: AmazonS3
x-amz-request-id: QF882SQF2P2YXSZ8
ETag: "3da1ac71a612038f43614f4891129b18"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 28511
x-amz-id-2: JK5e8MKxEsUCc/LB/RkvbyFSFfxnYH9v+ynkQeAMGQWUFy6kk+PlI7zUe4ngKs+jfQcB52bpwQc=

GET
H2 204 ic
trace-eu.mediago.io/ju/ Frame FE88 0
38 B 20ms
20ms Image
text/html 35.214.168.80
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace-eu.mediago.io/ju/ic?tn=39934c2bda4debbe4c680be1dd02f5d3&trackingid=625a252b10c471a4b1d7e495b264f5fa&acid=21014&data=VgwqOBIZqvLsiVDz0_FFQc6ZBdvIGlTK2AIa9baho-_d6qOfeGY8nQS7mw3xNP96MmMYpgdD-QSo3YFlIJyFFpjbwovX4s8eBQM8cYynqvR22ByJ2_G5Ta3mHMark8nYPoI8rJLpQg5v-nOIkZliKTwYz-YD0_NfcszP0cDQlpxYmsfKMO6HHIur1nkFru1upsZusFX7zxtLkQjmQtYvAy_0gULG9LpBE75m5H21CUCGqp9UpPxm23-B0KbZNHojaa0jrFN8fIjMrML85CPnFX-r8idvXyFCXzSry85Fvoa6Y5y4EAQzN2O-DOM45-_ROgAV0gAcaWMQYSVPjxpshQKxzjvVdH4grLLg9t3fboFnr_omehtce5eAD6ezXDc1LLxDYhKCuw2peQjUt90SrQ_-ZBNt2ZZvN7PMlZZ0S_aNp5VO5cs9sRQNYg28rwhRzeE6jrRVNiYCZ_rUGU1mWI1gPPM76XYZEBSk0igos3_opee79PVuUFVzYFW3scVlPgpUqLLuHIdM6Q8UJKDLTuiLU_g2dvJmAaXB4mXOHSpex_vx5hzV2bAGTRPjxzHnejD-RAamptPKjbAPY-q93lWBNLqyOPoyf8QXGJ4k-52Y5xpUdvRUdtYa8Loj92IQuY6TLZPpLvUZGSxJpsn_ikmaHrWCYiFhSwW7x3Trvw9TAXKem0M0cMLVsnhgHW4Ns1Gx20e3YbNMm4ixuOMLHBtKmuDZvgrwG4PHyF6VF-L5uBukSzFWfxR0E-JKRNdM2lb4K3N4JWcVwHsFLzMHilM4t68gNR1NBvo-aDP4Q1KABD5rnDk-1rv40bqOALO1Y0a_QkeZvS7DNUX5esQlqNqelaKlWQSuIJiwErKD1Rrh-n8P_zrws7bCFVmo-60x5uqKJTxg-JRrf1XPWvXFXFn52kPTrWo3OTfEMNJOOE5CqqbLliqfqdcz3uNezxo_FoQjtwbwYk9OlEqrPumrCLapQ9OffpqgrQlBRWyxkORHqjywBqZTozANr8u8eL1fLsm_-mL-tn00dzavEOiypzM6MuatBcr_f1a-ai73SMI&uid=mid_6a81463d5e3fc0656428b04a94f84c17&mguid=&ap={AUCTION_PRICE}
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 80.168.214.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame FE88
Redirect Chain

https://trace-eu.mediago.io/cs/xandr?rdid=6d08e3de81e28f1beb8be8800493049d
https://ib.adnxs.com/setuid?entity=529&code=6a4ad7962b6e34d5288849ab134a4550

43 B
1 KB

14ms
14ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=529&code=6a4ad7962b6e34d5288849ab134a4550

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:55 GMT
AN-X-Request-Uuid: 213a0b13-44c7-49e4-bb23-db9220e3721a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/setuid?entity=529&code=6a4ad7962b6e34d5288849ab134a4550
date: Thu, 08 Jun 2023 00:04:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame FE88 0
929 B 14ms
14ms Script
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.theonion.com%2F&e=wqT_3QKaBOgaAgAAAwDWAAUBCKW2hKQGEI2ymZTjprbQaRgAKjYJ1siutIzU4j8RqALNaxWS4D8ZAAAAQArXGkAhqA0SACkRJNAxAAAAgD0K8z8w_tjzCjjoO0C4aEiRBFCa8pi1AViegnhgAGi6pmR45fQFgAEBigEDVVNEkgUG8P2YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOOsSTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS4zqAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEp425IsgEANoEAggB4AQB8ASa8pi1AYgFAZgFAKAFjvDJ6_C_wpx6wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAeoFDAoIVGhlTwG_ZBIA8AWqs0b6BQQIABAAkAYAmAYAuAYAwQYABQEs8D_QBtWvBdoGFgoQBREdAZgQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxNzcyMzE0yAfl9AXSBw0VfgEwCNoHBgFocBgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgB&s=850184b018b5fb13ade23036aab2c8326a7cc6e9&bdref=https%3A%2F%2Fwww.theonion.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.theonion.com%2F,https%3A%2F%2Fwww.theonion.com%2F&

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:55 GMT
AN-X-Request-Uuid: 06fd797a-e356-4df3-9d51-9b10b27d2470
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4B48 15 KB
6 KB 29ms
28ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 00:04:55 GMT
server: Kestrel
server-processing-duration-in-ticks: 1035137
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 75ms
37ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-176eb"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 09 Jun 2023 00:04:55 GMT

GET
DATA 200
OK truncated
/ Frame 5EB2 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0237aa975d8542373f99c13f8541fd12e5b6eed8abea4bbfa7c0e71fd4ae7c2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 1EE4 47 KB
13 KB 34ms
34ms Script
application/javascript 52.209.156.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=931294&campId=970x250&pubId=4531748607&chanId=22405397127&placementId=4601586157&pubCreative=138271807375&pubOrder=2260375129&cb=232953696&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-02
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.156.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-156-69.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6320a1b112291fb856bfdbe2306f9aaba53b9d4742bfb1edc40e74d25802651f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:55 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK dv-measurements3886.js Show response
cdn.doubleverify.com/ Frame 2260 534 KB
101 KB 19ms
19ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3886.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: f74a971771bbed56a13238f100e81152d4e14e3efb0a3da5772340955160f5d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 00:04:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2023 06:22:01 GMT
Server: UploadServer
ETag: "4bc7e362cab7f510577e8cd49ba8f796"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: ak_p; desc="1686182695846_34664206_79703032_15_690_12_0_-";dur=1
Content-Length: 103299
Expires: Wed, 05 Jun 2024 06:22:07 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 5EB2 0
952 B 14ms
14ms Ping
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.theonion.com%2F&e=wqT_3QLGFejGCgAAAwDWAAUBCKW2hKQGEMCY9tn6scDbfBgAKjYJ4Sh5dY6B6T8RskLbewJy5j8ZAAAAIIXrF0Ahsg0SACkRJNAxAAAAgD0K8z8w-djzCjjoO0C4aEiRBFCa8pi1AViegnhgAGi6pmR40vYFgAEBigEDVVNEkgUG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqA7oRCo4RaHR0cAEv8NB0cmFjZS1ldS5tZWRpYWdvLmlvL2FwaS9sb2cvd2lubm90aWNlP3RuPTM5OTM0YzJiZGE0ZGViYmU0YzY4MGJlMWRkMDJmNWQzJndpbmxvc3M9MSZpZD0yYWVmYzZlMzU4NjE2NGQ3YzQxNTNkMTU3NWY1NmEyOCZzZWF0X2lkPSR7QVVDVElPTl9TRUFUX0lEfSZjdXJyZW5jeT0ke0FVQ1RJT05fQ1VSUkVOQ1l9JmJpZF9pZD0ke0FVQ1RJT05fQklEX0lEfSZhZF9pZD0kexFPAEEJFwWTgCZpbXBfaWQ9ODk4NjY1MzI5ODAwNjAwMjc1MiZwcmljZR1r8E9QUklDRX0mdGVzdD0wJnRpbWU9MTY4NjE4MjY5MyZkcD1PQzIwSEdHZDEzWFd5ZmJEdmlDc2E0YkhJMVpXbzc3RkxMaDNNMnBYd3hrJmRzcAF49HUIMjImdXJsPURmT1QwaHhvTEVtekpxN0p2N205d0hhQzBsbHZuMnZvZXFGT2lINXI5YVlZTGhyNExwdUZVZXloYTc5ZnJrMXVFNmxEYmFjNUJMcEVUUVJ3amFCMXROWG53OWtBYUNSTVBxSW5jMkxOX3dOLUFqZ2NVbWsxNWo4YXU2c3pJclNrSS12a2pNcjFUMUhJdzBRZndWTnZ5N0VzekZaSmRvYWV6bnZ4Yy14WWc4a25fbU1MNmw0Qm54N2NCQ2UxaHdDSjlPTE5QNFdEbWlPUU9sbVdaRVlRV3RvLWRwZlZHVFBORkVkb3FudjNFd3lKYUUxdEhMTUVhSHhvUHBNb19OSzFVN2o4aklQTWtkWW9zQVpkX1ljSmpFV3VvMzZfZkZjYVVYRnhFQVFRRk11WVRwSTh4OTRVZ1NzYUR4WTRJV2w1R3VqTGx1cy1BZjVVWWE0WUxIcVY3TmpBZkxoMVA5NTJubzJvQzUtbi05RXVSN3BxeGFHRjJpU1lVRjFsMllwUlJwd3NwTHV0LURGbXpRbGdrdjlXUkdvc0NsVldyUHdUVEpUVFd5QVNmbmVLUmNMVzB6ZW1lMnhsNGxJR2s1aUdPQU1KZm85MWc0X0d5SllfQUg1Tm5HMTJTYllJeGdnSGtXT192ZUJOQU5KU1BZMW8wN21yeHNWYWtoeUE3cDIwVUdSNlFTcmMtbEJWZFExdmI3UGNGZnBzcVkxemR6YU1sSHdCak9PT2tvWktqUGRFMzZjU3FXazdOWFlIakFmcER2Nmo3QzRFZ3JwLVlUMHNQVmNiOWJoWFgxbXRWU3Nwczk2b1Q5dXJzSl96NmpEWXktaW1UMF96SmNZLThwbXRXQlFSc3ZvV3hRTU9ZdHhXS0pRY2M2UENBRnNOWVM1UllqUkp6TFVRUXV6M2pzVDVhUjBhZjN6Z1lyWXRkdWd3YVJ6SzdSV1dvczVSRWhQcFAwdDZyX0VXTDd2eHNlWkNQYzIzUlZDY3J5ZkF4Q25uZnRWVHNJVExVRTk4QlE4U2tWOTZRenoxa21ISk1jV2ZMTDdFWTJWZ2lMR1hwRnFUZ0k2Q3NuN21MLVBpQmdMN0c0amM0bEgwQXczV0ZSOGFjbEhtYmptSjhjbk5hYU1EWmJpSTRKQzVjSkhtNm5WdWRtSWdBb3FlbEpkck9MODc1MFB0bDM5VTVnTlVJVm5rVm5FaGJpbTZ2T2ZFZkgxM0kwb3VycjI2aEdxUFh0T2lldUlPV09ldnJlbkZIejBaZXlhSThqTUtGYnk4cUV6a1EzRjU5d0YzVUhVQnlBNzdwVFExUDNXa2s5XzhiMWZ0UldtR1RQcFEzTUI5Q1otRDRrZDQ2N1VSYzdzTlFfYmJnenN2bHNzVklCWXVjWVdEQWpkamRHY3BKdWZ2bU1tWUI4TjU1bFJGcV83MnhkbjdZQkZCLV83WHNuWmkzNFpuUzlFLTJMSk9TcTFyOHpfdC1VSmx3SVB4aVRyWmtRWHk5Qk82Zm1INEdlOUpsT1dNa0U1eU1ka1dteDVNSEwzSGxVUHdaVmV0X0RmX2VWRzNEQVZvTUd4ZnY3bnduOHFYUTFtYWlzVHloY1k3SjBrLUI4dzJOOW5VdV9JcHBxNlZKYkQwZEtQLUcxNkFQb2FKZENMUDByRmxJclpQWXY2clZTaVpkenh1cUo0b2drb0d4Vk1RWDc2RFk5UW9hR2tEYVdnclN4WHloTXM0LXNyaHNBOXdGcU1ESjNoUUtHRVhsaWxGaTdudjJIZ1RvVkJoaUVQVzRfUGQzMnk1ejRVV0NiNUdyR2F4eWNtenNIWDA1WHRhQmU0bkZYNVZIa2NDUUVZZ3I0MDFrNjdJQXRmNFZGX1U3OF9ySXhqWEJUMHZob1BNVF9RUjQzNXF0X1o4dHZLckRlUFN2eDJHXzQwN0RiRWFQNlRVdzhVcXFPaTJRTDd3T2RBbUJaOTNmVWgzODNIV1ZQbmFJLXZ0YW1oV2pRMHFJaVNVTS1QekNCZzZpS1ZLT0Jjcml1SU01c0JHLXh1WXFsOWFxX25rdmRHSnpibkd3cmpQemJZRjlQSnlYQjI2b0JZQnFpcVpFaDBuMVlTX2w1NGRNdGt0aWUzU1NfdlExdnJZMUJKZENVZWRFNnVxS2VrZmFFN295OEpuRElXbWZxZ1RpUktmdjZiSkZHTThzVGRtNGc3Ml9fdkJoTkd3aktJOEpNdVlfZXZOZGJ1X3hxWEI3Vl9tVU1SWUw2blhSbkk0NkNydXE5R1FEZkNRcFB0NlVqaUZ4R3U5N1ZtUEttbXZ0ZlA0YXlpalF4azlFaWsxbGVpbmtpWmlvWm5CeXVDaUVaUEFGUmNPdWVaVzRkcldkTGcmc3A9ZkpVampGaVdtVUVvSnBLWHVpWG4yUkhTSl9wOHVocGJhazdNQjJtYU83URoTODk4NjY1MzI5ODAwNjAwMjc1MiIJMzc5OTkyMzQ2KgdNZWRpYUdvwAOsAsgDANgDjrEk4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDIxNy42NC4xNTEuM6gEALIEEAgAEAEYygcg-gEoADAAOAK4BADABKeNuSLIBADaBAIIAeAEAfAEmvKYtQGIBQGYBQCgBZnw57zdo4T-PMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaqzRvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbVrwXaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxNzcyMzE0yAfS9gXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgB&s=6515adc2ef6bc28de953b6c281d6adb42a53a7a8&type=nv&nvt=5&jm=1003&px=1665&py=2336&bw=970&bh=250&sid=3469778991381070615&vd=ct~0|rr~0&sv=233&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22867065&sw=1600&sh=1200&pw=4000&ph=7976&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/233/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:55 GMT
AN-X-Request-Uuid: 5b4deec1-3804-44b3-a95d-764e3d000b38
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame FE88 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5837c680ceeb1ba116fbb09c44b8396b7fa70f7b2b711660dab6720945fb371

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 16E4 47 KB
13 KB 39ms
39ms Script
application/javascript 52.209.156.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=931294&campId=970x250&pubId=4531748607&chanId=22405397127&placementId=4601585758&pubCreative=138271807375&pubOrder=2260375129&cb=768511596&adsafe_par&impId=&custom2=top&custom3=&custom4=&custom5=top-01
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.156.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-156-69.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: fee6964f674ffcf8acd53ea4c0a5001ddb377f0a805aa76d6753515cb472cf1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:55 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK dv-measurements3886.js Show response
cdn.doubleverify.com/ Frame 83FF 534 KB
101 KB 23ms
23ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3886.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: f74a971771bbed56a13238f100e81152d4e14e3efb0a3da5772340955160f5d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 00:04:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2023 06:22:01 GMT
Server: UploadServer
ETag: "4bc7e362cab7f510577e8cd49ba8f796"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: ak_p; desc="1686182695913_34664206_79703331_6_446_23_0_-";dur=1
Content-Length: 103299
Expires: Wed, 05 Jun 2024 06:22:07 GMT

GET
H2 200 main.19.8.416.js Show response
static.adsafeprotected.com/ Frame 17A6 202 KB
63 KB 35ms
7ms Script
application/javascript 2600:9000:223f:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.416.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4193f3aba0317f0953ed1d14fd95938eacf60156c317f070f560e12e67b737a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 18:02:36 GMT
x-amz-version-id: 3p9ig6O7SiBTp67uBWAmtA0mX5.dWE7t
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 540139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 01 Jun 2023 15:26:41 GMT
server: AmazonS3
etag: W/"e72c0c31bc84f756b800771f6ff5a792"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: IawPoWKVKzGAwy0sXub3DCRhNJIj19jhr7HW9SierxOB-7XSYYxkvw==

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 5551 978 B
902 B 225ms
23ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=405&ttfrms=27&brid=3&brver=114.0.5735.106&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETar9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&dfs=110&ddur=136&uid=1686182695924492&jsCallback=dvCallback_1686182695924996&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.106%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3886&tgjsver=3886&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.theonion.com%2F&fwc=8&fcl=1130&flt=44&fec=1776&fcifrms=13&brh=2&sdf=2&dvp_epl=238&noc=4&nav_pltfrm=Win32&ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&btreg=4601586157138271806400&btadsrv=4601586157138271806400&adsrv=104&unit=728x90&seltag=1&sadv=4531748607&ord=2260375129&litm=4601586157&scrt=138271806400&splc=152253218&adu=22405397127&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&cb=1422380071&region=70dvtagver=6.1.src&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=37942747577.837875&dvp_tukv=504871707.2346704&dvp_tuid=173574900611&jurtd=85427345
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 3e2381d8ffe09d762e98da0f4ae908adc60b17ecfa948099c6612588b9d3768f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:56 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 06/07/2023 00:04:56

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FDAE 34 KB
10 KB 24ms
24ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0b2cec4a7f5373abdc638ac2803d3edc6d119f64e1aacb62800bfd45eff17b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 00:04:55 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jun 2023 14:29:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=51818
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 08 Jun 2023 14:28:33 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 137ms
105ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theonion.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 08 Jun 2023 00:04:56 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ Frame B6DE 0
104 B 106ms
106ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 08 Jun 2023 00:04:56 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 c5060262564012214fe6aea2cb5c74da__scv1__300x175.png
d2cli4kgl5uxre.cloudfront.net/ML/ Frame B6DE 114 KB
114 KB 7ms
6ms Image
image/png 2600:9000:211e:600:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2cli4kgl5uxre.cloudfront.net/ML/c5060262564012214fe6aea2cb5c74da__scv1__300x175.png
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:600:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5cfb1037075cb57541adf2406c2fa1afd4dbdb871ae23130d949185087da7103

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: QnrvitjnImevEUyjHrXufHvIzWJ7c7YB
date: Wed, 07 Jun 2023 18:42:44 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 19437
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 116452
last-modified: Fri, 19 May 2023 13:24:55 GMT
server: AmazonS3
etag: "78e823a90306848fbb45ce337cbc55c3"
vary: Origin
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: fXK5SU7YOnPYMm9_Ftkc2AVclYDhM3UgSwV-s3K8pMmwnMaFJ7NqrQ==

GET
H/1.1 200
OK blue-arrow.png
onlinertb-us.s3.us-west-2.amazonaws.com/js/images/ Frame B6DE 28 KB
28 KB 386ms
181ms Image
image/png 52.92.251.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinertb-us.s3.us-west-2.amazonaws.com/js/images/blue-arrow.png
Requested by: Host: cdn.mediago.io
URL: https://cdn.mediago.io/js/template/style/style_banner_970x250_standard_7d44cb.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.251.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bf282b4ef41bf52ed9cb27a33190fdcf162f28a2c126beabaad623eef16148d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.mediago.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 00:04:57 GMT
x-amz-version-id: null
Last-Modified: Thu, 10 Feb 2022 06:05:51 GMT
Server: AmazonS3
x-amz-request-id: QF87CSJ7Q7EKVBCT
ETag: "3da1ac71a612038f43614f4891129b18"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 28511
x-amz-id-2: 1iuC9qOqMvHYbCmzafFCLxOukRFKHD45z3XyUhMJ7L2DUtRnrHTcbny4b7dcVmPCHsW8J042Bww=

GET
H2 204 ic
trace-eu.mediago.io/ju/ Frame B6DE 0
38 B 31ms
30ms Image
text/html 35.214.168.80
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace-eu.mediago.io/ju/ic?tn=39934c2bda4debbe4c680be1dd02f5d3&trackingid=64569c7db2e6242882d47dd859a0971f&acid=21014&data=7XiAQC28AJS0A11sLvUgZ-o07ddvrBeL8ATYKR96_wH5a_y7JTShMDuDQDDAz3AaMT-7FPOMXO7xN05lBmLZYbkSMFMbzS_m2nz0z7O_ckiwvlXrjIsPj4-KgBr8thqlW5erMch-1Ttic9t74qKG8uhIAKQ1Su0pehahsyk46BLCB_YDQVRIRDTEQB7Xb1at5wV6iD2pv3iijU1U9Vy8kJQSVnz0KJlHuSAVQzEQAC07ObuimMmBZntCwEKn0LpOuDqdzJgYfpD6pty8vul-q8cYNOxD9H-e0y5vcz88Q8xEWT43_bpP7DnDXaVHInXuWogTMUXyANFqIz3b2BnlMAg_Ntw67FKluja5_qiWOLWqzAeHD560KkeQBiNtNYdT8E-JhHVU0GotH52d8LxcfqfW9cBKivj2qYhL7x5sEawDtEIz-Qok-oBamFGdbsNuXo_Mz1mDqstgEyMCjX43F8_xROQ6gtiLO65_jCtTAyrkm3Dw9jt-3i_MejlAJsaZOYZkIPhJdODMFGJsSekf9OolwP8GjKQOEXmA1fVpXV_agWXIyUrSNUOMjt7PfrQ-ZDcj6i25R3798R6B5FD-6cb2ZjRR5OHyvl0x05XVjqSbrh_uGesKXGQ4f71X834aeZl-FFB-E63ox4zFlyeaW7yStH_4hFKJAKk52QAT0EBNdcOJVXQKqEM0UUOp0UoO3iTQAIrgGvnWbWlXGxImgX_KoHPXgz9uMAm7raQIG1iiWlbdIV06o3YHBW1_MLIxkECKhzbXelRA1zIFc2hHTKI7-1ZZLpEbTYkspWViHyllhEqQvyVn_idvOcvE5LnVhAAQ8djvCYQE3ZfywAOc-0TmrEbnURV02dFj01usHzxo1iKO_L0ed3HYVS1h5v8NPzLl_-KwzOYTttMiXNn7b7qqUJHbrUxxMvUh-vauCTI5qiSSFWodo4bEpaqYo5uRYMBP5xhkiTT7zKu6wVffqmogDxhGqSYXv08LEaNzDCfTJ9Xr6sP_27b64lC052vcYzuhSztS2bWNKnI1J0oOnnoYIQvHnhrDcsZ2zTlbABw&uid=mid_6a81463d5e3fc0656428b04a94f84c17&mguid=&ap={AUCTION_PRICE}
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 80.168.214.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B6DE
Redirect Chain

https://trace-eu.mediago.io/cs/xandr?rdid=dab518c1c06d4adf482f115d17ed003d
https://ib.adnxs.com/setuid?entity=529&code=6a4ad7962b6e34d5288849ab134a4550

43 B
1 KB

21ms
21ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=529&code=6a4ad7962b6e34d5288849ab134a4550

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:56 GMT
AN-X-Request-Uuid: bcf938b8-1318-4e9e-a5c9-2e28a0461f8e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/setuid?entity=529&code=6a4ad7962b6e34d5288849ab134a4550
date: Thu, 08 Jun 2023 00:04:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame B6DE 0
929 B 27ms
27ms Script
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.theonion.com%2F&e=wqT_3QKaBOgaAgAAAwDWAAUBCKW2hKQGEKCSsfD48YO6MBgAKjYJ4Sh5dY6B6T8RskLbewJy5j8ZAAAAIIXrF0Ahsg0SACkRJNAxAAAAgD0K8z8w-djzCjjoO0C4aEiRBFCa8pi1AViegnhgAGi6pmR40vIFgAEBigEDVVNEkgUG8P2YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOOsSTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS4zqAQAsgQQCAAQARjKByD6ASgAMAA4ArgEAMAEp425IsgEANoEAggB4AQB8ASa8pi1AYgFAZgFAKAFtJao2bDN-ao8wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAeoFDAoIVGhlTwG_ZBIA8AWqs0b6BQQIABAAkAYAmAYAuAYAwQYABQEs8D_QBtWvBdoGFgoQBREdAZgQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxNzcyMzE0yAfS8gXSBw0VfgEwCNoHBgFocBgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgB&s=15162d9848bda53cb827c33d04939c6556885f35&bdref=https%3A%2F%2Fwww.theonion.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.theonion.com%2F,https%3A%2F%2Fwww.theonion.com%2F&

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:55 GMT
AN-X-Request-Uuid: 67076c0e-492b-476f-9adb-98b902d71fb0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4B48
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=theonion.com&sn=ChromeSyncframe&so=3&topUrl=www.theonion.com&bundle=I3-Iu19iM243VW4wdmtjWkQ1OTRYUEhyWlYlMkJ1dmtTR05nckY1WEpzJTJGSGxpSkhMVl...
https://mug.criteo.com/sid?cpp=yh4BknxkME9td2E1Rk5EZnR4enRrS1FXVlVUUThhcmxNemNWaTVvdU50aDZkSFFaQS9SY1hLc1oweVp4cjhPRVFjMmJ5RWpjZnI2cHdGdS9id00zb3d3VWwwUXYzLzNtRW9SNjd2MThPV1ZwRFhReHNPWUhBd0VWbjJJdG...

425 B
647 B

25ms
25ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=yh4BknxkME9td2E1Rk5EZnR4enRrS1FXVlVUUThhcmxNemNWaTVvdU50aDZkSFFaQS9SY1hLc1oweVp4cjhPRVFjMmJ5RWpjZnI2cHdGdS9id00zb3d3VWwwUXYzLzNtRW9SNjd2MThPV1ZwRFhReHNPWUhBd0VWbjJJdGd2RG9pSERoRHBGa1RHamJQbXF0REJTcFp1b3FQd2RUZEtFVmlwVTgxY0taQmpyYzhieGNid1JQMlE5M29rRFJtRHRxakZlWXJDYXRKOENNUUR1UDM3WnU5cjV4blVsQXh2UTBQVDkyTHVJUEVFQlZNUzEyeC93MEV5TVN2T3NLa21RdzhQdHcrVzljdHBFU0RvOUQrSnMreHo3cUppOS83Wk9ZajRiM2xkTFJpS0c2VVdoOD18&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3cb1bf20774837d8da942332ccd8721486392cd3e9d43dbef85a45bc0e14330a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:55 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 871587
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=yh4BknxkME9td2E1Rk5EZnR4enRrS1FXVlVUUThhcmxNemNWaTVvdU50aDZkSFFaQS9SY1hLc1oweVp4cjhPRVFjMmJ5RWpjZnI2cHdGdS9id00zb3d3VWwwUXYzLzNtRW9SNjd2MThPV1ZwRFhReHNPWUhBd0VWbjJJdGd2RG9pSERoRHBGa1RHamJQbXF0REJTcFp1b3FQd2RUZEtFVmlwVTgxY0taQmpyYzhieGNid1JQMlE5M29rRFJtRHRxakZlWXJDYXRKOENNUUR1UDM3WnU5cjV4blVsQXh2UTBQVDkyTHVJUEVFQlZNUzEyeC93MEV5TVN2T3NLa21RdzhQdHcrVzljdHBFU0RvOUQrSnMreHo3cUppOS83Wk9ZajRiM2xkTFJpS0c2VVdoOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 342650
content-length: 0
expires: 0

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame FE88 0
952 B 32ms
15ms Ping
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.theonion.com%2F&e=wqT_3QLGFejGCgAAAwDWAAUBCKW2hKQGEI2ymZTjprbQaRgAKjYJ1siutIzU4j8RqALNaxWS4D8ZAAAAQArXGkAhqA0SACkRJNAxAAAAgD0K8z8w_tjzCjjoO0C4aEiRBFCa8pi1AViegnhgAGi6pmR45fQFgAEBigEDVVNEkgUG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqA7oRCo4RaHR0cAEv8NB0cmFjZS1ldS5tZWRpYWdvLmlvL2FwaS9sb2cvd2lubm90aWNlP3RuPTM5OTM0YzJiZGE0ZGViYmU0YzY4MGJlMWRkMDJmNWQzJndpbmxvc3M9MSZpZD02ZDA4ZTNkZTgxZTI4ZjFiZWI4YmU4ODAwNDkzMDQ5ZCZzZWF0X2lkPSR7QVVDVElPTl9TRUFUX0lEfSZjdXJyZW5jeT0ke0FVQ1RJT05fQ1VSUkVOQ1l9JmJpZF9pZD0ke0FVQ1RJT05fQklEX0lEfSZhZF9pZD0kexFPAEEJFwWTgCZpbXBfaWQ9NzYxMTMyMjE5NzA1NTI2NTAzNyZwcmljZR1r8E9QUklDRX0mdGVzdD0wJnRpbWU9MTY4NjE4MjY5MyZkcD1hQTl2WW9heVU3ZTV0SHp6b1RxaHk4d25rT3c0V3pVemtlTEpQM1V2RUNrJmRzcAF49HUIMjImdXJsPUJCLVpHVU92OTZQTGRISlJaU2xmc1JhdHlQdS1BOU1EOThYZGRqRk5yQm9uWWQ4OE9CV3B2ZnQ2VExSYUtNT0J6OWRpbXMxeGhKemhUTGFSekZ3YzJkbERUSmhGaWR2Z3FLczU0dVJqSG1uV2sydEhuMF9JVjhOMmdlX0NJTjVRTEhWSUxuQTFZaUlwUUZPZGIyYWJGdTJCczRGNHRLLXF0TkRIcEVzQkgtTjBUUlQxWEIweEpRQW9JWVRBY2E5Y3gxZDNNWEx5UjF3Tm16NHBYM1hKRWFoMFFNMTI1RkYtdEhtekNMWHlhMEpoM3BIYURreE5CU19ZZlhOOE9oRGQ0TlYwbVhLeldCQVpJYXVtOXpmbElhTGwtX3N3eFU0Uzd4aGJHWVFESU9KclhxNEFjLVZfY3kwMXpBZ1ZPSGljYTdGaWNnS3lMQWItOFluOWNpcDhFYU5kRzVvMmVsWDdPOE10aVloeU5DcTc0Wm1qazFyR0k4RUdXQWN2Y2lqRHViay0wRG5hNDhnejQxOGhERHY5cEdmZEZtdWwxbEpidjVWc19zb09KckFPTWNkc3lsSHRoaGgybDA2QVRDd3QyVjNaZ1ZpTzVLc3l0UlZoQ2tQUEpSOW9iYTZTS3RnZ25Wb0dOaVR4aXBfMkZIS0ZkblNfSWZLQ1BETS14TGI0ekFqYXpfaUdKd21VeEwzNFY1M1NTbm5ZNnh6LTEyc3ZXa1BRd1Q3d2ZWbzk2eG80ZHhXcGZyLVRtajNMYUdrWnFPUkF6SnVaVFAxX2llZFFCbTR4MVRKY00xNnVsQXlpQ3JvV0p5RGJZLUZENGlwUFZsUi1mNHpXWl9VQVBoM3I0MzJXWVM1YjJWMDBMM0F0NnFmdmtjazZHYXpld01Zd1RFcXBQNzBNZmYxQVNkMkd6RUQySzd1WWhsQUJ4eWpINElGLWtraWFjX1J1VnVITjJjQXpuSWRlT2x3ZGxmT29kNUlXSWlIeHlzQjViYU92ejJqWTNTeVhucjhSNW9pb2tJMUNBOHB2MEludzJaX1kxeE8xN0JUQmRNVDhxVWl3WmY1ck9QdXI4VDc0eE12NnFCOWRWV3JsNVAwRExSRUd3clpMMDl0OHpJQUFCeVl0c0VsdWYtMHNmX2ZwSkM3cnlrSUFUX3pxbDZrWWNLcTZ0SEFiVlBwRDBJbHJmTVNzUTM3bm4wYTN4SENZSTB5MkplOGQ3Unh6Si1KQ3MzWFRsT3hucjdkM0JRa2hlYXpnTm9sSW03eHpUUl9xQlBNNWZkYUtWTnk0Qzlsb2Z5YjdQbGk1S0ttRjRJVEtHLVoybzdRcUVCNE5hQlAxd1RTYVU2dnlFeER5TjJYamprUUJYVE5KWTlMTklQSXBvaVdqWTUzU2tLNnVVTUlKVG1ndmZRbVBMeFVoY1dfUnktZkgzQUJONXJVNzJlYmRDcGtpUmxReEFxTG8xOW96LVE1SlpwR3RuTWs2MGRfZThkTTFsbmg4QzItRE1VcnRUTTlaZ1FyckptbVpPcW9lVjdHYWdYemlqOHlYMlFlXzM0N3JTME16SEQyWWthUTR4Vm1sZXZEMFpIdXdQUkc5UVRkbVJYSm1XQ0JWNjNpc1hncHNNOFU3azBVUDBCZ1g4WjRQeU5yS3MzcF84NmZiQmRUVWw5M3BOME1COGNTdm5MZHc3NXFobEduVEhhN2RLVFZ4V3hYZFMxamp4d3J4RmR3eDc1Sm1rZXFEUktEZXBSLXdxNGxUUzhKVkdKZWdkNlAtQ1JZdFB1LU5JMldxTXNXMzMtNG9tenAwT3M0cHJ1LTlBTjhPTDdhUGY5VlpyOUZnVk5MZGx1WE92UkJ1Rnczcnd6a19KQjJteFFJaUFkV3BncDJycDNUbTQzMFA3SVRGalJMNV9JM2VSN0Noakx5b2JHbTBQdHdhS1FVd1gzdzdHV2lKaG5mYUotWDJVdXc0Mll2NFlwOW5wcnhRa3FUUm1CZE9ISjNHQlhTbHJWNjd3eTVnZ2M4QTk4bmhyMUR2LTRXcDd6NFJiYVkxQ1RsdU8tdmhyal9HMHlobmpyOU8wRm8xSFF5WFdBLUtCTFJJTFpkWDZIOGdYX01WSGY4V1o4ZlF1SkxsS0VVVnp1QXV6LThfdzhOMWRpZmxUMUVPakM4ZkhFaGxLQTlndkF5WHo4ZzdCZ0NlUmFLZGFZRWZ0WVUtQm5KQUZOaWZTZTUtU2pYX0cyOERNZEd6YTJYYXlaQ3cxNnlVc2lSYnFhWFgxdTRtdkRsQzk4bUZMbzRSMWlOQ0V6NmhRY3BVOUtwV21BUkhUTzBEUXladUlMek5tQTlVMElCZDZKci1tY29yd0R4SG9JS0JTUjgmc3A9c3BOaXBHTEVVVXIweFp6UGhPTjVsMFZmOHZ1ZUNKNS0xajVfbk96c0pBURoTNzYxMTMyMjE5NzA1NTI2NTAzNyIJMzc5OTkyMzQ2KgdNZWRpYUdvwAOsAsgDANgDjrEk4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDIxNy42NC4xNTEuM6gEALIEEAgAEAEYygcg-gEoADAAOAK4BADABKeNuSLIBADaBAIIAeAEAfAEmvKYtQGIBQGYBQCgBY7wyevwv8KcesAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaqzRvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbVrwXaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxNzcyMzE0yAfl9AXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgB&s=38c3022cb1a86fbbe39bdf6bad6e630a37812216&type=nv&nvt=5&jm=1003&px=1515&py=178&bw=970&bh=250&sid=3469778991381070615&vd=ct~0|rr~0&sv=233&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22867070&sw=1600&sh=1200&pw=4000&ph=7976&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/233/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:56 GMT
AN-X-Request-Uuid: 85c6d88c-c8bb-482f-8deb-995c8de4456e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 21ms
21ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230607-31-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Thu, 08 Jun 2023 00:04:56 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 1448
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1686182696.034760,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 84
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 1047

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame FDAE 0
239 B 422ms
95ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=LIMDN14J-G-HMV8
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: ffef7c53154b04a892ce1f9531c32cb1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 main.19.8.416.js Show response
static.adsafeprotected.com/ Frame 1EE4 202 KB
63 KB 7ms
7ms Script
application/javascript 2600:9000:223f:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.416.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4193f3aba0317f0953ed1d14fd95938eacf60156c317f070f560e12e67b737a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 18:02:36 GMT
x-amz-version-id: 3p9ig6O7SiBTp67uBWAmtA0mX5.dWE7t
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 540140
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 01 Jun 2023 15:26:41 GMT
server: AmazonS3
etag: W/"e72c0c31bc84f756b800771f6ff5a792"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Cq5J5WjNfkQoN0U4mDxSr-U_MDLALlBZmhMuJ84bUUwR4ws29N2v4w==

GET
H2 204 ic
trace-eu.mediago.io/ju/ Frame 5EB2 0
121 B 25ms
25ms Image
text/html 35.214.168.80
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace-eu.mediago.io/ju/ic?tn=39934c2bda4debbe4c680be1dd02f5d3&trackingid=507b6066feee1ceda5c4a6cdb9f61ec8&acid=21014&data=AKDKvmX6W0mThKLCaYKRMrgdY_GEDlBwm0L4WTn2YhUWdDzHnO9hsKBYw-a06OCXaT3zPNnKUB2_pd4rkf0IgeBd1AfcDYSX3xjghxXVWAEP-kJmX5q8vzxr65C4pyo034i9eMqKkkx3pMuoA5cwEDqnix73b9L7TongrIOFbaiNAlRuykAvbB6v3WYLhZvSj-HlPx3Y-2IxFeYfI14v_DgURfWPxMmoqSyNRumd-QADppnNwPzDJjY0Z8vpLupyzx7hNqHgKrq-gGGWtSWgPm1Rgwb3Jb7psSaXGoDXjMAa-r_POwwY9Ke0E2I-7x0hqQGgpYBOSw_pS3GYKdiMC7xBBaqi6ZqePRvZW0SNs3PBjmPDbUgMlDHbufGzC_6v6zYYV7wT0bXobXvVG8jvSYbkn1VVrpRb9TziRCzfINb4ABLaTScsTrnQ4QjASYznAQ9daqFg59srld3x_OGDM3yTvJmbVR38m0Gh2ysKkZ6vkhTvFPyX8luiCB0fkDQH4XHb305R6AUdYgvYmyVRXZhE-X31Js-Ap8H9PCqmy5OUEvSh4SRmvEVI4fG2ghY8-EW0yCdNYHfHARs0RWkBrb5BxhezrZfjPCH-3eOpdwraKkMfA6KDnw-T3Kg8xqMVBJaDTwGCEgGnWZ38zAFpzJW7-lLFl_ChwHnitPLh09i2sn2pIl-jwMl_HJ7wS-6XE8sN8W_OfE5exE-a3bxBnt8AZkYfqrfPWXj1KlkSGWnx9H-2zfFvSlds_-z5ShKlMJVnb16nObyGGKIjXCq0qvnUcdWExEGxKlFZljIBSi9vV9qKbmm1ZNHiMREOpvCQjUxkzE78gsusRl_zUudxZ5k97In0gjksBZOjNdl0DLoRLRDy7n7fpTBVwyIQ6KqP59SpAxb0lPwHI2PXasECRBBKysRMzAkNhBTQQ_nEza6mH4zoVgJLYm88kRgBSvJ5_q1hF0cNM4VIgr_0Trt6Yx9Oxnr1ktTth-LxDZiLPpxHmAbhTI9gZNloGy1VxlEyMCt-IBG-wh0OnqQvIvlx7rmtce0G8l64t7x-6mKKhmU&uid=mid_6a81463d5e3fc0656428b04a94f84c17&mguid=&ap={AUCTION_PRICE}
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 80.168.214.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 2260 978 B
901 B 105ms
23ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=225&ttfrms=8&brid=3&brver=114.0.5735.106&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETar9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&dfs=43&ddur=25&uid=1686182696045853&jsCallback=dvCallback_1686182696045883&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.106%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3886&tgjsver=3886&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.theonion.com%2F&fwc=8&fcl=1130&flt=44&fec=1777&fcifrms=13&brh=2&sdf=2&dvp_epl=238&noc=4&nav_pltfrm=Win32&ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&btreg=4601586157138271807375&btadsrv=4601586157138271807375&adsrv=104&unit=970x250&seltag=1&sadv=4531748607&ord=2260375129&litm=4601586157&scrt=138271807375&splc=152253218&adu=22405397127&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&cb=232953696&region=70dvtagver=6.1.src&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=194115791066.3899&dvp_tukv=10707188527.53785&dvp_tuid=249896579199&jurtd=822248461
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 02a5815c243f5f9d4a9f3bc631b44bbfa72409157d85a78d9f15d454fd2c22f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:56 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 06/07/2023 00:04:56

GET
H2 200 main.19.8.416.js Show response
static.adsafeprotected.com/ Frame 16E4 202 KB
63 KB 19ms
18ms Script
application/javascript 2600:9000:223f:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.416.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4193f3aba0317f0953ed1d14fd95938eacf60156c317f070f560e12e67b737a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 18:02:36 GMT
x-amz-version-id: 3p9ig6O7SiBTp67uBWAmtA0mX5.dWE7t
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 540140
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 01 Jun 2023 15:26:41 GMT
server: AmazonS3
etag: W/"e72c0c31bc84f756b800771f6ff5a792"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: wihZ5ddQ4rh-NtuNvH8dkwziA0FEGtXRmK5rsK-i1yObFUTEyYTHHw==

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 83FF 978 B
902 B 81ms
24ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=190&ttfrms=6&brid=3&brver=114.0.5735.106&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETar9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&dfs=42&ddur=22&uid=1686182696071581&jsCallback=dvCallback_1686182696071308&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.106%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3886&tgjsver=3886&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.theonion.com%2F&fwc=8&fcl=1130&flt=44&fec=1777&fcifrms=13&brh=2&sdf=2&dvp_epl=238&noc=4&nav_pltfrm=Win32&ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&btreg=4601585758138271807375&btadsrv=4601585758138271807375&adsrv=104&unit=970x250&seltag=1&sadv=4531748607&ord=2260375129&litm=4601585758&scrt=138271807375&splc=152253218&adu=22405397127&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&cb=768511596&region=70dvtagver=6.1.src&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=23247223695.8277&dvp_tukv=598441514976.4452&dvp_tuid=1253233031033&jurtd=233669594
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: f90ef610e704a3d58445f1d99f4bd0eaf17bbf28b741435254e000e7621882d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:56 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 06/07/2023 00:04:56

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame D199 91 KB
23 KB 7ms
6ms Script
application/javascript 2600:9000:223f:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 22408120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: KcpB1ujEfziJXRd1-aL6wSHQo8tOmUDkKSXnlAv7TH0Bn_wdoU9sHQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 39ms
38ms Image
image/gif 52.209.156.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=931294&campId=728x90&pubId=4531748607&chanId=22405397127&placementId=4601586157&pubCreative=138271806400&pubOrder=2260375129&cb=1422380071&adsafe_par&impId=107f6dd0-0590-11ee-93a7-06d8cca89c2a&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-01&adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:2b51dad6-edea-33bc-4bc9-7d5a70753f0f,c:eTShLc,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-597464b965-nhk74,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1515.1432.970.250,am:i,cc:1515.1432.970.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:199,mot:0,app:0,maw:0,fm:tGxIKH6+11%7C12%7C13%7C14%7C15%7C16%7C17*.931294%7C171%7C172%7C181%7C182%7C191%7C192%7C1a%7C1b1%7C1c%7C1d,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:218,oid:1976324a-0590-11ee-a433-ca649af5c2ba,v:19.8.416,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.156.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-156-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
server: nginx
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 636ms
177ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=2b51dad6-edea-33bc-4bc9-7d5a70753f0f&tv=%7Bc:eTShLe,pingTime:-8,time:220,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:220,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:217,wc:0.0.1600.1200,ac:1515.1432.970.250,am:i,cc:1515.1432.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B17~0%5D,as:%5B17~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tGxIKH6+11%7C12%7C13%7C14%7C15%7C16%7C17*.931294%7C171%7C172%7C181%7C182%7C191%7C192%7C1a%7C1b1%7C1c%7C1d,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:219%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 204 ic
trace-eu.mediago.io/ju/ Frame FE88 0
121 B 19ms
18ms Image
text/html 35.214.168.80
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace-eu.mediago.io/ju/ic?tn=39934c2bda4debbe4c680be1dd02f5d3&trackingid=625a252b10c471a4b1d7e495b264f5fa&acid=21014&data=ImNCQ36TbYpgrTEJptkA3VFC-Xim8A1pA71HlY4Z3-YlMecD1nRvISW-MIVyZdXnJd4VHrKuc19-elzf71XikbfNHZXYtdufUFmXOnO8nTUjBkoL0Rb8sCEzbaJvXHDGOhTrhvK6L7YOsUcJbn0Qj6mbdkJW3gtCAr3gVqFtH3Oqa0EFC2EVWM-mXwnjNYzqPLbmf2SqLP1CbDhrQycO8sXsbu8-lrDwxBEp7i3JqE6ufaJ4_p7G2OF5soEj4ilQTrGdjpR3nHr9WMVmtCX0FMRJvdMSgfFiBOMp5ePLuzcwNUHHYUZ26geJQqWPyS2Op3n4FhwktrrpODoLc7_TzPuKcLaf4sORBcwmqt8cQRbevlnrV2cWXuEssSCYSCV-8S3hK2gFJxzDxA09PVF845s9KSNeyjK6xwOuuyn1x6SspxD7NUgHV-9VGhe8vXBxfaCKYzYVt1dCxP3hNUw_jIi4gNASXejELV6FiPAVlJ-lnvfU5lX6mujh2fbgt-TE81wVR4U_mhetkKNz1_oVIEPwaE1-TYKej797DImHpN5QPyjQUFqe0uc7SJ3c7oIrT09zpcBzCjcs9fwRFmLJKes__PHBlxdsa0SYCxfMWWocSZAIRaxzSJZnw4FZ4YuMFRf7PwGpRed-jQ3309LJTcGCkOAEs63bo6WNmmHDiTULpUiUNaoTMjYbRZ4Jfpsd2GIM-LK78U7GPeYpviDURcvsKYyB_dg1fqIBZEoc1Y4WPIIDoujsv5KVF0lbFaQp1Dq-50GPUjMZ6LyK5uXEF7RTzNzvtkalEpGqbG40FRsE4On1V0ruoeD42-4At5NtU9F0Fqh41eQR5KU8erxYNUKaoYET5FPThUqJCgPZfGnnkMPt3dHOJF-kI-tG4YpY-qElVSiMV5aKkfA3319JLmRBVOVQLZv6GodPkLR7aaNYq3VroZ9Oi2ub4hWI3vLveZfzN9ryi2Lw7LLLqzS2dKmZHm1sVpI2yZd_7DKG2_INdxtomgLYb3ObiZ-JaiZ4WgsBABGjfhTDO4ppENTJ7NKX1C3LQ0a94hBH9nEUtu8&uid=mid_6a81463d5e3fc0656428b04a94f84c17&mguid=&ap={AUCTION_PRICE}
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 80.168.214.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame B6DE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b82e88f8c052dd3bf8d33f25181b20e0206b1e409c30442cb846c15c17f2f012

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 153B 47 KB
13 KB 33ms
32ms Script
application/javascript 52.209.156.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=931294&campId=728x90&pubId=4531748607&chanId=22405397127&placementId=4601586157&pubCreative=138271806403&pubOrder=2260375129&cb=48184410&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-03
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.156.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-156-69.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d79ac6226821957ccbddae6a5dcdf15de1686620ef0ba42aee2c162ee9a2945b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK dv-measurements3886.js Show response
cdn.doubleverify.com/ Frame E81C 534 KB
101 KB 14ms
14ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3886.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: f74a971771bbed56a13238f100e81152d4e14e3efb0a3da5772340955160f5d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 00:04:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jun 2023 06:22:01 GMT
Server: UploadServer
ETag: "4bc7e362cab7f510577e8cd49ba8f796"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Server-Timing: ak_p; desc="1686182696259_34664206_79703394_6_474_13_0_-";dur=1
Content-Length: 103299
Expires: Wed, 05 Jun 2024 06:22:07 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame FDAE 70 B
264 B 34ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame FDAE
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIMDN14J-G-HMV8&gdpr=1&us_privacy=1---

0
651 B

205ms
183ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIMDN14J-G-HMV8&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:56 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E115B7E3BBEE4885B187FB109B48A5FF Ref B: FRAEDGE1113 Ref C: 2023-06-08T00:04:56Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX9kwCqEDzwKI9pq5SfxA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LIMDN14J-G-HMV8&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FDAE
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzE5ZWRkNzA1ZjUxNTJiZjBkM2NmZDY4YThkOTEzNzkxNzQ0ZGY5Zg&gdpr=1&us_privacy=1---

170 B
243 B

19ms
16ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzE5ZWRkNzA1ZjUxNTJiZjBkM2NmZDY4YThkOTEzNzkxNzQ0ZGY5Zg&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzE5ZWRkNzA1ZjUxNTJiZjBkM2NmZDY4YThkOTEzNzkxNzQ0ZGY5Zg&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame FDAE
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
568 B

111ms
111ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HD0KTM967H05J385VAJS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SR00YANY9RMMB84R92G2
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame FDAE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEIlYQ2fxi1atsMMHUIMOqws&google_cver=1

0
239 B

31ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEIlYQ2fxi1atsMMHUIMOqws&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEIlYQ2fxi1atsMMHUIMOqws&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDAE
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TElNRE4xNEotRy1ITVY4&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEJ5KAftTBN4Jaq_bxSHIN0M&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElNRE4xNEotRy1ITVY4&google_push=&gdpr=1

170 B
188 B

17ms
17ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElNRE4xNEotRy1ITVY4&google_push=&gdpr=1

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

Server

142.250.74.194 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TElNRE4xNEotRy1ITVY4&google_push=&gdpr=1
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame FDAE
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
568 B

39ms
39ms

Image
image/gif

67.220.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

HTTP/1.1

Server

67.220.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B160GXTBQV92E94D8F45
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NQ6EC0KFDQ2YJBZT7PKX
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame FDAE
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/Kn1TcBu5BFB3APESRfS7ww?csrc=&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zlmuWZtE2oKssTzcgyoiNVn066SGiIrwoya7RQ--~A

0
239 B

22ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zlmuWZtE2oKssTzcgyoiNVn066SGiIrwoya7RQ--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 08 Jun 2023 00:04:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zlmuWZtE2oKssTzcgyoiNVn066SGiIrwoya7RQ--~A
content-length: 0

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame B6DE 0
952 B 13ms
13ms Ping
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.theonion.com%2F&e=wqT_3QLGFejGCgAAAwDWAAUBCKW2hKQGEKCSsfD48YO6MBgAKjYJ4Sh5dY6B6T8RskLbewJy5j8ZAAAAIIXrF0Ahsg0SACkRJNAxAAAAgD0K8z8w-djzCjjoO0C4aEiRBFCa8pi1AViegnhgAGi6pmR40vIFgAEBigEDVVNEkgUG8GGYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC-lbgAp6oPOoCGWh0dHBzOi8vd3d3LnRoZW9uaW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqA7oRCo4RaHR0cAEv8NB0cmFjZS1ldS5tZWRpYWdvLmlvL2FwaS9sb2cvd2lubm90aWNlP3RuPTM5OTM0YzJiZGE0ZGViYmU0YzY4MGJlMWRkMDJmNWQzJndpbmxvc3M9MSZpZD1kYWI1MThjMWMwNmQ0YWRmNDgyZjExNWQxN2VkMDAzZCZzZWF0X2lkPSR7QVVDVElPTl9TRUFUX0lEfSZjdXJyZW5jeT0ke0FVQ1RJT05fQ1VSUkVOQ1l9JmJpZF9pZD0ke0FVQ1RJT05fQklEX0lEfSZhZF9pZD0kexFPAEEJFwWTgCZpbXBfaWQ9MzQ5MTQzMjcyMDM1Njg4NjgxNiZwcmljZR1r8E9QUklDRX0mdGVzdD0wJnRpbWU9MTY4NjE4MjY5MyZkcD1LRDhPd0NFNTh1cW1DVkJUWmdRd1J3ZU9DQmpDcElsc045c0VhdzM1RTdBJmRzcAF49HUIMjImdXJsPUVUb2YwckhVamZCaUNTdmJFWVRwTHAzelFuTVhKSEpnNkQ0dEFvLVFWUWRrQTI0d0xreWhaTTlWVVFlQ21TQlNnYjFEalFRcTBnYmRlZGwyNUEtUHJkQmVia0VYdlZJQ2xDMTl3bV82S09Eb2VhNHFRckFkLUJhUks0cENoRTNxekJJSzZvQVdpUWlwQzJ4SlpBSkY1dGRPNVBNOUMtbDc1UTE0ZnZOMTlQTldoa1NDbml6VEdjTW8xOG5zOHlxZVBxVzN5UTc3dUpOZGhrSFZvMUZfcmRrLVlBR3FyY01qeXcwSUVBLUpxQ2MyX2V1T3cwMUkxTG5FUGpQUzQ1R1hlX0Q4LURvSlE1VDAxM3g3b1ZfZjRGRjRDeWFuRncyRXNKdFFWRU5MZVJjb2lVLV9pS0ctaFYzTGlZd3U5Z0t1Njc5eWpRX2x3b0lId0xsNE1IN0xrUzktQW9jZzJSQkhoVTlnLWtVVlVJX0ZrQjUtV0JreFduSFpsMHozUUlMTlZucjFDc2JnblVlRjdwTXpvUFpkcG9xMGptSEt6Qm5BbFBXVkhxV0dKbXlJaDZORzNfdUJnUy1za2VHazd2U2I5cUtodC1ZZlBjei04WFlzNkF0UVNyODQ1TEZfQ0E2cmpxaDlQV2d6SVdSNmhPYXd6NVViVlNkVnQ5c3lOWHZPcmFJZTN2WkszQTdpSnhidmRtTDE1eVk5cmpuRXNTckhiM2RfSzhhcG1PMTROWVdvUVJaQVl1aGhGMk1VVnptRU1rZjJNSWZDMjdlRHlsSWRlRWRQV3BNaVEzZ2JPRmpORVh3aVVoeUUyY2RiTUNQM3ZOQ0hZdm9jWXpncmYzX3FPVk1nalRwSjFEcmZIT0prNDhZT2FrTkdqS1U2YXV3S29mdGR4eVlHTkZKZmZyc2pGQzV3UjVfdXNfYmEyYkxqNVVoQUNWN09tdXloVjQ2NklKdFlUckdFWkZWb0lScnd5RlVSMXNSazl2N0lTbk5iQnd1WE1qczV2RUphazJ3WFBydGZVZS0xRVNLUFdQbDlkNGc3R2s3b0hkVDJjNWdPSVNVR09KRDJ4UUNkT0lmVHhPNW92RUxPV2hOWXV0NEYxTXVqeXBjNEtHbTQwVUtTVGpCeHQwb3hGSWNPT09jSVRXYi1ISjlrckpRYTZyWTZSM2tuTGVoYkRuQXVNZmJRTE5jRGZTTHRTb0xUQ3BlVHJNNkcwdGRyZFQ5bnFJdUh5cnNzTkZmN0l0YUVxeHpCbGVLNENydHVEcTQ5cF9pZE9HZ0FEbG5DdFN2ek8tNVJBb0RKZUFNYWZfWG5Md0YzZDAwMUlDWXRTWmFBUHlSZTU2a2JZT1ZrRzBDU1p0ZkNxUVF0QlhGQ04xZThhU0Jhd19qWmw4cG41QXBQS2N1N1JTbWZRM1QxVk9zczJXNlJ0T0J2N2pHeUJYTzl0bEtrWTlueXZpYWQ4NXpQaE1RenRRTmFZaC1Rc0x3aUQ3Qzd2WHB4dXh4QVpDd01BN1lzaURKVTI3djJGWXhvN0lSdnNidmZMSU85V1lwSjlYUHZ3eHNPX0tieUN0WDBCdDhaYVRqYmtyS0NMbEt1V2NhTGRua3V2MDlJaDhFWUt6WHp6VVFZS3hxYjRwNkZRLTlHMG4tYzBTc3VxZ1BKYWkxOWl4RUVEYkczdXB4bmR3UnBvcXJGc3FGQWJ3YkFCWlVTTXlRcng1UXN6NF9nV1AxRWFPTUhGa0RLNHY3QW9TdlhNWk5GOVdZYlVrUGhvWjhoeFpCakluYTc1QTlmNDRwcUJtNkMxd0hEZTk4MXJvRUZBVnRxaTloZkNFYzFXdkRTLU9HN3dsQTlvUUFxQUFZZ2xMY09MQ2pHRjFOMkNmOEdZSDFDYlFRWWdjSGI0VzFRNEYxM0FrbklWRUxaZXNuTTNZU0VHcGM4QjA3MTQ1RkIzVTJ5bHlVNVgxdDN0TVlXMXZ0M1FjenV3dENOcXhrVlRXVkcyd3ZLdzN1SHNBVXlRdnN6cUExaGpuOFN2M3pvN2V2aU9uMWhLdHVROXM1WlRkZnAwcG9JT3lkWG1hd3RpNHhhTHVUYmZQVXdtQXQyaENaeV81X1BRallsX3pKTFhEM0JFVmQzOUJ0Tm9kNmN4bmlmUThvZGF0UjlSaDRNRXVNQnZFdmtwRnNmeXltcHMxekZtTXJhb1JyVEVJQzBJb2s3RWhsUi1qTHNRWFVmRUdWT2lOamZpcWN0YVJQejcwQlBnX0RFaFhWUFpqdnc1UDVSUW9ucnFYT1VnWVRicldDT1hxVm1SVXR3WmJ5T0JubTkyQ2p6Vk9CRVpHSGZ1LVctc1RXY2RiMTJmX3F6b096bzE5M1RPZTgmc3A9V3o0QnpJMVdoeTVmNEVYbl94bHBpZG9DMGtNRl85ZktIcV9hNlNsSmpQZxoTMzQ5MTQzMjcyMDM1Njg4NjgxNiIJMzc5OTkyMzQ2KgdNZWRpYUdvwAOsAsgDANgDjrEk4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDIxNy42NC4xNTEuM6gEALIEEAgAEAEYygcg-gEoADAAOAK4BADABKeNuSLIBADaBAIIAeAEAfAEmvKYtQGIBQGYBQCgBbSWqNmwzfmqPMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaqzRvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbVrwXaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwcxNzcyMzE0yAfS8gXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgB&s=752a1198cd34e9ae0cc66a20bd73e5bf07b914c2&type=nv&nvt=5&jm=1003&px=1665&py=3471&bw=970&bh=250&sid=3469778991381070615&vd=ct~0|rr~0&sv=233&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22867065&sw=1600&sh=1200&pw=4000&ph=7976&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/233/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:56 GMT
AN-X-Request-Uuid: 500c228b-ea22-472d-84a7-2b27eeea136b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 230ms
178ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=2b51dad6-edea-33bc-4bc9-7d5a70753f0f&tv=%7Bc:eTShSa,pingTime:-2,time:650,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:409,beZ:410,mfA:608,cmA:609,inA:609,inZ:615,prA:615,prZ:620,si:627,poA:629,poZ:651,cmZ:651,mfZ:651,loA:1020,loZ:1024,ltA:1058,ltZ:1058,mdA:411,mdZ:454%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:970,h:250,t:217%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:650,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:217,wc:0.0.1600.1200,ac:1515.1432.970.250,am:i,cc:1515.1432.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B447~0%5D,as:%5B447~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tGxIKH6+11%7C12%7C13%7C14%7C15%7C16%7C17*.931294%7C171%7C172%7C181%7C182%7C191%7C192%7C1a%7C1b1%7C1c%7C1d,idMap:17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:219,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/frontpage_2,google_ads_iframe_/4246/fmg.onion/frontpage_2__container__,dfp-ad-7%5D,sinceFw:428,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 204 ic
trace-eu.mediago.io/ju/ Frame B6DE 0
121 B 19ms
18ms Image
text/html 35.214.168.80
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace-eu.mediago.io/ju/ic?tn=39934c2bda4debbe4c680be1dd02f5d3&trackingid=64569c7db2e6242882d47dd859a0971f&acid=21014&data=3t_T1isnkwnsL_xiLWNn3ri0ihtIyQZJebFWrpY7Qb4-3_7y6o-_T_tXZkywFzcaoLw4s3VZ0xmQHAAUTLxj079SedQi5az28Fg7OcnUNPDTSlCI_-e8FTESb0Ack57D8DWpmGghDVnf3M_2N_o3gpJXdrKW-baiHqqG9fOH0IVeCt8-aN6LcvC-uNpLZRtqbwZ3xUWyy6BUt3875RafAYTNK6wQ-WKpUhruN2701rLyZeGZ2BDCm2ZmYyBbCo0xEhmsyXRRdT2ZhKTdw1ZdgfEQi46TUaG3IeCrB4kc5-GbvFdQjQbyF2G-uDkLSJ6d8Jzo823UEBYpiJoOApXJ2mSDXUXpzzOTXebIHk_bMA2V_k_N_GHej_B5I6sJfAJ7ipn4-3e_etphDlrNXXf-FUGhexXAutOr0fr8Mm-U0KQkatJxO0og2dTGTxs-aYZMJYRHV0FRFfIkoKu2vKwalYXkcQ-eGBi88_2bxBOY1ePH5Gi9_G4jJqqzsxUE5D5HPC8AP1UQNUbLrlzTGQ60wwtGHCwmGU7v-x19ceWQA1RsmupXrDz8pvOHofs_V-A2RB0_BZzEXq1eW5f1ju2n9n_H_Y8Jrp4bVqvbJ4Iyg1N_PTy2nEi5G6Q-CNuJ7Kvno0GjjWFNg731qQRG_iirr6-iN2Sm8JK0f71CmgZ-xneryGFWbg3Gla3NWV-Nb8xxwPoX-izZ7w2zHWtbogxGmpxyG0fgKXK5mZmBHp9MTRDi1wP8GFwpVEsVeh0FYOHUKlXuG7N4JyDVyB_yCadnQ1iaYuJKsfsnZ1kYxH_BMGRd9fvjBdGe4r0z6suQcqDEGLdGDfNnl20XDvqao0EiAfZazeSH-WNHIcg2whUcjPh6nw3zu6nRz9EeLgdP8eoDnv7h9JMBsyuIspX_UeBxblWDE6QMmWq6cAD42wFy8YUDX2hGWqHj7cHCTgoAXjLbYJowj76CZ5CP5B2--t0BH5EEde-2MBX8IvSadY-loxaER9dSYfGwxXjpDM0MZ_X0tdZ4akA4WoTSa__OO0XpDUYZPo7Te0-ESDPuRqb1SPg&uid=mid_6a81463d5e3fc0656428b04a94f84c17&mguid=&ap={AUCTION_PRICE}
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.168.80 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 80.168.214.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:56 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

GET
H2 200 / Show response
pips.taboola.com/ 64 B
246 B 40ms
6ms XHR
text/plain 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ab9151288093c3e9cce74f4cfa747e62da207f94da7c809900e949b9695a4066

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230131-FRA
date: Thu, 08 Jun 2023 00:04:56 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.theonion.com
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame A705 91 KB
23 KB 6ms
6ms Script
application/javascript 2600:9000:223f:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 22408120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: nUJmm2gFPRJ_Al4m8t_D2GiVlmpHY-Sx8HewBwAP7YaPK0hGHgIsbw==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 39ms
39ms Image
image/gif 52.209.156.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=931294&campId=970x250&pubId=4531748607&chanId=22405397127&placementId=4601585758&pubCreative=138271807375&pubOrder=2260375129&cb=768511596&adsafe_par&impId=&custom2=top&custom3=&custom4=&custom5=top-01&adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:63862648-d1cc-70c2-47e3-a67cf2d01146,c:eTShSr,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-597464b965-z2fsh,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1515.178.970.250,am:i,cc:1515.178.970.250,piv:9,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:494,mot:0,app:0,maw:0,fm:tGxIKJN+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C181%7C182%7C19*.931294%7C191%7C192%7C1a%7C1b1%7C1c1%7C1c2%7C1d,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:500,oid:19a7a31b-0590-11ee-9386-068bcb56d7e6,v:19.8.416,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.156.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-156-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 204ms
177ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=63862648-d1cc-70c2-47e3-a67cf2d01146&tv=%7Bc:eTShSr,pingTime:-8,time:500,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:500,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:500,wc:0.0.1600.1200,ac:1515.178.970.250,am:i,cc:1515.178.970.250,piv:9,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~1%5D,as:%5B6~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tGxIKJN+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C181%7C182%7C19*.931294%7C191%7C192%7C1a%7C1b1%7C1c1%7C1c2%7C1d,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:500%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 main.19.8.416.js Show response
static.adsafeprotected.com/ Frame 153B 202 KB
63 KB 7ms
7ms Script
application/javascript 2600:9000:223f:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.416.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4193f3aba0317f0953ed1d14fd95938eacf60156c317f070f560e12e67b737a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 18:02:36 GMT
x-amz-version-id: 3p9ig6O7SiBTp67uBWAmtA0mX5.dWE7t
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 540140
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 01 Jun 2023 15:26:41 GMT
server: AmazonS3
etag: W/"e72c0c31bc84f756b800771f6ff5a792"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: N_UdshA5NY_c2QVVm85hqgaFTZiy3iDgyx0L6_Sw5wSTjkLEsDcQOQ==

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 1794 91 KB
23 KB 6ms
6ms Script
application/javascript 2600:9000:223f:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 22408120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: ZL5Mfl4aDFoagFY5qQKoK5Q0y39bUKEt5DkkknvSsZG4ldWHJu9g7Q==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 37ms
37ms Image
image/gif 52.209.156.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=931294&campId=970x250&pubId=4531748607&chanId=22405397127&placementId=4601586157&pubCreative=138271807375&pubOrder=2260375129&cb=232953696&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-02&adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:7823acd7-b275-765e-607d-a16db51fdbd1,c:eTShTl,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-597464b965-kwjqm,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1515.2336.970.250,am:i,cc:1515.2336.970.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:576,mot:0,app:0,maw:0,fm:tGxIKJm+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.931294%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b1%7C1c1%7C1c2%7C1d,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:583,oid:199e7b3d-0590-11ee-9224-7a12bb6ecc6c,v:19.8.416,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.156.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-156-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
server: nginx
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=7823acd7-b275-765e-607d-a16db51fdbd1&tv=%7Bc:eTShTl,pingTime:-8,time:583,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:583,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:582,wc:0.0.1600.1200,ac:1515.2336.970.250,am:i,cc:1515.2336.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tGxIKJm+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.931294%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b1%7C1c1%7C1c2%7C1d,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:583%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame E81C 978 B
902 B 24ms
24ms Script
text/javascript 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=421&ttfrms=7&brid=3&brver=114.0.5735.106&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETar9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&dfs=42&ddur=22&uid=1686182696633611&jsCallback=dvCallback_1686182696633594&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.106%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3886&tgjsver=3886&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.theonion.com%2F&fwc=8&fcl=1127&flt=44&fec=1777&fcifrms=13&brh=2&sdf=2&dvp_epl=238&noc=4&nav_pltfrm=Win32&ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&btreg=4601586157138271806403&btadsrv=4601586157138271806403&adsrv=104&unit=728x90&seltag=1&sadv=4531748607&ord=2260375129&litm=4601586157&scrt=138271806403&splc=152253218&adu=22405397127&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&cb=48184410&region=70dvtagver=6.1.src&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1318130.5741210321&dvp_tukv=364441529659.72394&dvp_tuid=520706621604&jurtd=347898784
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 3be105a78fc8101d09bda3a490b0c04c890fbcffac83d7ba14db1ecc5035a52e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:56 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 06/07/2023 00:04:56

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5EB2 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIpJlszYHHHXXzOVwQtktLCE_AyJfPt3DIcOo0NEhbXIB86jwEmk-cUMDUj7lM1bzHyAhAEL0H1SKzqvcuGxiP5Uhpn9Exo1f51nNVPrCiILZPUY1y-zbv75tXApeIjF-xfJBquTD_pdogSN6d-QDWzfS2AMTL1fCAyvPS8d-3W6-4YMHvvePqtjx8vl9xPYzhCw-kbwHfT1KkZs9421dZ9BTG9ka4DgYoBQb-xrUcgbeKPhvYe-BRvsPIiJvtj2PoVjFtjUXoncM65DhqKS1nm40pqIZE9z9aHRNmZWa44XpvOfWCR2ZaWYgJOW6j5Rin9YEFOjvcVa1c9A3NGw&sai=AMfl-YTeplgP8jAVW1nCmSHoOfqRLryIpJhkdoiOAekUfSxBY5nlNCDLebtey8ZnNZztMd5oD5ZSxbohwak8xxVwwyKVZXJJGAMoYz8Nu8iMeNTDtbBPj6Kh5vEE7EuJMA&sig=Cg0ArKJSzAI3FKINfO-kEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Jun 2023 00:04:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0FF9 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurB1QBf9LDuNlVLYPmxgMO0AnSSlXYBvxgpU3vyqz4htb5DBvIDOL-rTnOjiteUYRHLGjYHW2zdimXAAO8wEctSkdCqDtVfre_Kf1Yz8lSJ04NaEVJWV4js9hR5m86ly9EJLHWGWSkgDtCnOoXezAvF2-lcUaCrP-6N1fiBW6jIpg_D53uN8BU4IKiTer33dvUp5rEhRUuA52ZtnBd9_lUzyc-3E0A-E9TySHClFWFNG8zrp2CxQhlw5OYxqUQvqrVOZ9AK5k5kH4JGBvdzgTpJTFLSkS3OHqXpDQzL5KFmaYMeAQmXlsQogUUn-8yUZuTbQsN7Rx3w9zKoVbRLg&sai=AMfl-YRRttzwge1XLSmMNccJdDY6_KedquHeB_oFg5h5Fe4iICooST_rIw_gIfoGedIHiyVJ7rZcGVbcV6DAPmg94KUK2MrKGjpf7asnVFDcFbaRo33R7hDjfOMKwUHC6A&sig=Cg0ArKJSzPNwZue2azIGEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Jun 2023 00:04:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FE88 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOGgKXehehSRGP5-MFYN0fie-5zsEtMQ4hPC6bvDGPuP9UFlB3iB-Sr6vMYZgiagt75FJrf62qN1EzD3LFwuXAj4Z1uAjVaen-neZ7yYPg8x9wuYT3BnIZe_KqL7shq1gLej-8e0lHsZqB1ck789NyuGY5ZXvCIi5Ww8q1Zz7M0LGkkCKBqaqV7Avk4K_iEUlwbffTX0HJhBE0Mxcd5YiHLXwBD2gPhur3yccLRihQwDpB35iBSA6Oclrb_TsjK_JE1ehoPGI1xXcznUjoI6CKNhTvwbe0w-rSHRJryyD8PcmD7T7BJ-MPZLVWR3zTLnmdCDiBxvO7ppeLeFu4xg&sai=AMfl-YSJxHjqORslImetYhYtzUs2mgUCmNGKnAup06FFantPVQhmUfhvIQnCZMvklVSDdAh-KCN5JYF_h9r4T13AQ8OIrO50lW5fg_WkmvK69tFUcHU_AHNAYKkebYlezg&sig=Cg0ArKJSzF40jLyCOv_mEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Jun 2023 00:04:56 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 294ms
85ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5&uad=76fa6903a926d3e93da583bf80aa4e3ff2b1cd622a0f517e2b30b659e66ae87e&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 08 Jun 2023 00:04:56 GMT
cache-control: no-store
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=63862648-d1cc-70c2-47e3-a67cf2d01146&tv=%7Bc:eTShUf,pingTime:-2,time:612,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:195,beZ:196,mfA:688,cmA:689,inA:689,inZ:690,prA:690,prZ:692,si:695,poA:695,poZ:703,cmZ:703,mfZ:703,loA:739,loZ:741,ltA:807,ltZ:807,mdA:196,mdZ:218%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:9,vs:o,r:l,w:970,h:250,t:500%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:612,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:500,wc:0.0.1600.1200,ac:1515.178.970.250,am:i,cc:1515.178.970.250,piv:9,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B118~1%5D,as:%5B118~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tGxIKJN+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C181%7C182%7C19*.931294%7C191%7C192%7C1a%7C1b1%7C1c1%7C1c2%7C1d,idMap:19*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:500,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/frontpage_1,google_ads_iframe_/4246/fmg.onion/frontpage_1__container__,dfp-ad-2%5D,sinceFw:111,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 254ms
254ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=7823acd7-b275-765e-607d-a16db51fdbd1&tv=%7Bc:eTShUA,pingTime:-2,time:660,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:229,beZ:230,mfA:806,cmA:806,inA:806,inZ:807,prA:807,prZ:809,si:812,poA:812,poZ:821,cmZ:821,mfZ:821,loA:876,loZ:878,ltA:889,ltZ:889,mdA:230,mdZ:241%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:970,h:250,t:583%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:660,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:582,wc:0.0.1600.1200,ac:1515.2336.970.250,am:i,cc:1515.2336.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tGxIKJm+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C18*.931294%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b1%7C1c1%7C1c2%7C1d,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:583,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/frontpage_3,google_ads_iframe_/4246/fmg.onion/frontpage_3__container__,dfp-ad-9%5D,sinceFw:77,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B6DE 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvuT2AxNpqR-2D_v-Hl--impUD0yEoGLD7VLDB4n4EPoBriZRnDQ1gANjDLbbl_TgD6FfKLXqBzKn2oMewvlPEAA_yFVPQgropqy1nRfOanQm4Z5WOIW-z8Qv_y1Hd9_PJMX4KYzVhhzD7Oxqx1UJLguYN1-WQ9x8PCynCwPsmEostfsjdtg2JC3BPBVSSU7TSg4UKy_A4vGi7Fn_Fs6Rxn3n3C3Wz9gl0Iw5ifZYweOeenmdq5h3Ep3OqoTqZzzRMlmfbROdHbJDKuN4I-46mDDbaMs2F8jjwWbkpkJk3EdUMw7zPVjbOw7CSHQSURLEKMPqVEdwUfodAp1GnWA&sai=AMfl-YSgtCZZjbG4QyVDs_eaVBqBr0n8YkK9AoQ4AupPPDkITBgxiGubx3W5s-mj6v2GwV7n8BBiZ0jfWav5WNkpg5cGTSfot3_zOFU08ytdj_HRTxp7W57DNzxG7u5WUg&sig=Cg0ArKJSzMKWnPmyL2lOEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Jun 2023 00:04:56 GMT

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame C331 91 KB
23 KB 6ms
6ms Script
application/javascript 2600:9000:223f:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-e09f10f-4415d417.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 22408120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 7i8t1efucHCTSGRDureYf46SklmhDeUIfLKxjc1ELJrUyqCNntLYNA==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 37ms
37ms Image
image/gif 52.209.156.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=931294&campId=728x90&pubId=4531748607&chanId=22405397127&placementId=4601586157&pubCreative=138271806403&pubOrder=2260375129&cb=48184410&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-03&adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:b8fefb79-f1b7-b9e6-300e-2093205d1d29,c:eTShV1,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-597464b965-rx5xn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:1515.3471.970.250,am:i,cc:1515.3471.970.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:114,mot:0,app:0,maw:0,fm:tGxIKSt+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a%7C1b1%7C1c*.931294%7C1c1%7C1c2%7C1d,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:123,oid:19d9fd09-0590-11ee-a492-0ae7a3b380b5,v:19.8.416,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.156.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-156-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
server: nginx
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 218ms
218ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=b8fefb79-f1b7-b9e6-300e-2093205d1d29&tv=%7Bc:eTShV2,pingTime:-8,time:123,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:123,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:122,wc:0.0.1600.1200,ac:1515.3471.970.250,am:i,cc:1515.3471.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B8~0%5D,as:%5B8~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tGxIKSt+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a%7C1b1%7C1c*.931294%7C1c1%7C1c2%7C1d,idMap:1c*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:123%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 210ms
210ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=b8fefb79-f1b7-b9e6-300e-2093205d1d29&tv=%7Bc:eTShVi,pingTime:-2,time:139,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:418,beZ:419,mfA:532,cmA:533,inA:533,inZ:534,prA:535,prZ:537,si:540,poA:541,poZ:549,cmZ:549,mfZ:549,loA:553,loZ:555,ltA:557,ltZ:557,mdA:420,mdZ:430%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:970,h:250,t:122%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:139,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:122,wc:0.0.1600.1200,ac:1515.3471.970.250,am:i,cc:1515.3471.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B24~0%5D,as:%5B24~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tGxIKSt+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a%7C1b1%7C1c*.931294%7C1c1%7C1c2%7C1d,idMap:1c*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:123,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/frontpage_4,google_ads_iframe_/4246/fmg.onion/frontpage_4__container__,dfp-ad-12%5D,sinceFw:16,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 179ms
179ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=2b51dad6-edea-33bc-4bc9-7d5a70753f0f&tv=%7Bc:eTShXa,pingTime:-10,time:960,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMDYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1686182696856%7C%7C282637ab0429dd88a6b49c418d4135b4%7C%7C9807fceec1c048f3741b920e0a0474f7%7C%7Cf1db84e457624b698ce026f09f3e64df%7C%7C5809fb814df2da6321bc147d5da4483f%7C%7C36f036eba66a0256ce34bc1138b01091%7C%7Cb7885f11fff80ffaeec69df9d6d4a3ff%7C%7C6ce65aab8c9f048bc2f1ed034f1f5862%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK cksync.php
cs.media.net/ 60 B
509 B 67ms
18ms Image
image/gif 23.212.88.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-88-20.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:57 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Server-Timing: ak_p; desc="1686182696986_388391761_113801360_13_450_6_12_-";dur=1
Timing-Allow-Origin: *
Content-Length: 60
x-mnet-hl2: E
Expires: Thu, 08 Jun 2023 00:04:57 GMT

GET
H2

200

ZIEbKENjrNzwsOTOXUSMxAAADI0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
https://pr-bh.ybp.yahoo.com/sync/casale/ZIEbKENjrNzwsOTOXUSMxAAADI0AAAIB?gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid=

43 B
600 B

34ms
34ms

Image
image/gif

2a05:d018:d29:3602:caa5:9f17:65ef:189f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZIEbKENjrNzwsOTOXUSMxAAADI0AAAIB?gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid=

Protocol

Server

2a05:d018:d29:3602:caa5:9f17:65ef:189f Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://pr-bh.ybp.yahoo.com/sync/casale/ZIEbKENjrNzwsOTOXUSMxAAADI0AAAIB?gdpr_consent=&us_privacy=&gdpr=0&gpp=&gpp_sid=
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 200 pd
u.openx.net/w/1.0/ 43 B
131 B 50ms
15ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sync
eb2.3lift.com/ 37 B
140 B 39ms
7ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 usersync
match.adsrvr.org/track/ 70 B
260 B 33ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/usersync?us_privacy=&gdpr=0&gdpr_consent=undefined&ust=image
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 08 Jun 2023 00:04:56 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=161204
https://image8.pubmatic.com/AdServer/ImgSync?p=161204&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDk5MENFNTYtNzQ5Ri00M0Y4LUI4QUItMjJGMEQyRjBCMEE2&gdpr=-1&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
216 B

31ms
31ms

Image
text/plain

185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Thu, 08 Jun 2023 00:04:56 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 186ms
186ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=63862648-d1cc-70c2-47e3-a67cf2d01146&tv=%7Bc:eTSi2w,pingTime:-10,time:1125,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMDYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1686182696856%7C%7C282637ab0429dd88a6b49c418d4135b4%7C%7C9807fceec1c048f3741b920e0a0474f7%7C%7Cf1db84e457624b698ce026f09f3e64df%7C%7C5809fb814df2da6321bc147d5da4483f%7C%7C36f036eba66a0256ce34bc1138b01091%7C%7Cb7885f11fff80ffaeec69df9d6d4a3ff%7C%7C6ce65aab8c9f048bc2f1ed034f1f5862%7C%7C1663701684,sca:%7Bspg:2b51dad6-edea-33bc-4bc9-7d5a70753f0f%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:57 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 181ms
180ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=7823acd7-b275-765e-607d-a16db51fdbd1&tv=%7Bc:eTSi5w,pingTime:-10,time:1338,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMDYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1686182696856%7C%7C282637ab0429dd88a6b49c418d4135b4%7C%7C9807fceec1c048f3741b920e0a0474f7%7C%7Cf1db84e457624b698ce026f09f3e64df%7C%7C5809fb814df2da6321bc147d5da4483f%7C%7C36f036eba66a0256ce34bc1138b01091%7C%7Cb7885f11fff80ffaeec69df9d6d4a3ff%7C%7C6ce65aab8c9f048bc2f1ed034f1f5862%7C%7C1663701684,sca:%7Bspg:2b51dad6-edea-33bc-4bc9-7d5a70753f0f%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:57 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 178ms
177ms Image
image/gif 2600:1f13:800:7781:a9:f316:c651:5d12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=b8fefb79-f1b7-b9e6-300e-2093205d1d29&tv=%7Bc:eTSi8O,pingTime:-10,time:977,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMDYgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1686182696856%7C%7C282637ab0429dd88a6b49c418d4135b4%7C%7C9807fceec1c048f3741b920e0a0474f7%7C%7Cf1db84e457624b698ce026f09f3e64df%7C%7C5809fb814df2da6321bc147d5da4483f%7C%7C36f036eba66a0256ce34bc1138b01091%7C%7Cb7885f11fff80ffaeec69df9d6d4a3ff%7C%7C6ce65aab8c9f048bc2f1ed034f1f5862%7C%7C1663701684,sca:%7Bspg:2b51dad6-edea-33bc-4bc9-7d5a70753f0f%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:a9:f316:c651:5d12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 00:04:57 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H/1.1 204
No Content event.png
tpsc-ew1.doubleverify.com/ Frame 2260 0
234 B 49ms
27ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ew1.doubleverify.com/event.png?impid=c640b45ee34a4dacba2802b7310629c8&flavor=0&gdpr=&gdpr_consent=&vdur=106&eoid=14&msrjs=3886&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=25&tetms=9&msltms=44&vltms=106&sei=289&vetms=428&tuviims=233&tuviems=767&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=786696&msrcannum=3&ee_dp_tmads=3114&ismms=15&isumms=15&nvr=2&isgmmims=16&isgmv4mims=15&elmtp=3&isbxdms=3016&b0=3200&adhgt=250&adwdth=970&norwdth=970&norhgt=250&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1.0&lftb=3200&sftb=3200&msrdp=1&naral=786432&vct=1&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isgmpims=15&engalms=15&dvp_hdnAd=0&dvp_dpr=1&vstsz=907&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3540&cbust=1686182699580766
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3886.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:59 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 06/07/2023 00:04:59

POST
H/1.1 204
No Content event.png
tpsc-ew1.doubleverify.com/ Frame 5551 0
234 B 44ms
25ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ew1.doubleverify.com/event.png?impid=0b28950052ff4c8eb1b80d3b60356d5e&flavor=0&gdpr=&gdpr_consent=&ee_dp_adlst=2&vdur=226&eoid=14&msrjs=3886&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=136&tetms=9&msltms=29&vltms=226&sei=289&vetms=432&tuviims=432&tuviems=1090&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=786696&msrcannum=3&ee_dp_tmads=3140&ismms=98&isumms=98&nvr=2&isgmmims=99&isgmv4mims=98&elmtp=3&isbxdms=3100&b0=3180&adhgt=250&adwdth=970&norwdth=970&norhgt=250&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1.0&lftb=3180&sftb=3180&msrdp=1&naral=786432&vct=1&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isgmpims=98&engalms=97&dvp_hdnAd=0&dvp_dpr=1&vstsz=908&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3684&cbust=1686182699585326
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3886.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:59 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 06/07/2023 00:04:59

POST
H/1.1 204
No Content event.png
tpsc-ew1.doubleverify.com/ Frame 83FF 0
234 B 48ms
20ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ew1.doubleverify.com/event.png?impid=a34c792d68464c54a71381c3bbb71a76&flavor=0&gdpr=&gdpr_consent=&vdur=81&eoid=14&msrjs=3886&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=22&tetms=9&msltms=29&vltms=81&sei=289&vetms=434&tuviims=197&tuviems=712&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=786696&msrcannum=3&ee_dp_tmads=3113&ismms=14&isumms=14&nvr=3&isgmmims=15&isgmv4mims=14&elmtp=3&isbxdms=3014&b1=3184&adhgt=250&adwdth=970&norwdth=970&norhgt=250&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1.0&lftb=3184&sftb=3184&msrdp=1&naral=786432&vct=1&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&scrhgt=1200&scrwdth=1600&strp=9&advisonl=false&isgmpims=14&engalms=13&dvp_hdnAd=0&dvp_dpr=1&vstsz=908&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3521&cbust=1686182699588845
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3886.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:59 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 06/07/2023 00:04:59

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/32_8_8/infra/ 887 KB
147 KB 21ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_8_8/infra/cmTagFEED_MANAGER.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: c6806f8379c0a4da9fa955f55465b1babb9c824187e711495d3a619546a36483

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-meta-mtime: 1685956623
date: Thu, 08 Jun 2023 00:04:59 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: QGVTFBBC8E9CP3K7
age: 225957
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1685956624
x-amz-meta-mode: 33188
content-length: 150072
x-amz-id-2: aleayPJZVWL0pxyliM8TdhK02NCzbyn9wOSpORbqYM+lUYzF3JgUsWy3seIa9qhZrGreDh195BY=
x-served-by: cache-fra-eddf8230087-FRA
last-modified: Mon, 05 Jun 2023 09:17:05 GMT
server: AmazonS3-br
x-timer: S1686182700.715449,VS0,VE0
etag: "81348113b2ca9b12b7205372f6653437"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 197404

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_8_8/assets/css/ 60 KB
8 KB 7ms
7ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_8_8/assets/css/cmOsUnit.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-meta-mtime: 1685956642
date: Thu, 08 Jun 2023 00:04:59 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 88G1W7FC0N0XDB2B
age: 225958
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1685956642
x-amz-meta-mode: 33188
content-length: 7877
x-amz-id-2: GcCXD8KdYBb+g5Vtk9wQ4x27v2HOc+dszuQv5xGzqSXRFMrTMu5VUVKloNv8X7kjr+70Cn2r9zI=
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Mon, 05 Jun 2023 09:17:24 GMT
server: AmazonS3-br
x-timer: S1686182700.701274,VS0,VE0
etag: "92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 253696

POST
H/1.1 204
No Content event.png
tpsc-ew1.doubleverify.com/ Frame E81C 0
234 B 15ms
14ms Ping
text/plain 130.211.44.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ew1.doubleverify.com/event.png?impid=fea66a0c18674cb9ba1907d7424eb0a6&flavor=0&gdpr=&gdpr_consent=&vdur=25&eoid=9&msrjs=3886&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=22&tetms=27&msltms=19&vltms=25&sei=289&vetms=44&tuviims=428&tuviems=497&engms=1&engisel=1&dvp_dtcov=2&ttfurm=3075&cbust=1686182699703497
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3886.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 08 Jun 2023 00:04:59 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 06/07/2023 00:04:59

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.2.3/ 446 KB
84 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.2.3/OvaMediaPlayer.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a2b2f6d642ba935218db5321dc3d3dd9c9f7533f13b2287c950f0209b12705e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-meta-mtime: 1685350863
date: Thu, 08 Jun 2023 00:04:59 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 3WETE7RTXK0QW7JD
age: 831792
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1685350878
x-amz-meta-mode: 33188
content-length: 85237
x-amz-id-2: U9MHM33d8zu1bcyAANixDCXsbgcb/go4MqSdvyxukPs4cokt28lsTvBQrYKgyRwmUwnbOtH8+aY=
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Mon, 29 May 2023 09:01:19 GMT
server: AmazonS3-br
x-timer: S1686182700.831665,VS0,VE0
etag: "db81aec73ffe8dee8ae2e395a095e3a9"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 763879

GET
H2 200 sync Show response
am-match.taboola.com/ Frame E4A4 577 B
662 B 15ms
15ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8OkUCLAbYhoTN5h365xGwDQmbzTv0zysAAABgYID-AEnMXI7JbrRZSxYu01q0Mi7WEodjs5Z4fMuVYeGxrFaeISCJmcsx2Y02a8nCZVqLVsbFWuJwbNYSj2-5Miw8ltXKMwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJwwC6n4fr0-QMAAAAACAAAAAASAAj9PCUAZEgET_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyCzWZ8JHUgfiBToFWEEAAAAIBvocuDIJJ2gYlHl__-_3wrAFQCAAERMKQWmLLqDEm9hAAAAAMTgZchXKVEbpo5ZoIfF7zc77Bq_22X-_________838n_lHI9QER5om6KjwQ80vIADAml9AAAA24wYA4I0AnJCTgabT4XPd63W_3110dPntTr_drvG7_aJD0IrBYHUCYnYAAAAA7vz____jwcuQr1KiNkzVA1ITm8VhHOyWw8lisFw5FsuNa-VyeVYOl2vmXGy8p4ds8r-43Lymj4iwzH7fQch3uwwPn8sgKrreFrvDafYcxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9GYjFaIAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRGMTEzG0WDjWCssk41btDBZ1srBYLUWbSwri8e4XA0WG7fo9TFdfAuHYeHaIsGAkr1InhbpROOyuRYLw3K0Gs08K99o4li5VrbNYrgxDQaTzW4ilmhOFulEdtm3JjaLwzjYLYeTxWC5ciyWG9fK5fKsHC7XzLnY-CsTk3E02DjWCstk4xYtTJa1cjBYrUUby8riMS5Xg8XGLXp9TBffwmFYuPaN2XC2GE5my82-MRvOFsPJbLnZd5hMz9TnbLTGxJePynw131wqm9OgcBks3p_EtJh2ZwfVyXd0qjzOZVFn9Pv9fr_f7_f7_X6D1nMwGxS-v9_vbUZDCr92nHIcDIpYIrhIJzq_22VyOhxr0dHltzv9dotYojRdpBN90e92GR4-l78ilghOF-lE6He7LOo_YpDFbi4bzRWrxVyzSgAAAAAAAAAAlmCa6SYAAAAATgY1XC4Ws3U6mMlwthjNlgvgwpNM14_6Ro-2MNLYLpnGBLILIRnjYo09FnF-t8vkdDjWoqPLb3f67VYGcOFpxWyzzwhirVbLGgAAgAA2AAAAAW668SYwdYr7____HwcAAEBGDj0AAAD6fUBT0AAAAAAA_ApiMdkM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 85a79cb190531ed29057b7ee690bea19b331ac05c833e884053c44bfbd58db9e

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 08 Jun 2023 00:04:59 GMT
machineid: 3406
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 8ms
7ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.theonion.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Thu, 08 Jun 2023 00:04:59 GMT
via: 1.1 8f6bdaf52990daaab8fe7162027bdec4.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: VIE50-C2
age: 1721992
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1686182700.872961,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: KeRHC3LKLO0XQKojJBbD0tHrBXvvLrHwZKSWav-ATh5HE9Ep3r-cOw==
x-cache-hits: 481229

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E4A4 70 B
264 B 33ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8OkUCLAbYhoTN5h365xGwDQmbzTv0zysAAABgYID-AEnMXI7JbrRZSxYu01q0Mi7WEodjs5Z4fMuVYeGxrFaeISCJmcsx2Y02a8nCZVqLVsbFWuJwbNYSj2-5Miw8ltXKMwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJwwC6n4fr0-QMAAAAACAAAAAASAAj9PCUAZEgET_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyCzWZ8JHUgfiBToFWEEAAAAIBvocuDIJJ2gYlHl__-_3wrAFQCAAERMKQWmLLqDEm9hAAAAAMTgZchXKVEbpo5ZoIfF7zc77Bq_22X-_________838n_lHI9QER5om6KjwQ80vIADAml9AAAA24wYA4I0AnJCTgabT4XPd63W_3110dPntTr_drvG7_aJD0IrBYHUCYnYAAAAA7vz____jwcuQr1KiNkzVA1ITm8VhHOyWw8lisFw5FsuNa-VyeVYOl2vmXGy8p4ds8r-43Lymj4iwzH7fQch3uwwPn8sgKrreFrvDafYcxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9GYjFaIAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRGMTEzG0WDjWCssk41btDBZ1srBYLUWbSwri8e4XA0WG7fo9TFdfAuHYeHaIsGAkr1InhbpROOyuRYLw3K0Gs08K99o4li5VrbNYrgxDQaTzW4ilmhOFulEdtm3JjaLwzjYLYeTxWC5ciyWG9fK5fKsHC7XzLnY-CsTk3E02DjWCstk4xYtTJa1cjBYrUUby8riMS5Xg8XGLXp9TBffwmFYuPaN2XC2GE5my82-MRvOFsPJbLnZd5hMz9TnbLTGxJePynw131wqm9OgcBks3p_EtJh2ZwfVyXd0qjzOZVFn9Pv9fr_f7_f7_X6D1nMwGxS-v9_vbUZDCr92nHIcDIpYIrhIJzq_22VyOhxr0dHltzv9dotYojRdpBN90e92GR4-l78ilghOF-lE6He7LOo_YpDFbi4bzRWrxVyzSgAAAAAAAAAAlmCa6SYAAAAATgY1XC4Ws3U6mMlwthjNlgvgwpNM14_6Ro-2MNLYLpnGBLILIRnjYo09FnF-t8vkdDjWoqPLb3f67VYGcOFpxWyzzwhirVbLGgAAgAA2AAAAAW668SYwdYr7____HwcAAEBGDj0AAAD6fUBT0AAAAAAA_ApiMdkM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 08 Jun 2023 00:04:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame E4A4
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-88i0IXZE2oSYWfegVq3_2tXJSSt.0caTsDsz_A--~A

0
98 B

22ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-88i0IXZE2oSYWfegVq3_2tXJSSt.0caTsDsz_A--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8OkUCLAbYhoTN5h365xGwDQmbzTv0zysAAABgYID-AEnMXI7JbrRZSxYu01q0Mi7WEodjs5Z4fMuVYeGxrFaeISCJmcsx2Y02a8nCZVqLVsbFWuJwbNYSj2-5Miw8ltXKMwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJwwC6n4fr0-QMAAAAACAAAAAASAAj9PCUAZEgET_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyCzWZ8JHUgfiBToFWEEAAAAIBvocuDIJJ2gYlHl__-_3wrAFQCAAERMKQWmLLqDEm9hAAAAAMTgZchXKVEbpo5ZoIfF7zc77Bq_22X-_________838n_lHI9QER5om6KjwQ80vIADAml9AAAA24wYA4I0AnJCTgabT4XPd63W_3110dPntTr_drvG7_aJD0IrBYHUCYnYAAAAA7vz____jwcuQr1KiNkzVA1ITm8VhHOyWw8lisFw5FsuNa-VyeVYOl2vmXGy8p4ds8r-43Lymj4iwzH7fQch3uwwPn8sgKrreFrvDafYcxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9GYjFaIAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRGMTEzG0WDjWCssk41btDBZ1srBYLUWbSwri8e4XA0WG7fo9TFdfAuHYeHaIsGAkr1InhbpROOyuRYLw3K0Gs08K99o4li5VrbNYrgxDQaTzW4ilmhOFulEdtm3JjaLwzjYLYeTxWC5ciyWG9fK5fKsHC7XzLnY-CsTk3E02DjWCstk4xYtTJa1cjBYrUUby8riMS5Xg8XGLXp9TBffwmFYuPaN2XC2GE5my82-MRvOFsPJbLnZd5hMz9TnbLTGxJePynw131wqm9OgcBks3p_EtJh2ZwfVyXd0qjzOZVFn9Pv9fr_f7_f7_X6D1nMwGxS-v9_vbUZDCr92nHIcDIpYIrhIJzq_22VyOhxr0dHltzv9dotYojRdpBN90e92GR4-l78ilghOF-lE6He7LOo_YpDFbi4bzRWrxVyzSgAAAAAAAAAAlmCa6SYAAAAATgY1XC4Ws3U6mMlwthjNlgvgwpNM14_6Ro-2MNLYLpnGBLILIRnjYo09FnF-t8vkdDjWoqPLb3f67VYGcOFpxWyzzwhirVbLGgAAgAA2AAAAAW668SYwdYr7____HwcAAEBGDj0AAAD6fUBT0AAAAAAA_ApiMdkM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:04:59 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 19031

Redirect headers

date: Thu, 08 Jun 2023 00:04:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-88i0IXZE2oSYWfegVq3_2tXJSSt.0caTsDsz_A--~A
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7C7C 281 B
554 B 7ms
6ms Document
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8OkUCLAbYhoTN5h365xGwDQmbzTv0zysAAABgYID-AEnMXI7JbrRZSxYu01q0Mi7WEodjs5Z4fMuVYeGxrFaeISCJmcsx2Y02a8nCZVqLVsbFWuJwbNYSj2-5Miw8ltXKMwUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOJwwC6n4fr0-QMAAAAACAAAAAASAAj9PCUAZEgET_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyCzWZ8JHUgfiBToFWEEAAAAIBvocuDIJJ2gYlHl__-_3wrAFQCAAERMKQWmLLqDEm9hAAAAAMTgZchXKVEbpo5ZoIfF7zc77Bq_22X-_________838n_lHI9QER5om6KjwQ80vIADAml9AAAA24wYA4I0AnJCTgabT4XPd63W_3110dPntTr_drvG7_aJD0IrBYHUCYnYAAAAA7vz____jwcuQr1KiNkzVA1ITm8VhHOyWw8lisFw5FsuNa-VyeVYOl2vmXGy8p4ds8r-43Lymj4iwzH7fQch3uwwPn8sgKrreFrvDafYcxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9GYjFaIAmYrBcTiaLyW41Wo02w91oNlgggRhMEEWLBpPVaDRZTIar0WQ1Wy52uw2iaNVqNtoMhqvZZLbbrYaD4XI0QhO2GK0mk81yOFsuJoPhaDgaDRGMTEzG0WDjWCssk41btDBZ1srBYLUWbSwri8e4XA0WG7fo9TFdfAuHYeHaIsGAkr1InhbpROOyuRYLw3K0Gs08K99o4li5VrbNYrgxDQaTzW4ilmhOFulEdtm3JjaLwzjYLYeTxWC5ciyWG9fK5fKsHC7XzLnY-CsTk3E02DjWCstk4xYtTJa1cjBYrUUby8riMS5Xg8XGLXp9TBffwmFYuPaN2XC2GE5my82-MRvOFsPJbLnZd5hMz9TnbLTGxJePynw131wqm9OgcBks3p_EtJh2ZwfVyXd0qjzOZVFn9Pv9fr_f7_f7_X6D1nMwGxS-v9_vbUZDCr92nHIcDIpYIrhIJzq_22VyOhxr0dHltzv9dotYojRdpBN90e92GR4-l78ilghOF-lE6He7LOo_YpDFbi4bzRWrxVyzSgAAAAAAAAAAlmCa6SYAAAAATgY1XC4Ws3U6mMlwthjNlgvgwpNM14_6Ro-2MNLYLpnGBLILIRnjYo09FnF-t8vkdDjWoqPLb3f67VYGcOFpxWyzzwhirVbLGgAAgAA2AAAAAW668SYwdYr7____HwcAAEBGDj0AAAD6fUBT0AAAAAAA_ApiMdkM9g9AhVir1ep2Y61WCw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Jun 2023 00:04:59 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7C7C 34 KB
10 KB 9ms
8ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0b2cec4a7f5373abdc638ac2803d3edc6d119f64e1aacb62800bfd45eff17b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 00:04:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jun 2023 14:29:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=51814
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 08 Jun 2023 14:28:33 GMT

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.theonion.com/	1969-12-31 23:59:59	Name: geocc Value: DE
.theonion.com/	1970-01-20 21:08:38	Name: KinjaBucket Value: 0
www.theonion.com/	1970-01-20 12:23:02	Name: KinjaSetBucket Value: 0\|1686182400\|tF2IUjyHShqOe//BeQTIq8zqYGJZHKqNOjpNgCrQjC8=
www.theonion.com/	1970-01-20 12:23:04	Name: lux_uid Value: 168618269225503377
kinja.com/	1970-01-20 12:33:07	Name: KinjaSession Value: 3416d64b-f285-45d9-b944-0397d4cd4baa
.kinja.com/	1970-01-20 21:08:38	Name: KinjaBucket Value: 0
kinja.com/	1970-01-20 12:23:02	Name: KinjaSetBucket Value: 0\|1686182400\|tF2IUjyHShqOe//BeQTIq8zqYGJZHKqNOjpNgCrQjC8=
www.theonion.com/	1970-01-20 13:06:14	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.theonion.com/	1970-01-20 12:24:29	Name: pageDepth Value: 1
www.theonion.com/	1970-01-20 12:24:29	Name: _lr_geo_location Value: DE
.theonion.com/	1970-01-20 21:44:38	Name: __gads Value: ID=371e02de581a672a:T=1686182693:RT=1686182693:S=ALNI_MZK_LsbvdtsZsXgMG6jHUEKCxNASg
.theonion.com/	1970-01-20 21:44:38	Name: __gpi Value: UID=00000c2d44ea9a1c:T=1686182693:RT=1686182693:S=ALNI_MZ3NiRkkK_5K1RKXJggQy7PhjpltA
.kargo.com/	1970-01-20 21:08:38	Name: ktcid Value: 1ccf3a13-e516-047e-1ec3-c53a92af6375
.criteo.com/	1970-01-20 21:44:38	Name: uid Value: f5673960-80a1-411f-9302-c9f46fb81e9a
.adnxs.com/	1970-01-20 14:32:38	Name: icu Value: ChgI64dgEAoYASABKAEwpbaEpAY4AUABSAEQpbaEpAYYAA..
.rubiconproject.com/	1970-01-20 21:08:38	Name: khaos Value: LIMDN14J-G-HMV8
.rubiconproject.com/	1970-01-20 21:08:38	Name: audit Value: 1\|SDziDG3X/EiknzSKzO8c8EHau3iET1N0BmQvWiFCZkJbHu0hL1ZspnPdkde82LPb7rZKjN0Z2OOIrbQLRWeIDyYbB5SW5XQ3pZq32xiKPUuma+WVcS1g3g==
.theonion.com/	1970-01-20 21:59:02	Name: _ga_FBJXBGD4M8 Value: GS1.1.1686182693.1.0.1686182693.0.0.0
.adnxs.com/	1970-01-20 14:32:38	Name: uuid2 Value: 8048030266907589947
.theonion.com/	1970-01-20 21:51:50	Name: _cb Value: DU3sdUbWdLjB0RHAw
.theonion.com/	1970-01-20 21:51:50	Name: _chartbeat2 Value: .1686182693854.1686182693854.1.C31wGHBvA2SmBKZlJyXDQPUBOCIT7.1
.theonion.com/	1970-01-20 12:23:04	Name: _cb_svref Value: null
ads.resetsrv.com/	1970-01-20 14:32:38	Name: ckbk Value: 000000FC432F6298
.theonion.com/	1970-01-20 12:23:06	Name: AMP_TOKEN Value: %24NOT_FOUND
.theonion.com/	1970-01-20 21:59:02	Name: _ga Value: GA1.2.1322708686.1686182693
.theonion.com/	1970-01-20 12:24:29	Name: _gid Value: GA1.2.1293780195.1686182694
.theonion.com/	1970-01-20 12:23:02	Name: _gat_unique Value: 1
.theonion.com/	1970-01-20 12:23:02	Name: _gat Value: 1
www.theonion.com/	1970-01-20 21:08:38	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D2bd840c1-a22c-4ad2-9005-4c2ebc89501c-tuctb7aa0a5
www.theonion.com/	1970-01-20 13:06:14	Name: vtas_f Value: c7a00c9bce623bc72b39e67e0ec336c0b131058e
www.theonion.com/	1970-01-20 13:06:14	Name: vtas_version Value: 1.1.2
.liadm.com/	1970-01-20 21:59:02	Name: lidid Value: 30274876-f568-49df-b3cb-489814622629
www.theonion.com/	1970-01-20 13:06:14	Name: vtas_kv Value: {"veritas-segments":[],"veritas-iab":[]}
.doubleclick.net/	1970-01-20 21:44:38	Name: IDE Value: AHWqTUmoz1SSOXR7n65opxrjqNAAQEWcalwP-oxNEkrcvzoozcKT4mQwPWTpOTHVjqw
.mediago.io/	1970-01-20 21:08:38	Name: __mguid_ Value: 6a4ad7962b6e34d5288849ab134a4550
.adnxs.com/	1970-01-20 14:32:38	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2E?k=ziTb!A#El.TOK`DmJOa:3ZYY1NlSa^^bpT%.kn<[)P3Os^8?EVclw^y>`L[QyLfQN]v@kLd><f=kW*g0D(MsGL0
.theonion.com/	1970-01-20 21:44:38	Name: cto_bundle Value: EfFUpl9iM243VW4wdmtjWkQ1OTRYUEhyWlZ5UFJsMEluR2lWZFpYNUVhUmVKZG5WM0RtUHhGJTJGYmxpMnE0Y3J3Q1FIcFdDOWRXYXhKMXJaTkN0bURLNyUyQjJXJTJCRmJxMWVlUVZ4ektTaFNDWWc1M2VtNG51YTlyaDM0T0IwTDBhT1Z4Sk9LWENPMGJpZ1N4Rkgwa0FIR1N2aUFUWmclM0QlM0Q
.yahoo.com/	1970-01-20 21:09:00	Name: A3 Value: d=AQABBCgbgWQCEP6kauA8WlpuPEEO0phHmocFEgEBAQFsgmSKZAAAAAAA_eMAAA&S=AQAAAgGnxDjKPcFzea0Cs_hIwFE
.linkedin.com/	1970-01-20 21:08:38	Name: bcookie Value: "v=2&a6695a14-649a-4137-8868-ade6277269fe"
.linkedin.com/	1970-01-20 16:42:14	Name: li_gc Value: MTswOzE2ODYxODI2OTY7MjswMjF+uW22RaKJk/+DiZ9uUUCDbljlCln8FNn0oKgihyyXRA==
.linkedin.com/	1970-01-20 12:24:29	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2529:u=1:x=1:i=1686182696:t=1686269096:v=2:sig=AQGsuKxIHVujz_Ou_6BUTLOUcTwHiwWe"
.casalemedia.com/	1970-01-20 21:08:38	Name: CMID Value: ZIEbKENjrNzwsOTOXUSMxAAA
.casalemedia.com/	1970-01-20 14:32:38	Name: CMPS Value: 3213
.casalemedia.com/	1970-01-20 14:32:38	Name: CMPRO Value: 3213
.pubmatic.com/	1970-01-20 12:24:29	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 14:32:38	Name: SyncRTB3 Value: 1687392000%3A220
.pubmatic.com/	1970-01-20 21:08:38	Name: KADUSERCOOKIE Value: 4990CE56-749F-43F8-B8AB-22F0D2F0B0A6
.pubmatic.com/	1970-01-20 12:24:29	Name: pi Value: 161204:3
.pubmatic.com/	1970-01-20 14:32:38	Name: chkChromeAb67Sec Value: 2

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://tagan.adlightning.com/gomedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
security	warning	URL: https://tagan.adlightning.com/gomedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/gomedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/gomedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/gomedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6c36ba0810346b66fb1f3b0a1e8f9fb1.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs-simple.com
ad-delivery.net
ad.doubleclick.net
ads.resetsrv.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ampcid.google.com
ampcid.google.de
ams3-ib.adnxs.com
api.btloader.com
api.rlcdn.com
as-sec.casalemedia.com
ats.rlcdn.com
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
cdn-magiclinks.trackonomics.net
cdn.adnxs.com
cdn.doubleverify.com
cdn.mediago.io
cdn.speedcurve.com
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
cs.media.net
d2cli4kgl5uxre.cloudfront.net
direct.adsrvr.org
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
f.kinja-static.com
fastlane.rubiconproject.com
fr-actions.trackonomics.net
fusion-media-group-d.openx.net
geo.privacymanager.io
grid.bidswitch.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
i.kinja-img.com
ib.adnxs.com
id.sv.rkdms.com
idx.liadm.com
image2.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
imprammp.taboola.com
insight.adsrvr.org
js-sec.indexww.com
kinja-com.videoplayerhub.com
kinja.com
krk.kargo.com
match.adsrvr.org
ml314.com
mug.criteo.com
no.kinja-img.com
onlinertb-us.s3.us-west-2.amazonaws.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.media.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
px.ads.linkedin.com
region1.google-analytics.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync.taboola.com
tagan.adlightning.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
trace-eu.mediago.io
trc.taboola.com
trx-hub.com
u.openx.net
vidstat.taboola.com
vidstatb.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.theonion.com
x.bidswitch.net
x.kinja-static.com
104.18.10.47
104.18.24.185
108.138.1.25
108.138.9.235
13.32.121.37
13.32.27.60
13.32.99.59
130.211.23.194
130.211.44.5
138.197.55.50
141.226.224.32
141.226.228.48
142.250.186.38
142.250.74.194
143.204.98.4
151.101.129.44
151.101.193.108
151.101.194.166
151.101.65.108
151.101.65.44
151.101.66.166
151.101.66.217
178.250.7.13
18.156.189.239
18.195.189.38
18.196.248.215
18.66.147.69
18.66.147.90
185.64.189.110
185.64.189.112
185.64.190.79
185.80.39.216
185.89.211.116
185.89.211.84
2001:4860:4802:34::36
23.201.255.110
23.212.88.20
2600:1f13:800:7781:a9:f316:c651:5d12
2600:9000:2057:de00:18:1fcd:353:c61
2600:9000:211e:600:11:9be7:da80:93a1
2600:9000:223f:4800:8:48e:53c0:93a1
2600:9000:236e:e000:1d:8c8c:47c0:93a1
2602:803:c003:200::41
2606:4700:20::681a:78b
2606:4700:20::681a:832
2606:4700:20::ac43:4513
2620:1ec:21::14
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2006
2a00:1450:400c:c00::9b
2a02:2638:3::3
2a02:2638:d::a
2a02:2638:d::d
2a02:26f0:480:9::210:ee0e
2a04:4e42::300
2a05:d018:d29:3602:caa5:9f17:65ef:189f
3.218.56.233
3.66.253.225
34.111.234.236
34.120.133.55
34.120.63.153
34.198.228.54
34.95.69.49
35.214.168.80
35.244.159.8
35.71.131.137
52.204.157.234
52.209.133.172
52.209.156.69
52.223.4.62
52.46.143.56
52.57.223.127
52.92.251.26
54.164.253.83
67.220.226.232
69.173.144.139
69.173.151.100
76.223.111.18
99.86.4.115
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0237aa975d8542373f99c13f8541fd12e5b6eed8abea4bbfa7c0e71fd4ae7c2b
02a5815c243f5f9d4a9f3bc631b44bbfa72409157d85a78d9f15d454fd2c22f8
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
096ef6644ebed2ac191e5a20c7c5bf31a24d8739912e2142003fdaa469a13aa5
0b2cec4a7f5373abdc638ac2803d3edc6d119f64e1aacb62800bfd45eff17b73
0b38cf602345506ec70d9c829543484918acb86fa77c05ece4ef6cdbdb667b50
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
0d086e18fbcdb16b8494ccfeb278a2a71db34301920bfe5c68327f0a7579086e
0f574044436c9c034b7b2f4b614519487a870cc9375754688e4b4648432d9bae
1063c185d2ba098c3c38deeaa02f320ce4850364758330aa5a511441bd313d22
10e23491a1d0243551fed7a9f1cf016bc37e27b5f57a9ace7567c7461dfc1ff0
11345de24d584dd7bee5d55c4c52c01782e2d9c2fb5cd7977c5bab24b5cc165b
115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388
183d66c521e43e4f0f8aefc5149605bbd44acf6d45db8c0f9064e439ae927b15
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18b87c6319166b2ec849c666ebcae958363e85913f3df2e610c0f7b0aa5d198a
19b4d2402492b148328f5a15bc52a7f6d74f0f70d66a3ce8a78bd7a5f1414a28
1a31861a53fec5e0e1135ff6fa3563ceb096a0fd0b5356004dcbc6931101d47a
1a6234f89855eb61bebc7f45e84e68fcb10436de629da84fb262c39498dbd775
1abc7ba05a4596dabc6fe7ec975be03e5c3f9b3f14549bf946dc468b2facad34
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cdc51f72f28493a1d9292d741d0857ccfa9721908d9ca0ae160f2d81b054d1d
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
21307638f02ac332e97951c6e723f287a1a88bd9a716d6095419a44c99aa85b5
221c51d6190d8c5cf2217bc17bc7ed47c99c31528fb2b8800c4c0233742a5038
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
248f505a8b5ee4ce8e884057589eae2ed0e5f6cef657cbffb05028d5dc7cf502
25007de8764634d8bc211e51d9839d3070df949f2c01d4ac48e4d09d59bce665
29f0cee8b0ce369a17cefeb98d0aa4013454e8451dc614fba868e1017d14db09
2ae45e2e1b631f86c147be468e5e55954eb89fe2b21e92c91609f4d2dbf13fad
2b38f0427019bc8f4c8db0b9e53f0a3d94d2b255db6e4b52b79e03648593156a
2b7b266b8bd84e119c203ddd34b31bfbaca6e4941c70118701f1bbfc9ec5a30c
2c2fa630a1a2e79949b76eb8c22e71d7ee17c9c5753226270c36f1e97b47ee43
3161f812469fd0552b9863a8bf904c86342db3208368ef4460329fe5fc2f8863
31f122cf25762924ab70cc26b8a04399f55321e6bc783c7712f9212808671ca2
3256e994ac185bcb370b04c6c55ef52bf7fba92bb755588e1578f80918d9f997
32652b0ebf5469b12a85e76375a74f31d902d70add4416eb8042f2d57b3e7c43
32879eba9b2433c53f34f9e1e3ed09e6fa564fca84252541b75526a2148ddcd7
33566729393f70e95f9e326dbc67dedbb3bdc4d6a743ef40141fa1d126f079ad
3447b3844cac8a8f33ae1a5090a1673d960ba0555bc387586b56377d6f926eeb
354bac5c7ef0c302224db07dd50abcb4f2f6e369accfacd8be11ec6799f13396
37c9730c2bcbb64a54a7d2299eb07c8ba40a8a00e154f4633de25ca3c63370ce
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ab6d5bddb52a980ebe7658cca937e1ce087c1478cbeb13715876e463b2dd7f3
3b37d2310598b93846c2771a556ce6d1577946b972cfa8e6eadf8725f31c6e32
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3be105a78fc8101d09bda3a490b0c04c890fbcffac83d7ba14db1ecc5035a52e
3cb1bf20774837d8da942332ccd8721486392cd3e9d43dbef85a45bc0e14330a
3d361b309ba82eef08d4a7f7a7b30cfe7e729d98c2eaf0f6db1fca2758cb6a5b
3e2381d8ffe09d762e98da0f4ae908adc60b17ecfa948099c6612588b9d3768f
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f5f3be3dcd8039c166b39b0ebbf825484c57373c781f5fb67f29b70e91eea89
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
406ddebd3743206fce38f8e0243d08af3af04d5e6b9b29769b53ea78b7c56871
40787a521f5a5c8d384e1052fd2a0ed19d0c3a5352466db52374cccf15404777
40a29eed6bf6c05ed40be089eb27a2323d2ee0eeee21b44422a9cae0c02b955a
4193f3aba0317f0953ed1d14fd95938eacf60156c317f070f560e12e67b737a7
4227e7808bb153943a5c2f8fbb6e877dc2ebea70934f7b223ee112124f8f8d61
43f7925d2866f6457a8a1329ca62170e0b997097e7aef7f7b6c8d7e6f4dd6275
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a62d4fd5b29deae5aacc4e325ee0b962c86a2b4f41f3b3e4d4afc74926f52a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
481d9f15499469be0a2383c41f759f34dba159d965543af371d466bfb6339f53
48232b3eb6d3449819b8dadca15226fbdd9b51976219b2e7faf4a3cad881dd84
4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c2c02181e98099dc48be2710dc0c21d81a2b72001607e99deebe9d73aed72bc
4cb563df4b0335027a98734668269adee2a27a8831fc2bce8c41fd59f6549daf
4d0de41b596f1c37d0cf111f5678e895cbb61068a7978f9d9afd342285522a4d
4d559368d1c69df951fcf588e171789432de6d00d1dd6b02e573eab3b15f9bbc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e654dc4aa833a34b4871aa86e91240fe6b88560fdffcd9b1023d9cc31d1753d
5157b962db8aa9af742bb8951b9250f74ef07d2ad7d9202968fa549cd38b0eaa
515b5c5dceb7a507f6e57d679ca415ac060e9a4ea5c3f85497b5f60157fa811c
528a5bcdfe99d459ca9724e827f3ac036b5ef16ed581942fa62f947676c37af0
53204c8a3d3cb96a17405b3a243772884943c253da37b59c1bffda4ee6a387ad
53cfaf25e39926c20727a9c13a7f28a59f378e50a056c701dc93ec8d3b790e3c
54623af03af1e784b0549daaf2721f49d5d2135173e160cdc5dc2021bf70620a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8
5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc
5ca7734ed5a4773635f1ae05b0b55c1653d759d3c3513baab8a39d4c96631da4
5cfb1037075cb57541adf2406c2fa1afd4dbdb871ae23130d949185087da7103
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f5fae80f0c98899eeabe0f618454ca066c741eba7ed03141bb60fd47fe27fdc
603aa6c6d73621d0c3fadad73b5f9fcd5efe05519300fce64722c6547e86c206
616ffa64c60fe34471c52e6e38e8d48cbab0abc0defa6beb1ee1206e094f1cb9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6320a1b112291fb856bfdbe2306f9aaba53b9d4742bfb1edc40e74d25802651f
6390a22550191d8816d1f55a35acc5d410919f6174c981539306912eec483f38
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
68a328cfa20743ac29e3d6f9f458184ec7f4e625a0eb30a66cd9ef3f8909c321
6ad61602e9db9558662d5280058aee442dbf0b3676a043158ea945439e4f6346
6ad702915d203974cb8318ff80474939eac3310f94468c8ed432f3bc7379ab4c
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e4f524c55f2b541fd3f407e6b660f95bd0c046867a1b85a50ea65d30406b383
6e5089c7abbd039011d3d00136191a658ab9f713a2c0eaaaf60fd375439734d0
6e6d776ffaafc0bb1e45286865f3c75d3a01aadfb52e3c107a88437c2bf79fd3
6ed271d4a69ad83c7565e059fcc876d0ddcd3716acf7aa852ca363326b0de94e
73e0b4849267d52ad5b7ec2770d92fb24b85b127aa7ae835700f6d5d0e755c0f
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
80ba51ecef4e964cf24743a90a465442838e854bcf28c25f9a305970f1c3aff3
80f24dd10cffe926cb56683b016912a201652c7874af4fe934fc0bef3065ecab
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
8413176dd89287beafbd21e4fa5586f3d5db9aefa37b1350b34bc7533ca5ef34
84499a87fc7dbeb8fcf5dca79fd6618bf5e212331606870ad99737035ca38a9a
84da9d75f50c13dfaf3794682dadba0c6917bba32c63977eb49fa00fce849f02
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a79cb190531ed29057b7ee690bea19b331ac05c833e884053c44bfbd58db9e
895fe95f9252951d1b3acfba50546376d3224bb5a19fa40df3be17e6571e844b
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8c9bdc6048330e1ca6023608f60e9dc755dc1f6bd3ca9d35d73242bb929eefd9
8d063cb1212c2499fad0dc70556940e4c2b38d8b85abc8e0a5ab62e299e86d68
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91c5700635e65ea0d8dd5cbd0825df02ccb69582117d87d1a1c03fdb28c4548c
921d6a08298f520a4f4c7444ba3cf32d128706ad4018c6a576f915d79122a8dc
9226664623b383be110c81a980d389d914f59d8b8df41fc7f8d6464e790329ac
92620e80f80057105b30e5e43e971a856d6168de68379ef6c4651e4502730edf
927933cf6aea2ff60db99431d6d505d432507240a014db32d1230c1d9b793db2
93e0d965fc28dca34b0a300a4d52370d9b6fabadcf0fa164cb0c6753f792f946
9435d9c9100ba30429173f07afc84a22c1e141e58a008db1531ff5d86b3dece7
96e934c77cb4fffff4b2ae5e3c16ba917d9d0102ef1c67a12c81305e46098430
9708fbfcf504ef77c5c4170d1e9db38c159049f8ab47d04f6a452e689cf696aa
98555f82ad12532d426de758a88dbfe0d27a0d57f42a62cce2c700a6891ae6c0
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9baf0334f5b2c482d95fd5a2cf9caf1c5130f4ea2ccca346c008154ea2cce06a
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8
9ed7e5a5c912084047f32c2ca7e2aae3025561bc00bff66ea3659e0703f46143
a03278b60ce0dd9f7965d43d8055f9d63f487e770c0bc32b951941e951364a73
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a1bcc37432884a16b8c3a3d39f32ea9ef7d6f4330dd92571b760343e89556a42
a2b2f6d642ba935218db5321dc3d3dd9c9f7533f13b2287c950f0209b12705e5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a543c35e7050946b66d2c94dae4e311486abc4e409c990859eadd278eae34ba9
a583b77715e15dfe3d4cc866ad834858822a83c82ce50a321203c361955ec55b
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a66a45787e47ab5de0d1ed07d185f9ce9aa0907b60070c2e5af7f321eb11208f
a7ebec103c04aedd9c1b8e8136c0afc3d979b46c8d1cc92f8a4a9ea62dc6f3aa
a8b76b7932331dbd4dec75f9bc9bac3ae9cce934e40a0e638141b44d3afc71c6
aa1733066272743182c6f72df32370b636dea47fbf328bc6d90222d691851ef3
ab9151288093c3e9cce74f4cfa747e62da207f94da7c809900e949b9695a4066
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0a01c6c99df338c4afba8aab124277ffe5ebcdef92d3b67532fbeb547039237
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d12302eee2d4e702a095497dd20133916901be34e4f4f7748f5e87385fef5e
b3f483b4c4f941a7cc1860356329639370e23b643ba93da4be31500be0b4c1ee
b630399dc87169c912b553c7dc294e6a7af0ca96a3186f27086566d7dd87ca41
b6c485f1f666fd7a72c0b41266fbd678fa285711fd2813a176db9b9bbabb953b
b6d1f8dc90a0614de544a8d79295937ff00874f4de5821285d9900ad41fe1e2f
b7299dfd212b74bf30cbc737887bbfcc4398685d4a77bffe1930fa8bd775bfa7
b790fae4d2155d04d9eea1a5d6ae0ac8de1e981e8d728db136c4d23f44388434
b82e88f8c052dd3bf8d33f25181b20e0206b1e409c30442cb846c15c17f2f012
b83ba15e4744172f5d091199f2dd72657598aed0ea6d7ed89c0a380a3f7d4ae0
b942a11b8393dc5124bde5c57052b25bcd4bc801c645fc64fc4b45758eb0b4fb
b9eb1bd9a36bebfbdca0f549cdf5859003022c694f41dc51f0166f0bd47adb0a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9d2f50d00b8a7480c4711bf963540095e3d0e8bb4d379db663866bd89d3560
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
bd8871fb1793f2de3d938a30c55ca827fc78ecbdef9470357262258e66f5e7e9
bf282b4ef41bf52ed9cb27a33190fdcf162f28a2c126beabaad623eef16148d9
c13571ac79df5c4a25b02e19411a2716035623f0d554d9139bc6140740b94f4a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5c24f7ca1c946fa4dfd44407409c8e11ec6e41f0e1c7c45bf8381b42afb31f1
c6806f8379c0a4da9fa955f55465b1babb9c824187e711495d3a619546a36483
c752c70f36d9eddf540a03b5ea18b6b102d7190239b4397ee181893eebdc3c5b
c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1478ce3a4a4650bacf558bce81b08ddc10a17a20107a59ebbd45532a673a9e8
d195a6ca13d7b6184b61c3f86ece05bef86b4dea7bacc62539f94495d28225c7
d262b04633fbcfb934184c79a2d1786fa24576ad6f7ccc40c5ba0aa540de9d54
d2b4e5bccd873af97882c8cf0acbdee464d69f422325cea089198ad3ab49e1fd
d366fef3e6d28f4f2f17e273927cb06ebb232a6492eed41b3fa5dbb761e3880e
d4234ad97764d2add90c7b99de87dfb85ec66b13cd08adbb5672252039422263
d43e09e832a9957274ad9ac4f76e4bb7c902eb89eb5e63b7c5a978f5485c4e6e
d50327f80f3a8427e88fa31eef4d8bd7c9e3409c0bf53af2e9149cb0aa32bb59
d617fb46ef25d32cdfc6459393c2d7933339093ee270b951e1fdb50ab5662140
d69c318c5a18ce860870df13878596d3d7bb7efd57b77a0f32b5478d1cfe1c52
d76bb6629795e99bac7337206450e67d8527b9a8fa6259b391c28364ac822bb4
d79ac6226821957ccbddae6a5dcdf15de1686620ef0ba42aee2c162ee9a2945b
d7d8eda923854d45e87c11183868b806aff279a82906f1226d8752793a17ab67
d7fa261298e7430c764efe74a192a4bb2b3c975032be043c0402d23d800ca438
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9a7786d5b15433844c6792ca4c07ecf84742964f817446996a52cb7a60c9455
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dbca21de82ba69b1bc23cd1c49721d7b763db98007a74397ad196d494e552f19
dc76370178348fbb8bf5d866c8c25ba072fcd2429eae443526586e1013c49409
dfb313ca733fc88f562f966c85f1cc03bf4ed0c21b892e1052a97a59c9776ad4
e1b9b63cc4dee950e19d2be6afc55d6fac1263599ff1ce2554f26961948f09a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4456346c8eec65785ebeb77127440fa8d579fd862be866b2fc91c7a25b9d592
e55fbe6498ca94a60f1cd9ca414f6d22628373d7e9be7992a38a630766069185
e5837c680ceeb1ba116fbb09c44b8396b7fa70f7b2b711660dab6720945fb371
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874
e9975431ab3558981df8a558a765319f7268c3d8acfe26b973a5963657f24ce0
ebfe01273273d6c3d63faac996008471a365f12768869db9202610ffddf7a55f
ecc6048b0ab170cfabbfb84ffd407ee53906b0fe898d6d9284f0b6f36220e365
eda853f004cbab26e1308fcbb0ec2dff1f2ed5fa3fa4bec7dc69090325809e4b
ee42cc4895a8863fdb7d7f9127a18d233c85e4a1f8ce4e78f5851f73670eeba0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11ce7d249dc49a2a0fda2e6923560c64c20426f3cb4eba52a85dc27c79e61e6
f63b683b181032b37e4b8a3fe5d001edc0b40a8df47c66b7966e2e7242f0226d
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f74a971771bbed56a13238f100e81152d4e14e3efb0a3da5772340955160f5d6
f8390791fab3a4f38a41db5a1965adb8979102262b3ffbfb12d504b262b6f823
f90ef610e704a3d58445f1d99f4bd0eaf17bbf28b741435254e000e7621882d1
fb8d647eb02c64dd97f5216d466359807bdd6ab71cfece888e46873f4511c24f
fc114c7f6486687c5c640a28e50878700373b685cb07ca61a43a47b5de732f7b
fee6964f674ffcf8acd53ea4c0a5001ddb377f0a805aa76d6753515cb472cf1f

www.theonion.com Open in urlscan Pro 151.101.66.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

375 Requests

95 %HTTPS

36 %IPv6

56 Domains

107 Subdomains

90 IPs

9 Countries

5099 kBTransfer

14704 kBSize

49 Cookies

24 Outgoing links

Page URL History

Redirected requests

375 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theonion.com Open in urlscan Pro
151.101.66.166 Public Scan

Screenshot
Live screenshot

Full Image

375
Requests

95 %
HTTPS

36 %
IPv6

56
Domains

107
Subdomains

90
IPs

9
Countries

5099 kB
Transfer

14704 kB
Size

49
Cookies

375 HTTP transactions
5 data transactions