www.theonion.com Open in urlscan Pro
151.101.66.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.theonion.com/
Effective URL:
https://www.theonion.com/
Submission: On February 23 via manual (February 23rd 2023, 11:15:47 pm UTC) from US — Scanned from DE

Summary HTTP 164 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 52 IPs in 7 countries across 45 domains to perform 164 HTTP transactions. The main IP is 151.101.66.166, located in United States and belongs to FASTLY, US. The main domain is www.theonion.com. The Cisco Umbrella rank of the primary domain is 91146.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q3 on July 25th 2022. Valid for: a year.

This is the only time www.theonion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49	151.101.66.166 151.101.66.166	54113 (FASTLY) (FASTLY)
11	151.101.194.166 151.101.194.166	54113 (FASTLY) (FASTLY)
2	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
13	13.32.27.75 13.32.27.75	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
3	18.66.147.50 18.66.147.50	16509 (AMAZON-02) (AMAZON-02)
3	18.66.108.49 18.66.108.49	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2006	15169 (GOOGLE) (GOOGLE)
3	99.86.3.236 99.86.3.236	16509 (AMAZON-02) (AMAZON-02)
2	34.225.45.79 34.225.45.79	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.89.3 143.204.89.3	16509 (AMAZON-02) (AMAZON-02)
4	34.253.161.49 34.253.161.49	16509 (AMAZON-02) (AMAZON-02)
3	18.198.85.142 18.198.85.142	16509 (AMAZON-02) (AMAZON-02)
3	52.29.23.92 52.29.23.92	16509 (AMAZON-02) (AMAZON-02)
3	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
3	18.193.53.227 18.193.53.227	16509 (AMAZON-02) (AMAZON-02)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
1	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.127.163.7 3.127.163.7	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	185.64.190.77 185.64.190.77	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.32.99.35 13.32.99.35	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	104.18.10.47 104.18.10.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:805::200e	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::681a:832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:3400:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
1	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:e2:... 2606:4700:e2::ac40:8104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225e:dc00:1d:8c8c:47c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.231.246.225 34.231.246.225	14618 (AMAZON-AES) (AMAZON-AES)
1	52.54.240.100 52.54.240.100	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.218.221.170 3.218.221.170	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.208.166 142.251.208.166	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4025:402::9a	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.115 99.86.4.115	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.62 18.66.147.62	16509 (AMAZON-02) (AMAZON-02)
164	52

49 151.101.66.166 (United States)

ASN54113 (FASTLY, US)

www.theonion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.kinja-img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kinja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.194.166 (United States)

ASN54113 (FASTLY, US)

f.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
no.kinja-img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.theonion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.32.27.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-75.fra56.r.cloudfront.net

sourcepoint.theonion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-50.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.108.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-108-49.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.225.45.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-45-79.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-3.fra50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.253.161.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-161-49.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.198.85.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-85-142.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.23.92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-23-92.eu-central-1.compute.amazonaws.com

krk.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.53.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-53-227.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

fusion-media-group-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.127.163.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-163-7.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.77 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:805::200e (Ireland)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:832 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kinja-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:3400:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8104 (United States)

ASN13335 (CLOUDFLARENET, US)

rr3s4p9hfoptgmhna.ay.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:dc00:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-magiclinks.trackonomics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.246.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-246-225.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.240.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-240-100.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.218.221.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-221-170.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.208.166 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4025:402::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-115.fra6.r.cloudfront.net

fr-actions.trackonomics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-62.fra60.r.cloudfront.net

trx-hub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	kinja-static.com f.kinja-static.com — Cisco Umbrella Rank: 28580 x.kinja-static.com — Cisco Umbrella Rank: 27446	484 KB
32	theonion.com www.theonion.com — Cisco Umbrella Rank: 91146 sourcepoint.theonion.com — Cisco Umbrella Rank: 481600	275 KB
7	kinja-img.com i.kinja-img.com — Cisco Umbrella Rank: 23341 no.kinja-img.com — Cisco Umbrella Rank: 58818	46 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 282 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 476	52 KB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 ad.doubleclick.net — Cisco Umbrella Rank: 171 stats.g.doubleclick.net — Cisco Umbrella Rank: 77	157 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2425	20 KB
4	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 702	2 KB
3	btloader.com btloader.com — Cisco Umbrella Rank: 795 api.btloader.com — Cisco Umbrella Rank: 895	7 KB
3	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 447	239 B
3	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 714	940 B
3	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 874	719 B
3	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1149	563 B
3	openx.net fusion-media-group-d.openx.net — Cisco Umbrella Rank: 36324	672 B
3	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 498	1 KB
3	adnxs-simple.com ib.adnxs-simple.com — Cisco Umbrella Rank: 9197	3 KB
3	kargo.com krk.kargo.com — Cisco Umbrella Rank: 2177	2 KB
3	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 948	475 B
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 1711	65 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 625	58 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 902	1 KB
2	google.de ampcid.google.de — Cisco Umbrella Rank: 66651 www.google.de — Cisco Umbrella Rank: 6149	502 B
2	trackonomics.net cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 5619 fr-actions.trackonomics.net — Cisco Umbrella Rank: 10453	28 KB
2	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 575 match.adsrvr.org — Cisco Umbrella Rank: 296	651 B
2	google.com ampcid.google.com — Cisco Umbrella Rank: 2216 www.google.com — Cisco Umbrella Rank: 2	848 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	126 KB
2	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 479 as-sec.casalemedia.com — Cisco Umbrella Rank: 1558	1 KB
2	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 1772 api.rlcdn.com — Cisco Umbrella Rank: 750	38 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 673	453 B
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 442	343 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 152	2 KB
1	trx-hub.com trx-hub.com — Cisco Umbrella Rank: 6440	462 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1230	201 B
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 4828	168 B
1	liadm.com idx.liadm.com — Cisco Umbrella Rank: 2444	432 B
1	ay.delivery rr3s4p9hfoptgmhna.ay.delivery — Cisco Umbrella Rank: 35354	18 KB
1	ml314.com ml314.com — Cisco Umbrella Rank: 1710	11 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 901	44 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1507	15 KB
1	videoplayerhub.com 1 redirects kinja-com.videoplayerhub.com — Cisco Umbrella Rank: 33157	452 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 608	16 KB
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1686	595 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	17 KB
1	kinja.com kinja.com — Cisco Umbrella Rank: 26979	1 KB
1	speedcurve.com cdn.speedcurve.com — Cisco Umbrella Rank: 5288	7 KB
0	rubiconproject.com Failed fastlane.rubiconproject.com Failed
164	45

	Domain	Requested by
25	x.kinja-static.com	www.theonion.com tagan.adlightning.com
19	www.theonion.com	www.theonion.com tagan.adlightning.com
13	sourcepoint.theonion.com	www.theonion.com sourcepoint.theonion.com
8	f.kinja-static.com	www.theonion.com
6	i.kinja-img.com	www.theonion.com
4	pixel.adsafeprotected.com	x.kinja-static.com
3	hbopenbid.pubmatic.com	x.kinja-static.com
3	bidder.criteo.com	x.kinja-static.com
3	grid.bidswitch.net	x.kinja-static.com
3	c2shb.ssp.yahoo.com	x.kinja-static.com
3	fusion-media-group-d.openx.net	x.kinja-static.com
3	tlx.3lift.com	x.kinja-static.com
3	ib.adnxs-simple.com	x.kinja-static.com
3	krk.kargo.com	x.kinja-static.com
3	btlr.sharethrough.com	x.kinja-static.com
3	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
3	c.amazon-adsystem.com	www.theonion.com c.amazon-adsystem.com
3	tagan.adlightning.com	www.theonion.com tagan.adlightning.com
3	securepubads.g.doubleclick.net	www.theonion.com tagan.adlightning.com securepubads.g.doubleclick.net
3	www.google-analytics.com	www.theonion.com www.google-analytics.com
2	static.criteo.net	x.kinja-static.com static.criteo.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	api.btloader.com	kinja-com.videoplayerhub.com
2	region1.google-analytics.com	www.googletagmanager.com
2	ad-delivery.net
2	www.googletagmanager.com	www.theonion.com www.googletagmanager.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	imasdk.googleapis.com	www.theonion.com tagan.adlightning.com
2	sb.scorecardresearch.com	www.theonion.com
1	trx-hub.com
1	fr-actions.trackonomics.net	cdn-magiclinks.trackonomics.net
1	as-sec.casalemedia.com	js-sec.indexww.com
1	www.google.de
1	www.google.com
1	ad.doubleclick.net
1	ping.chartbeat.net
1	ampcid.google.de	www.google-analytics.com
1	api.rlcdn.com	js-sec.indexww.com
1	match.adsrvr.org	js-sec.indexww.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	idx.liadm.com	js-sec.indexww.com
1	cdn-magiclinks.trackonomics.net	tagan.adlightning.com
1	rr3s4p9hfoptgmhna.ay.delivery	www.googletagmanager.com
1	ml314.com	www.theonion.com
1	www.googleoptimize.com	www.googletagmanager.com
1	insight.adsrvr.org
1	static.chartbeat.com	tagan.adlightning.com
1	btloader.com
1	kinja-com.videoplayerhub.com	1 redirects
1	ampcid.google.com	www.google-analytics.com
1	js-sec.indexww.com	tagan.adlightning.com
1	geo.privacymanager.io	ats.rlcdn.com
1	htlb.casalemedia.com	x.kinja-static.com
1	ats.rlcdn.com	tagan.adlightning.com
1	s0.2mdn.net	imasdk.googleapis.com
1	kinja.com	www.theonion.com
1	no.kinja-img.com	www.theonion.com
1	cdn.speedcurve.com	www.theonion.com
0	fastlane.rubiconproject.com Failed	x.kinja-static.com
164	59

This site contains links to these domains. Also see Links.

Domain
theonion.com
avclub.com
deadspin.com
gizmodo.com
jalopnik.com
jezebel.com
kotaku.com
lifehacker.com
qz.com
theroot.com
thetakeout.com
theinventory.com
store.theonion.com

Subject Issuer	Validity	Valid
*.avclub.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-07-25` - `2023-08-26`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-07-16` - `2023-08-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
cmpv2.kinja.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-07`	4 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-02-10` - `2023-05-27`	4 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.dev.kargo.com Amazon RSA 2048 M01	`2023-02-13` - `2024-03-12`	a year	crt.sh
*.adnxs-simple.com GeoTrust ECC CA 2018	`2022-02-25` - `2023-03-28`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-22` - `2023-06-21`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.privacymanager.io Amazon	`2022-08-26` - `2023-09-24`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
ml314.com GTS CA 1D4	`2023-02-09` - `2023-05-10`	3 months	crt.sh
*.trackonomics.net Sectigo RSA Domain Validation Secure Server CA	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M01	`2023-02-21` - `2023-10-29`	8 months	crt.sh
securedvisit.com Amazon	`2022-10-29` - `2023-11-26`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.trx-hub.com Amazon RSA 2048 M02	`2023-01-21` - `2024-02-19`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.theonion.com/
Frame ID: 272982CF1BA9FDAABC1F07B4C9D82622
Requests: 154 HTTP requests in this frame

Frame: https://sourcepoint.theonion.com/index.html?message_id=626742&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fmms%2Fv2
Frame ID: DB0421D497F076FD267F5DBFE875E56F
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html
Frame ID: 2552E77D7D381CC99589C8773B06366E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Onion | America's Finest News Source.

Page URL History Show full URLs

http://www.theonion.com/ HTTP 307
https://www.theonion.com/ Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

164
Requests

99 %
HTTPS

37 %
IPv6

45
Domains

59
Subdomains

52
IPs

7
Countries

1850 kB
Transfer

5556 kB
Size

28
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://theonion.com/
Title: The Onion

Search URL Search Domain Scan URL

URL: https://avclub.com/
Title: The A.V. Club

Search URL Search Domain Scan URL

URL: https://deadspin.com/
Title: Deadspin

Search URL Search Domain Scan URL

URL: https://gizmodo.com/
Title: Gizmodo

Search URL Search Domain Scan URL

URL: https://jalopnik.com/
Title: Jalopnik

Search URL Search Domain Scan URL

URL: https://jezebel.com/
Title: Jezebel

Search URL Search Domain Scan URL

URL: https://kotaku.com/
Title: Kotaku

Search URL Search Domain Scan URL

URL: https://lifehacker.com/
Title: Lifehacker

Search URL Search Domain Scan URL

URL: https://qz.com/
Title: Quartz

Search URL Search Domain Scan URL

URL: https://theroot.com/
Title: The Root

Search URL Search Domain Scan URL

URL: https://thetakeout.com/
Title: The Takeout

Search URL Search Domain Scan URL

URL: https://theinventory.com/
Title: The Inventory

Search URL Search Domain Scan URL

URL: https://store.theonion.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://theonion.com/top-video
Title: Video

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.theonion.com/ HTTP 307
https://www.theonion.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 123

https://kinja-com.videoplayerhub.com/gallery.js HTTP 301
https://btloader.com/tag?h=kinja-com&upapi=true

164 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.theonion.com/
Redirect Chain

http://www.theonion.com/
https://www.theonion.com/

412 KB
53 KB

130ms
13ms

Document
text/html

151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

22aef325371983285d26aaa20a8a89beee8cb710c8d1066507cffedbcca52b5b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 66
cache-control: stale-if-error=86400, stale-while-revalidate=300
content-encoding: gzip
content-length: 53099
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Thu, 23 Feb 2023 23:15:41 GMT
etag: W/"6703a-oPXm2kpMrHmtDMdV2spYDHm8LVc"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-GDPR, X-Kinja-CCPA, X-Kinja-Location, Authorization
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 4, 1
x-cdn-fetch: mantle-default
x-content-type-options: nosniff
x-googlenews-bot: false
x-kinja: kinja-magma-kube01-6885ffcf9-r8cv5 #3878
x-kinja-build: 3878
x-kinja-revision: ff8a4558037c534033087073b6b1bf2be2ee784a
x-kinja-server: kinja-magma-kube01-6885ffcf9-r8cv5
x-powered-by: Express
x-served-by: cache-iad-kiad7000116-IAD, cache-hhn-etou8220035-HHN
x-timer: S1677194142.502832,VS0,VE5
x-ua-device: desktop
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.theonion.com/
Non-Authoritative-Reason: HSTS

GET
H2 200 proxima_nova_cond_reg-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 27 KB
28 KB 68ms
8ms Font
binary/octet-stream 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_reg-webfont.woff2?08252015

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8fe5f0c4bdaf3e031a6172679193e88d3a24c7deb6e3c7e2b2a477061cc1ad81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: Y2DCEAVX0TC641JM
age: 22
x-cache: HIT
content-length: 28044
x-amz-id-2: hKBOsGvI94NOsrnMSvi8UteYk9D8tQleG4Gqd+21Xy3c+KfOImvoaXSpP87S9k7uPiofb04GDEU=
x-served-by: cache-hhn-etou8220079-HHN
last-modified: Mon, 09 Jan 2023 19:22:52 GMT
server: AmazonS3
x-timer: S1677194142.582240,VS0,VE1
etag: "94cbaf403b2922fd6858c812dae091fb"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 proxima_nova_cond_reg_it-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 30 KB
30 KB 74ms
15ms Font
binary/octet-stream 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_reg_it-webfont.woff2?08252015

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3d764be1388f0488c90be29ca58c3ad082f9d954ece8448448779bb79e3ca7a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: KB2XPBX41E6EWHKG
age: 13
x-cache: HIT
content-length: 30416
x-amz-id-2: LJjtb/k3F49GIbTEz+3EOM5szZxpYfyFd0F+0GpXaDA293O6LdiMgoHTedj/PTKYrgQrNE3lalw=
x-served-by: cache-hhn-etou8220079-HHN
last-modified: Tue, 21 Feb 2023 20:08:50 GMT
server: AmazonS3
x-timer: S1677194142.582751,VS0,VE1
etag: "bea38ea36d2aba1d5da6e8f842425e40"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 proxima_nova_cond_sbold-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 27 KB
28 KB 76ms
17ms Font
binary/octet-stream 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold-webfont.woff2?08252015

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

63125723c148b0c5391dea8c827d96958a6706a542f8b45822904aaefe10c4ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 18EGT0C5CBS44WNM
age: 22
x-cache: HIT
content-length: 28136
x-amz-id-2: 6v14oX2PbW3Nqm1//fP9nhXtKTrPb7ckVB7AuelHzfIFMV0P85wy1SS6yPF81hIJ7YAQqiarCV0=
x-served-by: cache-hhn-etou8220079-HHN
last-modified: Tue, 24 Jan 2023 21:48:36 GMT
server: AmazonS3
x-timer: S1677194142.582646,VS0,VE1
etag: "7ac1e4b7ab03f256e831e00e3b5618a6"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 proxima_nova_cond_sbold_it-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 30 KB
30 KB 80ms
22ms Font
binary/octet-stream 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold_it-webfont.woff2?08252015

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e8d2c867ae480b6b318900eb4168d5645f635420bdb1626976c9c0af71c45eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 76PS7JGBAGR7GGX3
age: 36
x-cache: HIT
content-length: 30232
x-amz-id-2: 5qX4pvcXZu2eIgZp9cmCXqVxY5xzB9guIExJ8vJrh0mnt/l0sWspLY+Cc2AEl1BIHO/krLokTLE=
x-served-by: cache-hhn-etou8220079-HHN
last-modified: Fri, 13 Jan 2023 20:38:32 GMT
server: AmazonS3
x-timer: S1677194142.582640,VS0,VE2
etag: "6d0ce198b25710fd5d0a2c0fb863b22c"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/ 18 KB
18 KB 69ms
10ms Font
binary/octet-stream 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: ZE10VDVCEE3Z2V5F
age: 13
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17984
x-amz-id-2: 3Sy39CWUCITcyiYXmZUMgfixTlhWPKQmWxGSXxgohoeXfej8oWumeECPNCuLB/1JBTvC3UWh04pQEQ0NqUQkAw==
x-served-by: cache-hhn-etou8220079-HHN
last-modified: Wed, 22 Feb 2023 12:28:17 GMT
server: AmazonS3
x-timer: S1677194142.582628,VS0,VE1
etag: "0518781cd45a71291d17ea1febfcc5fe"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 64ms
10ms Script
application/javascript 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 02:28:04 GMT
content-encoding: gzip
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 80252
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: fHVqUO3ap37VXmpZ93n3Dj8ETPH1Jr7vY3APT4hqaxQhySrYaF9Lzg==

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 19 KB
7 KB 69ms
8ms Script
application/javascript 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=527761496
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 2f743365173225cab6561f738fc7ead4cb4a9f562ce086af20f331f2c5c7b974

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 7
date: Thu, 23 Feb 2023 23:15:41 GMT
via: 1.1 vegur, 1.1 varnish
content-encoding: gzip
age: 5972
x-cache: HIT
content-length: 7153
x-served-by: cache-fra-eddf8230063-FRA
last-modified: Thu, 23 Feb 2023 21:36:10 GMT
server: Apache
x-timer: S1677194142.612070,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Mar 2023 21:36:10 GMT

GET
H2 200 5e15709c21103b071a6401351170e20c.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,pg_1,q_60,w_645/ 8 KB
9 KB 112ms
9ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,pg_1,q_60,w_645/5e15709c21103b071a6401351170e20c.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 229adf49a9c3ba4790b2f86a02ac235a5f0ac737192148b7656b4b4cb4dc8c56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: iMJKso67OGH5eNsxgNsj.luyJ3yZA_MF
via: 1.1 varnish, 1.1 varnish
date: Thu, 23 Feb 2023 23:15:41 GMT
x-amz-request-id: MYZ6MRM2GVW9X4BT
age: 112339
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=436448 idim=2000x1125 ifmt=jpeg ofsz=8624 odim=645x362 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 8624
x-amz-id-2: /K4niYq2GwIVjfbHmdgL51mJGsCfOI2QZnRu9Ud8ydrrzt9jj5vyBe43A0VX6gF4CBHjzbkAosE=
x-served-by: cache-iad-kcgs7200069-IAD, cache-hhn-etou8220035-HHN
server: AmazonS3
x-timer: S1677194142.652944,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=362&quality=60&width=645
etag: "t2jlBj6VBuajlDdCxwqWw4bH9zHVW4+d1PEwdGwgKes"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 40, 1

GET
H2 200 dc39848067b6cd069ea07381957d5d43.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/ 5 KB
6 KB 113ms
11ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/dc39848067b6cd069ea07381957d5d43.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ffac4e38eafb75b19d760e7f26a61fd40c29f36a24f2987ce6af66c16b21106

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: qLHH41edezvVKWKvryyP50ez5G58_G90
via: 1.1 varnish, 1.1 varnish
date: Thu, 23 Feb 2023 23:15:41 GMT
x-amz-request-id: JCZAQM7SF55CZNXC
age: 11777
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=1373309 idim=2000x1125 ifmt=jpeg ofsz=5460 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 5460
x-amz-id-2: Mt9lrtm4UaQuWJFDEcrlqKB1jousBn3iNCiSeTvrZ+nJbQlQV8jfWBJUBqS8Cdg+Bi/LhAgFCtQ=
x-served-by: cache-iad-kcgs7200072-IAD, cache-hhn-etou8220035-HHN
server: AmazonS3
x-timer: S1677194142.653498,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "KFj7Xk+EvDf9ULjQe9jYCdMNr2SHYGxikqWXrttmpss"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 103, 1

GET
H2 200 0ac071df51837e4b91b71842ea368862.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/ 4 KB
4 KB 112ms
10ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/0ac071df51837e4b91b71842ea368862.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f1c6b7cb9a1f781b1a57bf68518755e1b3ab49b5790ad69dca5323f8bd39d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: v5vPFUUaKa6JYNyAiMPv3f4iZhDw3DTX
via: 1.1 varnish, 1.1 varnish
date: Thu, 23 Feb 2023 23:15:41 GMT
x-amz-request-id: 8FJFTGZXY92TPPST
age: 96038
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=410474 idim=2000x1125 ifmt=jpeg ofsz=3930 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 3930
x-amz-id-2: twZkaQ+i8+9aHg/uXja9KslUOdLbi+agsIZLS7JHe6cMaZjtTDwSu1cqO+UFmtkmvUWdta4J6SM=
x-served-by: cache-iad-kcgs7200120-IAD, cache-hhn-etou8220035-HHN
server: AmazonS3
x-timer: S1677194142.653134,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "usVdlqGTVAJmOGILFlai4fOgBGw6cGS8GmVJi/iSmeE"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 5, 1

GET
H2 200 b2ac59889590a3b84333b69d34e3f6c4.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/ 4 KB
4 KB 118ms
16ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/b2ac59889590a3b84333b69d34e3f6c4.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87477c6ee0e82d3d3a3001e16a509139b4024c22ffc49e18de03f1b654c5eba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: _WEYk8ETaWq7faOmGrFvcpaZJdbQqKtp
via: 1.1 varnish, 1.1 varnish
date: Thu, 23 Feb 2023 23:15:41 GMT
x-amz-request-id: AYAJ0F0J0XJ1ES5T
age: 109998
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=316912 idim=2000x1125 ifmt=jpeg ofsz=3720 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 3720
x-amz-id-2: kJ8cnc8BZOy6C6p6h+cp8eX48RxNhFk8Cjt1u+mMPi0n32cVShPFfXHw4usVaTB+9+x2uGV4U94=
x-served-by: cache-iad-kjyo7100029-IAD, cache-hhn-etou8220035-HHN
server: AmazonS3
x-timer: S1677194142.653122,VS0,VE8
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "+ZOnVBoCd+Tz5Uk7ZvOqb0i2RV3gmCV4xZ/orMPhfoI"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 23, 1

GET
H2 200 37e85af515079dc24e47832548487b77.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/ 15 KB
15 KB 113ms
11ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_191,pg_1,q_60,w_340/37e85af515079dc24e47832548487b77.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9c6ce5a96de81c2b31dc9c7f2596074cad1fbebcb11599196e31eb11a2870d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: HwTxpgyVZSZqrj1LuhODwfUtbEIydSbO
via: 1.1 varnish, 1.1 varnish
date: Thu, 23 Feb 2023 23:15:41 GMT
x-amz-request-id: WHNYVE634A5X0PV2
age: 31854
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
fastly-io-info: ifsz=1596069 idim=2000x1125 ifmt=jpeg ofsz=14852 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 14852
x-amz-id-2: VguxaDVIUXRaHQ9naPP2ofx6dz9mIy8/ERPg/1kHiM9oYMtnKp7JXNYOiygFgyKdW8WL0v/xQm0=
x-served-by: cache-iad-kiad7000118-IAD, cache-hhn-etou8220035-HHN
server: AmazonS3
x-timer: S1677194142.653504,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "eWfJjZAx4uAeyQLfB5YGM4DCboSptqwgF2+IKQkgxaE"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 53, 1

GET
H2 200 197xrjaz7466rpng.png
no.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,pg_1,q_60,w_645/ 54 B
591 B 100ms
16ms Image
image/webp 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://no.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,g_center,h_362,pg_1,q_60,w_645/197xrjaz7466rpng.png
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ad61602e9db9558662d5280058aee442dbf0b3676a043158ea945439e4f6346

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: original
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Thu, 23 Feb 2023 23:15:41 GMT
x-amz-request-id: 6C9S5AT6NS71CTDX
age: 2596228
x-amz-meta-cld-version: 1388776355
x-cache: HIT, HIT
fastly-io-info: ifsz=95 idim=1x1 ifmt=png ofsz=54 odim=645x362 ofmt=webp
fastly-stats: io=1
content-length: 54
x-amz-id-2: aGkc6xfdWlinhWWhGJxE/oCA5nmt5n769LX5SSGabABUtFu+DG1vMBk+kgm2/n+nj5il0Qy6FDk=
x-served-by: cache-iad-kjyo7100146-IAD, cache-hhn-etou8220079-HHN
server: AmazonS3
x-timer: S1677194142.636306,VS0,VE0
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=362&quality=60&width=645
etag: "8BXYySxyyUaE383ZNc2VVYHztHXYmxrVLdcZf6slSps"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 24339, 13

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 82ms
20ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 23:12:19 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 202
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 24 Feb 2023 01:12:19 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
sourcepoint.theonion.com/ 165 KB
44 KB 146ms
8ms Script
text/javascript 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepoint.theonion.com/wrapperMessagingWithoutDetection.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-75.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67f6c462111ca4caf315cbce36e37f253972c809973980d71eb052b4626ac278

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
date: Thu, 23 Feb 2023 22:24:28 GMT
last-modified: Thu, 12 Jan 2023 16:02:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 3076
etag: W/"839238acc19b6d0f7cf406188cc8da38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 0vxqg_1Z64hn62Sj4e-vO6x_ISW06KyD9Sq3CvNorBgNH_ZxcHdybw==

GET
H2 200 accountwithtoken Show response
kinja.com/api/profile/ 197 B
1 KB 137ms
102ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja.com/api/profile/accountwithtoken?jsonp=_fasttoken&newFollows=true

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

31f0c5010be7b960e29db8c32d20025f91d3b5b36de54668fa59b469ec18c342

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 23:15:41 GMT
via: 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: master-only
x-cache: MISS, MISS
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-ua-device: desktop
x-cdn-fetch: mantle-setcookie
content-length: 195
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000136-IAD, cache-hhn-etou8220035-HHN
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1677194142.668384,VS0,VE93
x-frame-options: DENY
vary: Accept-Encoding,Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, private
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0

GET
H2 200 get_site_data Show response
sourcepoint.theonion.com/mms/v2/ 198 B
630 B 27ms
8ms XHR
application/javascript 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theonion.com/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.theonion.com%2F&account_id=1195

Requested by

Host: sourcepoint.theonion.com
URL: https://sourcepoint.theonion.com/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Jetty(9.4.2.v20170220) /

Resource Hash

4db348ed2be18b5f5dbc15aefe803f49680185daed5c6503162144f1cec32035

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:58:56 GMT
strict-transport-security: max-age=15552000; includeSubdomains
x-sp-mms-node: ip-10-128-37-170
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
server: Jetty(9.4.2.v20170220)
x-amz-cf-pop: FRA56-C2
age: 51405
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=3600, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: mPBdxtGOYYL9B82t7tcgFnjMQ7-ikdeHx8hIp2Oy0cZxr4PFHOLIKQ==

GET
H2 200 latest-version Show response
sourcepoint.theonion.com/consent/tcfv2/vendor-list/ 205 B
702 B 16ms
16ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theonion.com/consent/tcfv2/vendor-list/latest-version?siteId=6845&accountId=1195&hasCsp=true

Requested by

Host: sourcepoint.theonion.com
URL: https://sourcepoint.theonion.com/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Resource Hash

2fe879fc63e105ead7e053261b49c5f0ea2f638ff2f6f8b002cd27566c8cd19c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Feb 2023 23:12:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 181
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=0, s-maxage=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 205
x-amz-cf-id: grgrs5m3TyXsNyMw7qiKeW4WM1J4GoJjHeFtvv3-IL_-qEcxhsLx9g==

OPTIONS
H2 200 latest-version
sourcepoint.theonion.com/consent/tcfv2/vendor-list/ Frame 0
0 19ms
19ms Preflight
text/plain 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theonion.com/consent/tcfv2/vendor-list/latest-version?siteId=6845&accountId=1195&hasCsp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.theonion.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 600
age: 181
cache-control: max-age=0, s-maxage=600
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 23 Feb 2023 23:12:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-cf-id: N47DK6TjbtyzLxuTB5Z0Ibtm6iEmlVmgmyw7vIReh44Qkwd7orUATQ==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

GET
H2 200 new-user Show response
sourcepoint.theonion.com/wrapper/tcfv2/v2/gdpr/native-message/ 43 KB
7 KB 82ms
82ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theonion.com/wrapper/tcfv2/v2/gdpr/native-message/new-user?hasCsp=true&env=prod&body=%7B%22propertyId%22%3A6845%2C%22accountId%22%3A1195%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fsourcepoint.theonion.com%22%2C%22targetingParams%22%3A%22%7B%5C%22type%5C%22%3A%5C%22GDPR%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22legalBasisChanges%22%3Afalse%2C%22vendorListAdditions%22%3Afalse%7D&nonkeyed=%7B%22_sp_v1_uid%22%3Anull%2C%22_sp_v1_data%22%3Anull%7D&scriptVersion=2.5.0&scriptType=tcfv2

Requested by

Host: sourcepoint.theonion.com
URL: https://sourcepoint.theonion.com/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

9ffa67e09d282f2541b86759be00c51ea3c2d94c94adc8068be27196ea961f64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, s-maxage=1200
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: Jbe1z7Q72Owcc3guH6j3SJShEwYvAAGdoGSqiHCDRNjjYiIXnFwl-A==

OPTIONS
H2 200 new-user
sourcepoint.theonion.com/wrapper/tcfv2/v2/gdpr/native-message/ Frame 0
0 15ms
15ms Preflight
text/plain 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.theonion.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=86400, s-maxage=1200
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 23 Feb 2023 23:15:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-cf-id: ti17OTE7MHqx7JfinVuWGsUCtQ2kyMzWUgY1ak237OJUleKkYcKQ6g==
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 184ms
86ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

626a1a3a966835661fd675614389c65711f85dd9c8f7a760e79081801b78ed88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26508
x-xss-protection: 0
server: sffe
etag: "1492 / 933 of 1000 / last-modified: 1677193766"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Feb 2023 23:15:42 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/gomedia/ 41 KB
17 KB 69ms
10ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/op.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2f77295617af6b8bd70026fcf5390abd82bc0cce8d8337848d0dcf9b92e4761

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: q7whW8ADu.dSDIV4Iasztya5D0BzXNVb
content-encoding: gzip
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
date: Thu, 23 Feb 2023 23:05:02 GMT
x-amz-cf-pop: FRA60-P4
age: 640
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 16485
x-amz-meta-git_commit: 8db6969
last-modified: Tue, 21 Feb 2023 20:10:17 GMT
server: AmazonS3
etag: "a558d4974416f4ccf45c2a7c709ef594"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: I8_p8kUlEq97cKQTVljcte7IfY5bxnRdBWCZSMfq9sU3905kon7aWg==

GET
H2 200 runtime~adManager.efdb1d460c4a6923c049.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 7 KB
2 KB 24ms
21ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.efdb1d460c4a6923c049.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d364c4c1019140cbe2b45768ab406c8b24bd141b5dabc23d4594db014edeb0b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: M41QPDPC49T1BXM1
age: 135144
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 1908
x-amz-id-2: Nh4HUpohqqzK0SxbNlIKTLZLpKfbYGDkc+nSQWvY7T3727TEXtnJ91q/lineZXW/8JYYx5muwKo=
x-served-by: cache-hhn-etou8220026-HHN, cache-hhn-etou8220035-HHN
last-modified: Wed, 22 Feb 2023 09:29:05 GMT
server: AmazonS3
x-timer: S1677194142.915382,VS0,VE1
etag: "675226e6b46eb63f03c2e10dd16ad22a"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 adManager~video-html5-playlist~videoHtml5.bf26a8ba188b0c987d2d.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
2 KB 25ms
22ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adManager~video-html5-playlist~videoHtml5.bf26a8ba188b0c987d2d.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f71a689d2e63df27d08bd3f0ae9b47d72161617a1e7081301aff8979f1f266ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: YDYYD5DE0GV3PQW8
age: 1342608
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 2006
x-amz-id-2: R50upCy9xhUn8gVGs8KuCmR/bRvFMoGJZ+vTwB6OO8aX4Vn9NCvEQrep67k/zSmX6PKbcr3N/V4=
x-served-by: cache-hhn-etou8220082-HHN, cache-hhn-etou8220035-HHN
last-modified: Wed, 08 Feb 2023 10:00:22 GMT
server: AmazonS3
x-timer: S1677194142.915720,VS0,VE0
etag: "4ad8c56b45530bd1118e9cc12a0ab5f7"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 3533

GET
H2 200 adManager.88446c4d56f900cdc1a8.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 25 KB
8 KB 25ms
22ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adManager.88446c4d56f900cdc1a8.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cfa755a959d37daec60fd5a715fdea09aad8622b9c4177df213da8ebabf12a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: TRP4WJKKX33GXBGK
age: 170929
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 7383
x-amz-id-2: rS9ztQXNz0mWesdXOhLYOge1inFRckhGrs6yiVpYJrvXAXpwfKEra9Udbk2b7d2IRxXEL4sN708=
x-served-by: cache-hhn-etou8220067-HHN, cache-hhn-etou8220035-HHN
last-modified: Tue, 21 Feb 2023 20:12:57 GMT
server: AmazonS3
x-timer: S1677194142.915690,VS0,VE0
etag: "8bea474ceff767e7531325e713328109"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 12

GET
H2 200 vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~906e807f.236c1841cedcf44acd80.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 11 KB
4 KB 24ms
21ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~906e807f.236c1841cedcf44acd80.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0aa415e7728c450f678c4abc599c9be6960f3a497ba22865f8b7ddf1f728cd9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: YDYSV7N4K1REMVZK
age: 1342608
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 3671
x-amz-id-2: 46zUu7Czb3REfGoUNf/rjWODOXg30BTzuZObHX6Qdrb5oVKbVfoLgWi3XDapIObE+bGbzWNqDiG/IpsrMvenDA==
x-served-by: cache-hhn-etou8220091-HHN, cache-hhn-etou8220035-HHN
last-modified: Wed, 08 Feb 2023 10:00:26 GMT
server: AmazonS3
x-timer: S1677194142.915683,VS0,VE0
etag: "90e10254f0ab8030f5cdd640392f4317"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 12

GET
H2 200 adEditor~biztoolsPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~datadog~errorP~7a201692.4139a15bc486c7bf4c01.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 8 KB
3 KB 42ms
40ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~datadog~errorP~7a201692.4139a15bc486c7bf4c01.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

591745688ca784d62ba243e7b30efcde5904317888dce28c2ef581814f940e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: CST7EQS7ZT61VYC3
age: 775548
x-cache: MISS, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 2652
x-amz-id-2: rm4bXtYlvS+irmeUj/e3TnIgJESYIhV0ezR1s6+OV/U7iHgmMQBE5kbzAHmoOxzMFUT5tLVx+1I=
x-served-by: cache-hhn-etou8220037-HHN, cache-hhn-etou8220035-HHN
last-modified: Tue, 14 Feb 2023 21:29:36 GMT
server: AmazonS3
x-timer: S1677194142.917045,VS0,VE0
etag: "db61e7fbceda32b9c6272da4581bbff6"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 12

GET
H2 200 vendor~adEditor~alerts-form~alertsUnsubscribePage~api-video-meta~biztoolsPage~car-comparator~car-sel~c6c9b63f.15991907a4ad23d5c14a.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 4 KB
1 KB 26ms
24ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~alerts-form~alertsUnsubscribePage~api-video-meta~biztoolsPage~car-comparator~car-sel~c6c9b63f.15991907a4ad23d5c14a.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e282de4d4ce2b000ecebe6a1492e552ec007a43d0f0ff5d9fbddaa9f6a13f969

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: JHYHTY19VXP3XY4R
age: 87116
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 1040
x-amz-id-2: GxIIZ2oxRWI5ge9VrA89hBYoc/vD3B+DtxD18HruoOCKm0Afg7kS+/A9sDT/QLaDlR13Ts5IqCU=
x-served-by: cache-hhn-etou8220043-HHN, cache-hhn-etou8220035-HHN
last-modified: Wed, 22 Feb 2023 17:03:23 GMT
server: AmazonS3
x-timer: S1677194142.916678,VS0,VE0
etag: "c186985d3708c2f4ed21fab36c6ac31e"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 12

GET
H2 200 runtime~videoHtml5.bacf7a24bf01b3e62b4e.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 5 KB
2 KB 44ms
42ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoHtml5.bacf7a24bf01b3e62b4e.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0a96ab8c95c2122d631a5160c8dc12c9427c1a0d9d51a08b61d7169094ef56ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: YHSWEQCXHY35TH2V
age: 167286
x-cache: MISS, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 1569
x-amz-id-2: 1t7TqL7q7NXCn+zgCvjj+9plClrXN6HuWMuDjeGIdX4GMrH6YGGJPNF6KTzT+7O+CIdugvFFnJQ=
x-served-by: cache-hhn-etou8220039-HHN, cache-hhn-etou8220035-HHN
last-modified: Tue, 21 Feb 2023 20:13:01 GMT
server: AmazonS3
x-timer: S1677194142.917372,VS0,VE0
etag: "c6b7dad8b37708cef7fdef7f681d8a85"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 12

GET
H2 200 vendor~video-html5-playlist~videoHtml5.c81db90319a549386947.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 5 KB
2 KB 42ms
41ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~video-html5-playlist~videoHtml5.c81db90319a549386947.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

10d6863fc4929c74b03d4bd10c72bf12ccdee653b150f8864dba85b494ef6a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: YDYZ5HPZRE31BA96
age: 1342608
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 2040
x-amz-id-2: RBob1RGTQwhPeQ7DKRCOSN1s5HVj+GadZwyBdeCKfhDtF+PK3QFi+CF2haqNQMCaZRnGovbgdpQLAu+LZY1HaA==
x-served-by: cache-hhn-etou8220032-HHN, cache-hhn-etou8220035-HHN
last-modified: Wed, 08 Feb 2023 10:00:27 GMT
server: AmazonS3
x-timer: S1677194142.917072,VS0,VE0
etag: "66c227a70e333aa4ae9395d1510ce322"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 12

GET
H2 200 video-html5-playlist~videoHtml5.0f89525cdbc71e1c044c.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 40 KB
11 KB 26ms
25ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.0f89525cdbc71e1c044c.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ee47856987b41d8f4c8fc65359ffe268f78164cb166662caa198dc2f3184c5b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: BEBTEQ7BBMDTH2N3
age: 134919
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 10500
x-amz-id-2: SCsNnK9wNmu6Y2GLKKZh6vvdwYBtilb3X+ld7TLOowXEktlONYpI2kdqkSQwIlUQK7ulxW7EDVI=
x-served-by: cache-hhn-etou8220038-HHN, cache-hhn-etou8220035-HHN
last-modified: Wed, 22 Feb 2023 09:44:12 GMT
server: AmazonS3
x-timer: S1677194142.916621,VS0,VE0
etag: "e6c8d846f9b4008e08456ef6e1225279"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3, 2

GET
H2 200 videoHtml5.58277b556874275ec949.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 7 KB
3 KB 43ms
41ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/videoHtml5.58277b556874275ec949.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c8ca2a4f25aee6cdd85b60543cd678e00dedbc809a52978b75f55aa0b3273bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: WHAXHR54PR01XTAA
age: 173506
x-cache: MISS, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 2380
x-amz-id-2: OEHz/KZNlUUcqJoe7JQ6bT+G8Xo31nLYKUoeT41dRfQC0DRTvQqmS6oxfQ/oYSNiScTC3BRFtLo=
x-served-by: cache-hhn-etou8220079-HHN, cache-hhn-etou8220035-HHN
last-modified: Tue, 21 Feb 2023 19:50:40 GMT
server: AmazonS3
x-timer: S1677194142.916624,VS0,VE0
etag: "065b11f6e1ca9521eab2ceffa60cd89b"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 12

GET
H2 200 ad-units-default.613da336ee4d81dcbcaa.js Show response
x.kinja-static.com/assets/new-client/ 16 KB
4 KB 39ms
11ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/ad-units-default.613da336ee4d81dcbcaa.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.efdb1d460c4a6923c049.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9f595752c16c301a6e9162630034bd2e379f1e5127e53d5fb0a880217527dc07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: FW5Z3422JTYFYMZ7
age: 77
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3526
x-amz-id-2: kgrGa8CfVmrbQisnpP3FhStJDj+rN2zYDt37rA+JwV5Mt2Fi3bqbSY7PIQvtfYO7s0EUs+LDB8k=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 22 Feb 2023 17:03:18 GMT
server: AmazonS3
x-timer: S1677194142.973348,VS0,VE0
etag: "8d9be56d561a08b43e95cfcf0d418a8b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 display-theonion-desktop-config.7d609262201d199a7188.js Show response
x.kinja-static.com/assets/new-client/ 14 KB
2 KB 58ms
31ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/display-theonion-desktop-config.7d609262201d199a7188.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.efdb1d460c4a6923c049.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

44ca7238118aae1f81a96fb3797738afcb9d0d4617bf3acc35b50ff89aaed893

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: JDKW6NTKPATM3Z5K
age: 13
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1435
x-amz-id-2: HFX0sEfXzS7dKyjmNffv/bEZ4zKHmj3xXsh1ocJXV1aKKslamUXA17osF3mBjjzeDpWu6hblEbw=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Thu, 23 Feb 2023 18:19:40 GMT
server: AmazonS3
x-timer: S1677194142.973430,VS0,VE1
etag: "2bc3cfa6d6aa51af91d8542d1e13a45d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 193 KB
47 KB 276ms
14ms Script
application/javascript 18.66.108.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/adManager.88446c4d56f900cdc1a8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-108-49.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a661f8f8090e763d9e46c3b0745a402070fc823d3cf116aba6c2ad0287282d62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:19:23 GMT
content-encoding: gzip
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 20:02:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P5
age: 3380
x-amz-server-side-encryption: AES256
etag: W/"0d9f2b192f61b596888847da998647d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: XvsA4nOrMrRyGFADtDeJldrsPLe3JlRPYWBhJBrzyzXzQu3Y5bphQg==

GET
H2 200 prebid-js-prod.8829619ad326b9bddb65.js Show response
x.kinja-static.com/assets/new-client/ 402 KB
101 KB 34ms
8ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.efdb1d460c4a6923c049.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fb2386bd1c726f996f116b27444b08fe468f8561423bca2b8a1703a4035862b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: K3KECR0VPJXGM06M
age: 104
x-cache: HIT
content-length: 103019
x-amz-id-2: yndRQdHrZlPP4K4g2a4rzWboUKE5NcpFB/VuLiyn+xRT6Hlohe91zg6ofZ9ojKqOZAcS3STLVKE=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 08 Feb 2023 10:00:25 GMT
server: AmazonS3
x-timer: S1677194142.973301,VS0,VE0
etag: "f12e672d6d8d4e1c1bc88f51aef07787"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
121 KB 141ms
61ms Script
text/javascript 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.0f89525cdbc71e1c044c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8dc4d387c4e74a24ffeacb473c5cec08143808458cc0dd8efa153608af4f66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123572
x-xss-protection: 0
expires: Thu, 23 Feb 2023 23:15:42 GMT

OPTIONS
H2 200 pv-data
sourcepoint.theonion.com/consent/tcfv2/consent/v2/data-pipeline/ Frame 0
0 14ms
13ms Preflight
text/html 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theonion.com/consent/tcfv2/consent/v2/data-pipeline/pv-data?hasCsp=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theonion.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: *
allow: POST
cache-control: no-cache
content-length: 4
content-type: text/html; charset=utf-8
date: Thu, 23 Feb 2023 23:15:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-cf-id: iTsrRv4pOf3KgGGiNl4QQ2yMasIr53lJHzeqaFXP4N46q1N_bQGGLQ==
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront

POST
H2 200 pv-data Show response
sourcepoint.theonion.com/consent/tcfv2/consent/v2/data-pipeline/ 798 B
1 KB 15ms
13ms XHR
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theonion.com/consent/tcfv2/consent/v2/data-pipeline/pv-data?hasCsp=true

Requested by

Host: sourcepoint.theonion.com
URL: https://sourcepoint.theonion.com/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Resource Hash

da0fbbba59be8d2ef4b4aa6e60bc627aaf715304da0b68f612ad27ab9927f090

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 798
x-amz-cf-id: wu6VTlW2hygZJsVGI6KVzCBt--kpQqZhNMgNzFq7Rpo80Kbzbzz6_Q==

GET
H2 204 b2
sb.scorecardresearch.com/ 0
189 B 14ms
11ms Image
text/plain 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6770184&cs_it=b3&cv=3.8.0.210223&ns__t=1677194141658&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=DE&cs_cmp_nc=1&cs_cmp_id=6&cs_cmp_sv=1&cs_cmp_rt=329&c7=https%3A%2F%2Fwww.theonion.com%2F&c8=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:41 GMT
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 9PVqlI52rW1Nzw_ONAsfXka8F_gZH_bgIfRL5Dpp6gnGB-r4VpjV_w==
x-cache: Miss from cloudfront

GET
H2 200 index.html Show response
sourcepoint.theonion.com/ Frame DB04 4 KB
2 KB 11ms
10ms Document
text/html 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepoint.theonion.com/index.html?message_id=626742&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fmms%2Fv2
Requested by: Host: sourcepoint.theonion.com
URL: https://sourcepoint.theonion.com/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-75.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1be09b056744278b4b2a246530f56863d487ba9a968c3972d648ecadabee1874

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 709
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html
date: Thu, 23 Feb 2023 23:03:53 GMT
etag: W/"1359e0ef2b40a0d927b2ca8ed511fd5c"
last-modified: Tue, 21 Feb 2023 17:22:14 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-amz-cf-id: wP6SaKDS2_tyiRFC0F2UQzCSVyZf_Rnv99luYqyWOXyIBgvk6HDl5Q==
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 b-8db6969-11fd6bfd.js Show response
tagan.adlightning.com/gomedia/ 90 KB
33 KB 9ms
8ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-8db6969-11fd6bfd.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30d6dfd42b9a5f0be38020e3fe03042fe88b4931993c6c63c0b8061e934d727f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 07:37:16 GMT
content-encoding: gzip
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-version-id: HQt7ZtDt1P5TOrLzwiKvyGrv1Hhamfho
x-amz-cf-pop: FRA60-P4
age: 2734707
x-cache: Hit from cloudfront
content-length: 33634
x-amz-meta-git_commit: 8db6969
last-modified: Mon, 31 Oct 2022 20:36:51 GMT
server: AmazonS3
etag: "e4052d126a40ba70c16eb758095d1d13"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: qopr6nqOFwZ09R_mlDTLvtV0wZHAhy8pwASO_SLgnTFLqocVzfPuQQ==

GET
H2 200 bl-89d2da9-5055e528.js Show response
tagan.adlightning.com/gomedia/ 35 KB
15 KB 15ms
15ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/bl-89d2da9-5055e528.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff063c6287e08578617bb66c707b811930bb37f17c699f160190c17294b74766

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 20:10:38 GMT
content-encoding: gzip
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-version-id: 3CoDX5QDma_SMARXI31JjN.2C.mFKhwe
x-amz-cf-pop: FRA60-P4
age: 183905
x-cache: Hit from cloudfront
content-length: 15305
x-amz-meta-git_commit: 89d2da9
last-modified: Tue, 21 Feb 2023 20:09:55 GMT
server: AmazonS3
etag: "119e4c26c20e77a604d176961b6e5c3c"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5XQGfffsQADS-xQGTQXGxt654RgFCFWsKqcrzEb-PmBqI2wOEIVP3g==

GET
H2 200 Notice.55a6a.css
sourcepoint.theonion.com/ Frame DB04 33 KB
6 KB 8ms
7ms Stylesheet
text/css 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepoint.theonion.com/Notice.55a6a.css
Requested by: Host: sourcepoint.theonion.com
URL: https://sourcepoint.theonion.com/index.html?message_id=626742&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fmms%2Fv2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-75.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bd12e30c80ebaa26b56c4b2d9c16dc9b4f533a10b27271568c774c718644478

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sourcepoint.theonion.com/index.html?message_id=626742&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fmms%2Fv2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:37:28 GMT
content-encoding: gzip
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
last-modified: Tue, 21 Feb 2023 17:22:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 2442
x-amz-server-side-encryption: AES256
etag: W/"2906e24155ed9b893ffa1589740821ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600
x-amz-cf-id: uPh3553sWy8F1Rz9vHoSYrBdVYWg2QZ0cjiJpQbTyxAlmSi6DKJtPA==

GET
H2 200 polyfills.d36c5.js Show response
sourcepoint.theonion.com/ Frame DB04 5 KB
2 KB 9ms
8ms Script
application/javascript 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepoint.theonion.com/polyfills.d36c5.js
Requested by: Host: sourcepoint.theonion.com
URL: https://sourcepoint.theonion.com/index.html?message_id=626742&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fmms%2Fv2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-75.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62744fcae843f4bcf64e83df42f94c1316b2fddc4a99266a917d46f225b22e89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sourcepoint.theonion.com/index.html?message_id=626742&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fmms%2Fv2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:09:19 GMT
content-encoding: gzip
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
last-modified: Tue, 21 Feb 2023 17:22:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 390
x-amz-server-side-encryption: AES256
etag: W/"624c95946527f8a91f58420835effaf6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 5SyoVTWbiDNbcswwvrY03-tgyKNkdCIbqKKorL8mFSguRbLhLjhQfA==

GET
H2 200 Notice.d7427.js Show response
sourcepoint.theonion.com/ Frame DB04 261 KB
69 KB 13ms
12ms Script
application/javascript 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourcepoint.theonion.com/Notice.d7427.js
Requested by: Host: sourcepoint.theonion.com
URL: https://sourcepoint.theonion.com/index.html?message_id=626742&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fmms%2Fv2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-75.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea844674143b6db8fd476ccfa92a15e651e37ca3add1a312d07825e2086d7320

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sourcepoint.theonion.com/index.html?message_id=626742&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fmms%2Fv2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: gzip
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
last-modified: Tue, 21 Feb 2023 17:22:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 55
x-amz-server-side-encryption: AES256
etag: W/"5af131df98c69d8ac34f732e4e8953a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: y0RMyWGiB025cAAIehrqNBZh_dfgyf9iTYgabZNEK7fWnOUg_IWTSA==

GET
H2 200 pubads_impl_2023021601.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 26ms
25ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 06:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60370
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132097
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 09:35:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 23 Feb 2024 06:29:32 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 336 B
199 B 96ms
45ms XHR
application/json 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.theonion.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86c053d7dea18e7e61ac684da82a849013f9e9d369d0e60a4780061356b5256f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 174
x-xss-protection: 0
expires: Thu, 23 Feb 2023 23:15:42 GMT

GET
H2 200 categories Show response
sourcepoint.theonion.com/consent/tcfv2/vendor-list/ Frame DB04 1 KB
1 KB 242ms
240ms Fetch
application/json 13.32.27.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sourcepoint.theonion.com/consent/tcfv2/vendor-list/categories?siteId=6845&consentLanguage=en

Requested by

Host: sourcepoint.theonion.com
URL: https://sourcepoint.theonion.com/Notice.d7427.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-75.fra56.r.cloudfront.net

Software

Resource Hash

8537b0e8f6e757c548634512fa96c0618c92715a49b197740b2b7ac43ea4c5a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sourcepoint.theonion.com/index.html?message_id=626742&consentUUID=undefined&preload_message=true&hasCsp=true&version=v1&consent_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fconsent%2Ftcfv2&mms_origin=https%3A%2F%2Fsourcepoint.theonion.com%2Fmms%2Fv2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=0, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: Ogf12_1eK85mFTksys5cf1voDTXAYaPn6EVnfwTJC_3K3VNfUQEJWg==

GET
H2 200 44acf0fdf55bac1301660bbf9eef6e76.png
i.kinja-img.com/gawker-media/image/upload/f_auto/ Frame DB04 7 KB
7 KB 11ms
10ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/gawker-media/image/upload/f_auto/44acf0fdf55bac1301660bbf9eef6e76.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e38c2a5a252c36e76d74066ea7d52220192a44f01e2e47db2830969332643322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sourcepoint.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: x7.RoNJ4y4QVi4LEw9xVdJNPsLXmYNdS
via: 1.1 varnish, 1.1 varnish
date: Thu, 23 Feb 2023 23:15:42 GMT
x-amz-request-id: WHPY44BKK4BPBDPH
age: 2638497
x-cache: HIT, HIT
fastly-io-info: ifsz=10592 idim=1000x695 ifmt=png ofsz=6730 odim=1000x695 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 6730
x-amz-id-2: 7+I91H/29I2uJnMcSsaYkpw/HkkZ25lj28UJs75xeq3QGyDuUxUMU62pqu67OBO/isxfEHp7mAo=
x-served-by: cache-iad-kiad7000088-IAD, cache-hhn-etou8220035-HHN
server: AmazonS3
x-timer: S1677194142.225182,VS0,VE0
x-kinja-qs: auto=webp&enable=upscale&format=png&frame=1
etag: "v27TStcCeyN50tY0Z2wU37JZXYxGTkmY8jZnYoHTeRo"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 311, 63

GET
H2 200 bridge3.557.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2552 694 KB
222 KB 21ms
20ms Document
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ed1c1634d9f96286eecd6bfe892542a2cd46f4e46d437210fa99e4c8482966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227119
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Feb 2023 19:29:35 GMT
expires: Fri, 23 Feb 2024 19:29:35 GMT
last-modified: Tue, 21 Feb 2023 14:27:34 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 147ms
56ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Feb 2023 23:15:42 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 937 B
1 KB 14ms
13ms XHR
application/json 18.66.108.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3076&u=https%3A%2F%2Fwww.theonion.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-108-49.fra56.r.cloudfront.net
Software: Server /
Resource Hash: d7d8eda923854d45e87c11183868b806aff279a82906f1226d8752793a17ab67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 17:28:07 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
age: 20854
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 937
x-amz-cf-id: N_QzBFmouYhi2qy66PJ5wDAYxDLcDHAx14k7zbcPJtRx5CInPc3c2Q==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 23ms
8ms XHR
application/javascript 18.66.108.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-108-49.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: pfXD8LfbTWwWYbVa8nASYbe6_QUldhGN
content-encoding: gzip
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
date: Thu, 23 Feb 2023 04:28:25 GMT
x-amz-cf-pop: FRA56-P5
age: 67638
x-cache: Hit from cloudfront
last-modified: Wed, 15 Feb 2023 23:43:01 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 3sa5YEsLPjqsAQtx8Qsu7Jfbb3RqmjejIph6yoxmt5HzeA-5kBkywg==

GET
H2 200 ad-manager-bulbs.bebb98fabb8ba53dba40.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
1 KB 13ms
13ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/ad-manager-bulbs.bebb98fabb8ba53dba40.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8489bcf2fc3414c581055e957affa2b26ffb7384b62605b7186cb707d4dbb3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 7A82AMR8P52RJ004
age: 101
x-cache: HIT
content-length: 879
x-amz-id-2: 65XSxlwFWpkR5gMWXZXYjQnKXEYkzvo/0bcqArkl2n9V6BhB0hdwV3i9AA2M9wD3KbpmQabvrNbvpVOpA+mc9w==
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Mon, 20 Feb 2023 20:19:32 GMT
server: AmazonS3
x-timer: S1677194142.320687,VS0,VE3
etag: "da0483e39c4a04849edf8d46083b0b9e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
462 B 150ms
40ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=ZSkLA56sY8y8o&cb=0&ws=1600x1200&v=23.203.336&t=1000&slots=%5B%7B%22sd%22%3A%22dfp-ad-2%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_top-banner%22%7D%5D&gdpre=1&gdprc=CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: 92ZEZ2TAJZ68PH8E8XWD
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 8CBc285VmnXmptUSrrMYDH_idIevmkBJ7brsnMNc4JxwBvj3oVOX2w==

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 314ms
97ms Preflight 34.225.45.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.45.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-45-79.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.theonion.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Thu, 23 Feb 2023 23:15:42 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
37 KB 63ms
8ms Script
application/x-javascript 143.204.89.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dd295f1b8047318855e74e81dbeb02d463452670f2997dd64764a6ad88f3884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: FdZQKnEndO3mqmnRp7XQ3uMfeJERmMlw
content-encoding: gzip
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
date: Thu, 23 Feb 2023 08:15:57 GMT
x-amz-cf-pop: FRA50-C1
age: 53986
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:96f94076-69de-4a4b-8bd0-6fb739c06860
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: e16bd58aa55fcc98af3b10870aad5974
last-modified: Thu, 19 Jan 2023 10:03:36 GMT
server: AmazonS3
etag: W/"0820c3a8da5dbe428619a7328c53b95f"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 3efbae2e7f7f574316dfc685479946d213531c0b483ab4a61e653a0088f0cae8
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-id: Xg_LOxWvCH9sFPxXO5ayOoe7UHRs5bcXAwg7atCLwAUjYPc_-yWiMQ==

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
453 B 96ms
95ms XHR
text/plain 34.225.45.79
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.45.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-45-79.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 23 Feb 2023 23:15:42 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 284 B
518 B 267ms
55ms XHR
application/json 34.253.161.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-1,ss:%5B1280.720,970.252,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.161.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-161-49.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3a5a8654923a9a24b3bf66858d7722db97e9fc0d31f19821c1002f5b46810e94

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
server: nginx
x-server-name: app05.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 284 B
518 B 261ms
51ms XHR
application/json 34.253.161.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-2,ss:%5B970.250,970.251,970.90,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.161.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-161-49.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 10bbd59ee7bf28ef42936991c46b4e656a13c9f5368376148dcf035ebc9304a3

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
server: nginx
x-server-name: app10.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 140ms
36ms XHR
text/plain 18.198.85.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.85.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-85-142.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 23 Feb 2023 23:15:42 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
679 B 68ms
10ms XHR
application/json 52.29.23.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2276ee62ea-a07e-4063-9926-1d7a70c252b6%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A1000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1677194142416%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2244c75b26371e81%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%2244c75b26371e81%22%3A%5B%5B970%2C250%5D%2C%5B970%2C251%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%2262581657-468b-4d01-a76f-3f1072de32ba%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C251%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-2%22%2C%22transactionId%22%3A%2262581657-468b-4d01-a76f-3f1072de32ba%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C251%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%2244c75b26371e81%22%2C%22bidderRequestId%22%3A%2230504eaed3e636%22%2C%22auctionId%22%3A%22e4812394-a314-4b61-aae9-2b5a81b7a94b%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.init.modules%22%3A%5B2.1000003814697266%5D%2C%22requestBids.usp%22%3A0.1999988555908203%2C%22requestBids.gdpr%22%3A0%2C%22requestBids.userId%22%3A0.20000076293945312%2C%22requestBids.rtd%22%3A46.30000114440918%2C%22requestBids.validate%22%3A0.1999988555908203%2C%22requestBids.makeRequests%22%3A2.6000003814697266%2C%22adapter.client.validate%22%3A0.09999847412109375%2C%22adapters.client.kargo.validate%22%3A0.09999847412109375%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA%22%7D%7D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22gdpr%22%3A%7B%22consent%22%3A%22CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA%22%2C%22applies%22%3Atrue%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.23.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-23-92.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 23 Feb 2023 23:15:42 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 143 B
952 B 545ms
302ms XHR
application/json 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

38a25347725de5bbe457abc03a06b2d0db60cd91738924a7e08975fdb07b0d48

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 23 Feb 2023 23:15:42 GMT
AN-X-Request-Uuid: 1dc06ad1-495f-4ead-8005-2b337be2ef03
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
508 B 135ms
31ms XHR
application/json 18.193.53.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.35.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1000&gdpr=true&cmp_cs=CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.193.53.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-53-227.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 23:15:42 GMT
accept-ch: sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 arj Show response
fusion-media-group-d.openx.net/w/1.0/ 74 B
380 B 89ms
28ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theonion.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=62581657-468b-4d01-a76f-3f1072de32ba&nocache=1677194142423&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&gdpr_consent=CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA&gdpr=1&aus=970x250%2C970x251%2C970x90%2C728x90%2C1600x520&divids=dfp-ad-2&aucs=%252F4246%252Ffmg.onion%252Ffrontpage&auid=545727625
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: b4497486fe998f332d89e838c7d1d72689c25cdec23230bd85751f6bae8d2190

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.theonion.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
339 B 367ms
15ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690a0018483eb4ccf0afef85a0369&pos=8a96949f018483eb50c40b0071d20395&cmd=bid&secure=1&gdpr=1&euconsent=CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 46d71219ea57ff21bf56c5be24f28b528e9937e835ec6ca8a77f4526aa36e1bb

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
content-length: 80

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
571 B 447ms
410ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=727144
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7935fdc753357949b15d88cd8748fcdd70f0229f10e93a0049f88f9c67ef256

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 23:15:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FE7ZwHGc38%2FXhiwI%2Bwc3Dvv%2F5px14bq%2BlEubAMUCz4hmXKs8Iy902qiSqBee04mSXWC5ucMAaOF8FI2k%2B%2FBtaOA4PXUfUc8%2BevVtr4AZpGXAqCfI8QtVy7xaf3l8eRAyqUM2xqew"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 79e3aa3e69fd5c2c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
240 B 298ms
75ms XHR
application/json 3.127.163.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.163.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-163-7.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 974befab1c27fc1abebbc546073c7afe687b7668f54f76d1d72e8ced2e02dd07

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 23 Feb 2023 23:15:42 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-length: 49
content-type: application/json

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
314 B 360ms
37ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=51529259579&lsavail=0

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 203ms
45ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 23 Feb 2023 23:15:41 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
595 B 49ms
8ms Fetch
application/json 13.32.99.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-35.fra60.r.cloudfront.net
Software: /
Resource Hash: e73a140c69c1bc697cacc30b095e0adbe7153c61bb8d94b3b550e34601c4b042

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:47:28 GMT
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront), 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 80894
x-amzn-requestid: 3011cb75-133a-4cef-a733-2dedaecb7870
x-amzn-trace-id: Root=1-63f6b7a0-4b010a691505ff8557af74ac;Sampled=0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: AxGhIGipjoEFw3A=
content-length: 30
x-amz-cf-id: T4qicB_M1cN14t99i5pQIp84gkrxbw2zE0RDzwkLzEEZCR8_Vk6YWw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
460 B 47ms
47ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=ZSkLA56sY8y8o&cb=1&ws=1600x1200&v=23.203.336&t=1000&slots=%5B%7B%22sd%22%3A%22dfp-ad-7%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&gdpre=1&gdprc=CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: 9JMQ6N2W1FGF3QXB9K03
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: f-DgQM1y-aA8jAfaLftquxciAUCxfp12hM-rZxL063M8xbqAhbZtYA==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 284 B
518 B 158ms
66ms XHR
application/json 34.253.161.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-7,ss:%5B970.250,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.161.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-161-49.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 51db9235c0b4049e6adbfe61a23d808e170a9481d64047e2403740cc10b190f2

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
server: nginx
x-server-name: app07.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
461 B 42ms
41ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=ZSkLA56sY8y8o&cb=2&ws=1600x1200&v=23.203.336&t=1000&slots=%5B%7B%22sd%22%3A%22dfp-ad-9%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&gdpre=1&gdprc=CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: D55APNYK244A96XESPGF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: T8jlL3LBO0O0gdCAsbR96AQRo5-1LQHQfXWk1x8rH-7csYWRo5wwRw==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 284 B
517 B 141ms
53ms XHR
application/json 34.253.161.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-9,ss:%5B970.250,728.90,1600.520%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.161.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-161-49.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 41fc7cc9969897374a7a68b0d0e54143db8bde3c47f23a9d4ea81dd389ceb15b

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
server: nginx
x-server-name: app01.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
507 B 60ms
31ms XHR
application/json 18.193.53.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.193.53.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-53-227.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 23:15:42 GMT
accept-ch: sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 144 B
953 B 281ms
117ms XHR
application/json 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

7043b6257490e24d661fcabd70ce357d79129d21faa1f24b48de23c5dea7783e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 23 Feb 2023 23:15:42 GMT
AN-X-Request-Uuid: 67225c15-228e-4075-910d-fd42ccd45dd2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 138ms
45ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 23 Feb 2023 23:15:42 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
112 B 292ms
16ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690a0018483eb4ccf0afef85a0369&pos=8a96949f018483eb50c40b0071d20395&cmd=bid&secure=1&gdpr=1&euconsent=CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 159e4a1dc6b4c3d9ffb77a1d459ff7bb546a1b116b57262dae146a0d24a86e39

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
content-length: 80

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
159 B 53ms
35ms XHR
text/plain 18.198.85.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.85.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-85-142.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 23 Feb 2023 23:15:42 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
679 B 15ms
15ms XHR
application/json 52.29.23.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2276ee62ea-a07e-4063-9926-1d7a70c252b6%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A1000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1677194142502%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2234696f22582004f%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%2234696f22582004f%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22d908bb24-5961-4f8f-b036-cfc5f71e0877%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-7%22%2C%22transactionId%22%3A%22d908bb24-5961-4f8f-b036-cfc5f71e0877%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%2234696f22582004f%22%2C%22bidderRequestId%22%3A%22330b47456c2e473%22%2C%22auctionId%22%3A%225c96f32d-7990-4ff2-9a13-758315b02609%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.init.modules%22%3A%5B2.1000003814697266%5D%2C%22requestBids.usp%22%3A0.1999988555908203%2C%22requestBids.gdpr%22%3A0%2C%22requestBids.userId%22%3A0.20000076293945312%2C%22requestBids.rtd%22%3A11.30000114440918%2C%22requestBids.validate%22%3A0.09999847412109375%2C%22requestBids.makeRequests%22%3A2.8999996185302734%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA%22%7D%7D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22gdpr%22%3A%7B%22consent%22%3A%22CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA%22%2C%22applies%22%3Atrue%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.23.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-23-92.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 23 Feb 2023 23:15:42 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 arj Show response
fusion-media-group-d.openx.net/w/1.0/ 74 B
146 B 35ms
35ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theonion.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d908bb24-5961-4f8f-b036-cfc5f71e0877&nocache=1677194142502&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&gdpr_consent=CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA&gdpr=1&aus=970x250%2C728x90%2C1600x520&divids=dfp-ad-7&aucs=%252F4246%252Ffmg.onion%252Ffrontpage&auid=545727615
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 6872c7da82c7d25a283f0f16a2381b08b218c00dbbd8807ccf9e233a5f3ade33

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.theonion.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 293ms
38ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=27194617050&lsavail=0

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 23 B
240 B 217ms
66ms XHR
application/json 3.127.163.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.163.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-163-7.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 84f8fd6b8b98f1b72b0981e15100e82b28c15433fdcada5feb9d0905faf427ec

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 23 Feb 2023 23:15:42 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-length: 48
content-type: application/json

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 288ms
38ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=30235803919&lsavail=0

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
679 B 24ms
15ms XHR
application/json 52.29.23.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%2276ee62ea-a07e-4063-9926-1d7a70c252b6%22%2C%22requestCount%22%3A2%2C%22timeout%22%3A1000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1677194142509%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2246b6e0445e671f5%22%3A%22_bSLu2IWVUC%22%7D%2C%22bidSizes%22%3A%7B%2246b6e0445e671f5%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_bSLu2IWVUC%22%7D%2C%22labelAll%22%3A%5B%22desktop%22%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%227a5f721d-e8fd-4760-9561-1d7cd05d3d67%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22pbadslot%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%2C%22gpid%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22dfp-ad-9%22%2C%22transactionId%22%3A%227a5f721d-e8fd-4760-9561-1d7cd05d3d67%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B728%2C90%5D%2C%5B1600%2C520%5D%5D%2C%22bidId%22%3A%2246b6e0445e671f5%22%2C%22bidderRequestId%22%3A%22455c7f52e6b3711%22%2C%22auctionId%22%3A%2293a5273b-bef1-4066-9e80-9407908dbae1%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%5D%2C%22userId.init.modules%22%3A%5B2.1000003814697266%5D%2C%22requestBids.usp%22%3A0%2C%22requestBids.gdpr%22%3A0.10000038146972656%2C%22requestBids.userId%22%3A0.10000038146972656%2C%22requestBids.rtd%22%3A17.400001525878906%2C%22requestBids.validate%22%3A0.09999847412109375%2C%22requestBids.makeRequests%22%3A1.3999996185302734%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA%22%7D%7D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22domain%22%3A%22theonion.com%22%2C%22keywords%22%3A%22TheOnion%22%2C%22publisher%22%3A%7B%22domain%22%3A%22theonion.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.177%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22gdpr%22%3A%7B%22consent%22%3A%22CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA%22%2C%22applies%22%3Atrue%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.23.92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-23-92.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 23 Feb 2023 23:15:42 GMT
Content-Encoding: gzip
X-Accel-Expires: 0
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Krk-No-Bid-Reason: consent
Content-Length: 26
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ 144 B
953 B 239ms
82ms XHR
application/json 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

92ecf6aef70ae620577429697225394cdb4912069b3e8579d36cc7a4d8d3efc2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 23 Feb 2023 23:15:42 GMT
AN-X-Request-Uuid: 054b0c02-66de-427d-9ee9-da0bef26e708
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.theonion.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
fusion-media-group-d.openx.net/w/1.0/ 74 B
146 B 29ms
28ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fusion-media-group-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.theonion.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7a5f721d-e8fd-4760-9561-1d7cd05d3d67&nocache=1677194142510&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&gdpr_consent=CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA&gdpr=1&aus=970x250%2C728x90%2C1600x520&divids=dfp-ad-9&aucs=%252F4246%252Ffmg.onion%252Ffrontpage&auid=545727615
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: fb1f20bc5e083028d7ffa9335b3e3775d599d39f10abd8c68f2bcd23c2be8c4c

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.theonion.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 156ms
73ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 23 Feb 2023 23:15:42 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 23 B
239 B 211ms
67ms XHR
application/json 3.127.163.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.163.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-163-7.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 0151f873faa4ceb7de840eafb4cdc8f3ac206cc525a9fd88287101f08ab1e744

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 23 Feb 2023 23:15:42 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-length: 48
content-type: application/json

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
158 B 44ms
36ms XHR
text/plain 18.198.85.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.85.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-85-142.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 23 Feb 2023 23:15:42 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
507 B 66ms
51ms XHR
application/json 18.193.53.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.193.53.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-53-227.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 23:15:42 GMT
accept-ch: sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
112 B 281ms
17ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9690a0018483eb4ccf0afef85a0369&pos=8a96949f018483eb50c40b0071d20395&cmd=bid&secure=1&gdpr=1&euconsent=CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 841c0c4799da33c4cf19694445eb99407422d32dac8bf54723283f60008dff69

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
content-length: 80

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 129 KB
47 KB 65ms
17ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TH42LHK

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1e6472e5cbfbb70807685b2eb82c6a19ddd7d59979c293a7946d390432333a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47564
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 22:48:50 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Feb 2023 23:15:42 GMT

GET
H2 200 183957-47751755686051.js Show response
js-sec.indexww.com/ht/p/ 47 KB
16 KB 86ms
18ms Script
text/javascript 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Feb 2023 22:56:28 GMT
server: cloudflare
age: 891
etag: W/"da32d6-bde7-5f565ec462bd9"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 79e3aa41ad3a6973-FRA
expires: Fri, 24 Feb 2023 03:15:42 GMT

GET
H2 200 runtime~trackers.bf0d5e0e1cb725d7f8c6.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
1 KB 19ms
12ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~trackers.bf0d5e0e1cb725d7f8c6.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

56650307c96a00512a6dd45ccc2bd7dafd875dfdb8cee6d8f8fcf80b6d7a92df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 82WW3EFN85W1WJT8
age: 251473
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 683
x-amz-id-2: 97EnFMN9FSMAG9rUa5JqTDWZsEg5Gv1KQQcrGiajcuEdzSarMk8P9hpKpNVBgvzcb8qWWWYoHtQ=
x-served-by: cache-hhn-etou8220071-HHN, cache-hhn-etou8220035-HHN
last-modified: Mon, 20 Feb 2023 20:19:36 GMT
server: AmazonS3
x-timer: S1677194143.923500,VS0,VE0
etag: "8424ada13d29e0d2039d4c3e6a6a9ac7"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 8

GET
H2 200 vendor~carGalleryPage~curatedHomepage~featureSwitchPageClient~frontPage~modify-commerce-links~search~3077f038.bd87d2c21ffcced86f85.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 22 KB
6 KB 19ms
16ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~carGalleryPage~curatedHomepage~featureSwitchPageClient~frontPage~modify-commerce-links~search~3077f038.bd87d2c21ffcced86f85.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

243db612aba3f1a4c9be4b4224f9654eab384065819c359ab8a083c2361a5fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: FG32Y2WFA22S8ARR
age: 247805
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 6257
x-amz-id-2: w1hwAu693gsEtWCkYT+6LMXo0caMXo2yT6aaZLRg/JE3kiRWx/0BaIseTOJQo7v1PWxVm7NzFkg=
x-served-by: cache-hhn-etou8220047-HHN, cache-hhn-etou8220035-HHN
last-modified: Fri, 17 Feb 2023 22:00:45 GMT
server: AmazonS3
x-timer: S1677194143.924904,VS0,VE0
etag: "27835808fb9b058935391da4f0895d70"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 12

GET
H2 200 vendor~trackers.0e88cc821c1da5b93a1b.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 107 KB
34 KB 21ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.0e88cc821c1da5b93a1b.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5a8d757b61fd8426db4888c00704583d3ed2b873dc7d3d12a8caaf5c4037cb90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: EN01TMHDHYYKJ1VE
age: 764934
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 34426
x-amz-id-2: NPR3Vs7SKkB8OTRdAhYpZRz/MtEhIWj2bJNj2iwRQRpPe7o+SyWPAc1Kbkuvoe6rxGRm5wndFKQ=
x-served-by: cache-hhn-etou8220061-HHN, cache-hhn-etou8220035-HHN
last-modified: Mon, 13 Feb 2023 21:15:09 GMT
server: AmazonS3
x-timer: S1677194143.924941,VS0,VE0
etag: "59efa69b5c5d8d8bdb01bce66aafc4a7"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 14

GET
H2 200 second-scroll~trackers.c8dcd3139cfa250053a6.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 13 KB
4 KB 23ms
20ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/second-scroll~trackers.c8dcd3139cfa250053a6.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ec55c15430be1419cea9afc73b57a2fa4f7556073faffed83deca3994fc36767

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: RENWZRHBRM4P1AXR
age: 618125
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 4215
x-amz-id-2: j7F5Tu+dbRb5Q/MtP76IpTeNnEySPhvN5Dpkk6O8oDeim2flchaJ/nKuYhZJPeg6KTV0L8zWURo=
x-served-by: cache-hhn-etou8220048-HHN, cache-hhn-etou8220035-HHN
last-modified: Thu, 16 Feb 2023 19:30:31 GMT
server: AmazonS3
x-timer: S1677194143.925177,VS0,VE0
etag: "5010fc00f91afb9e319c6450729435c3"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 12

GET
H2 200 trackers.04f9babf948a23d8d5a8.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 11 KB
4 KB 20ms
17ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/trackers.04f9babf948a23d8d5a8.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ec0822bb72d5947ecdeb360b56c6b970ce2fb5f0028d80bb100edbd20276ea3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: APPS0M2N97MSJCAV
age: 1342615
x-cache: HIT, HIT
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 3358
x-amz-id-2: KGjhRGWd0rLEuc1GCuD7/gIIluNGLWBercOQVw2qR/5jL4tWnUJtUyyo94vZ04LODccXXHjnwME=
x-served-by: cache-hhn-etou8220050-HHN, cache-hhn-etou8220035-HHN
last-modified: Wed, 08 Feb 2023 10:00:26 GMT
server: AmazonS3
x-timer: S1677194143.924990,VS0,VE0
etag: "29c14924c89903d86588b758b2a7236a"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 13

GET
H2 200 runtime~curatedHomepage.945cc0f868bd56abc12e.js Show response
x.kinja-static.com/assets/new-client/ 29 KB
6 KB 25ms
23ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/runtime~curatedHomepage.945cc0f868bd56abc12e.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

85bb85347bc2b8692a14b30aa8fa9434be1765b1aba472fa1a2dd1116504c683

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: V9DWVP7ZEBBPZ38P
age: 79
x-cache: HIT
content-length: 5555
x-amz-id-2: 1XNeHvZS1mxzNhiHhLpY+kcF6kbRaTVo15nxki6uoqO+RyymnK1TP/CLGH0tWZ0GjPwSb03yZsg=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 22 Feb 2023 13:28:54 GMT
server: AmazonS3
x-timer: S1677194143.924917,VS0,VE1
etag: "710deea3f7c1e2f0966a69f7255cde91"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~PlaylistCarousels~adEditorComponent~adEditorPageComponent~alerts-form~alerts-modal~alertsUnsu~1520c37f.79834fc9032c937cc895.js Show response
x.kinja-static.com/assets/new-client/ 37 KB
12 KB 29ms
27ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~PlaylistCarousels~adEditorComponent~adEditorPageComponent~alerts-form~alerts-modal~alertsUnsu~1520c37f.79834fc9032c937cc895.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

39bb31b78df72d18ff738f117f516bb1b6390a6ca319841135ff78ca91e43a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: NNZT147Q4HSKC0NX
age: 47
x-cache: HIT
content-length: 12433
x-amz-id-2: iA42eJG6S+5d9kknutr3vG+/N402t/BqFAIpN45RANaezVZyCPm+6vCQafM0xQY7B1sh40qvtLI=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 22 Feb 2023 09:00:13 GMT
server: AmazonS3
x-timer: S1677194143.925340,VS0,VE1
etag: "1f163ad3f592ee22a7ff51e280fb3c97"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~celebrityPage~channelSectionPage~c~61c5a060.8720f5054d9f7af4ac01.js Show response
x.kinja-static.com/assets/new-client/ 122 KB
34 KB 24ms
22ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~celebrityPage~channelSectionPage~c~61c5a060.8720f5054d9f7af4ac01.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6785e98328a4cc409a3f625fc82a0fa7b7aeca6324cd0c84bff9ee3863071ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: NNZPRZQX6K0YZCH8
age: 104
x-cache: HIT
content-length: 34745
x-amz-id-2: MQJGun30xJnZY7Ls8MtqlwKKQnURVuu0E/yVbZKNkRVflnFMPXVOxPq9U2fBbMLwAcjQCcSNuxI=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 22 Feb 2023 09:00:13 GMT
server: AmazonS3
x-timer: S1677194143.924665,VS0,VE1
etag: "4e6c877772c0128c9250fe45ceb72609"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~adEditorComponent~alertsUnsubscribePage~api-video-meta~biztoolsPage~car-comparator~car-select~63b0cba8.30d44cd85d6f6f799dba.js Show response
x.kinja-static.com/assets/new-client/ 82 KB
22 KB 15ms
13ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~adEditorComponent~alertsUnsubscribePage~api-video-meta~biztoolsPage~car-comparator~car-select~63b0cba8.30d44cd85d6f6f799dba.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

527acca79f65ad4471c1c9f55b5e23b19535454ead4d8cac427bcfeea5892b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: ZSYE272EC7NDMNZD
age: 104
x-cache: HIT
content-length: 22143
x-amz-id-2: fycADQLHr+ufhEI3T+5dHVqGsGx9+Htz4wD3kTAbnL1E/jJCzaXrX2XYQ2ntiwl1iem7wT7EvmA=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Mon, 20 Feb 2023 20:19:37 GMT
server: AmazonS3
x-timer: S1677194143.924639,VS0,VE0
etag: "c2deac29bfa092e92637a7ba999b159e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~adEditorComponent~alerts-form~alertsUnsubscribePage~api-video-meta~biztoolsPage~carGalleryPag~191ac19b.f23e77edaa8658ebe027.js Show response
x.kinja-static.com/assets/new-client/ 71 KB
19 KB 13ms
11ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~adEditorComponent~alerts-form~alertsUnsubscribePage~api-video-meta~biztoolsPage~carGalleryPag~191ac19b.f23e77edaa8658ebe027.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4d5127d6b31baf0b8327b06d2fb4f0964c9b0de73219c0b5689a32bb63a78df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: KP4QGJCCBRPH1ZN8
age: 104
x-cache: HIT
content-length: 19136
x-amz-id-2: LF9RW3scscXWnyF7rNT0SvmOSCiE7B0QYcXXNu1ypmrdLZqCLyDTf60jVaT1q/yJG8f9+mhFOfziSjwDE3q2Xw==
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 15 Feb 2023 18:18:02 GMT
server: AmazonS3
x-timer: S1677194143.924613,VS0,VE0
etag: "8ceb0eb0f281ea6604210f91b9eb7a44"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~YMALModule~adEditorComponent~alerts-form~alertsUnsubscribePage~biztools~car-comparator~car-se~fe40abbf.1f9cb3b9d5a317cc4ac2.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
1 KB 30ms
28ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~YMALModule~adEditorComponent~alerts-form~alertsUnsubscribePage~biztools~car-comparator~car-se~fe40abbf.1f9cb3b9d5a317cc4ac2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d6b9ac7adf6752dd8e705c692f3beebfb9104236824ac75dd5a32c0753cd3964

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: SZVK22EDXF6CHGS7
age: 104
x-cache: HIT
content-length: 1087
x-amz-id-2: gBPK+6Vz78LNm2KRoJLff6q9m51lXLXUIpG/NUTMY1ttD+QvJDwYQbQszf/upnNcA54MQfJ4aKk=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 15 Feb 2023 18:18:02 GMT
server: AmazonS3
x-timer: S1677194143.930435,VS0,VE0
etag: "9de8559d2fd78892bf401b562aaaca7f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~PlaylistCarousels~YMALModule~adEditor~alertsUnsubscribePage~biztools~car-comparator~car-selec~021295d5.3c3ac3dad7875c517eb2.js Show response
x.kinja-static.com/assets/new-client/ 5 KB
2 KB 18ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~PlaylistCarousels~YMALModule~adEditor~alertsUnsubscribePage~biztools~car-comparator~car-selec~021295d5.3c3ac3dad7875c517eb2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7f1643206d445b775a3c7b9bdb3f506f2952f86308d46c169fcbb9b3239104b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: VQTVCNTNX4JSD1MV
age: 104
x-cache: HIT
content-length: 1691
x-amz-id-2: q2Ji2vo6VKnJAKyNd4mJswXn6MNtEATjUnQrIP6KQOFbdimvHBUmTToHeVFcsH5jLlWORUk2A+E=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 15 Feb 2023 13:58:46 GMT
server: AmazonS3
x-timer: S1677194143.942304,VS0,VE0
etag: "6dbfe9cf2ca859581d904c0286cfb89f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~7dd5981a.c8248b5c24085f06398a.js Show response
x.kinja-static.com/assets/new-client/ 25 KB
8 KB 19ms
19ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~adEditor~alertsUnsubscribePage~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channel~7dd5981a.c8248b5c24085f06398a.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e439a52c75929d8a6b65a89889ee7442330660ea402a29806e079cca52e408b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: WWFA5X7JAB55EP9B
age: 44
x-cache: HIT
content-length: 7639
x-amz-id-2: rkUDzzkUrsu+wAc2ZaQTLpDl52+pXeTr6sd89eJCNTLzKgrfQTwpPxSw2VnXMZlhNZHuQo36UNaS4eL8bwy05Q==
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 08 Feb 2023 10:00:26 GMT
server: AmazonS3
x-timer: S1677194143.942474,VS0,VE0
etag: "f86fe7f2678133b0bd736a9ef2d0ba0d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~b51ab3d8.309abbdcf7f19983d031.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
876 B 13ms
8ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~adEditor~biztoolsPage~carGalleryPage~carSpecsPage~celebrityPage~channelSectionPage~commerceDa~b51ab3d8.309abbdcf7f19983d031.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

643b13f1be4ab10de097c4cfdeda115aa34f733201017945aecb182898e19c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: GXZF4QZQNJA5X3J7
age: 104
x-cache: HIT
content-length: 682
x-amz-id-2: /eeENdU1ypZUr4w/VWBBe/hJQH9eyYrc6u21dAWhzN+1OYFHAyoQg//S96b1K214TYq5/0zbygQ=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Mon, 20 Feb 2023 20:19:37 GMT
server: AmazonS3
x-timer: S1677194143.964183,VS0,VE0
etag: "bcbf5d9fa10ddb768b916b41aafce19c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~celebrityPage~channelSectionPage~curatedHomepage~frontPage~moviePage~post-tools~profilePage~r~5eb8264d.58a517a8df8aba365f76.js Show response
x.kinja-static.com/assets/new-client/ 4 KB
2 KB 15ms
11ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~celebrityPage~channelSectionPage~curatedHomepage~frontPage~moviePage~post-tools~profilePage~r~5eb8264d.58a517a8df8aba365f76.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b959d2a78af201f9efc2810e0bcc98b1311a17ca1d442d30a3fe6d52f119f80e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 08RBXWP67W3RG1M3
age: 22
x-cache: HIT
content-length: 1599
x-amz-id-2: vxjfPkqcH4BYhdo2TKiM7Vglp1kVmNT84hzQHlkG8a0emqq+4LY5zcEaIHbiGbuKTWjof83FuTM=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 08 Feb 2023 10:00:27 GMT
server: AmazonS3
x-timer: S1677194143.964128,VS0,VE1
etag: "0847c32e7a058bc2d4b4faf378a3507b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~curatedHomepage~frontPage~modify-commerce-links~searchPage~tagPage.bcd374888501d5916ad0.js Show response
x.kinja-static.com/assets/new-client/ 18 KB
6 KB 15ms
10ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~curatedHomepage~frontPage~modify-commerce-links~searchPage~tagPage.bcd374888501d5916ad0.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ae8572f2e8a78c81df30df62295bac324cd80a6ca55567213906b7ca7a88df8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 323G48X5ZCM47WDN
age: 53
x-cache: HIT
content-length: 6315
x-amz-id-2: nMW4LQ6veRDh6k910FP0I4aK5w2XpIJlnlN+xXYJMH4k4sqe89/Jn7xiHcSCA+7AWDOGwXRqTYY=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Tue, 14 Feb 2023 21:29:40 GMT
server: AmazonS3
x-timer: S1677194143.964712,VS0,VE0
etag: "ef46f546f3ee0802a256a7339d49b0a4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendor~curatedHomepage~featuredPermalinkPage~permalinkPage~slideshowPermalinkPage~videoPermalinkPage.611c34bd56432c0db807.js Show response
x.kinja-static.com/assets/new-client/ 4 KB
2 KB 11ms
10ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~curatedHomepage~featuredPermalinkPage~permalinkPage~slideshowPermalinkPage~videoPermalinkPage.611c34bd56432c0db807.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2fde3288ed7eb09fb14ad5b916b6376e9da933668c28d2f29c95093b233aa758

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: KP4MCN93JWNR7XZV
age: 104
x-cache: HIT
content-length: 1389
x-amz-id-2: KIjho+qZwkli7yX7mI5iWRi5sKH+97FxFlBegzFVvpaKa+vuOc12tnuN8a3gf+4L+Vh5h9ZVtbY=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 15 Feb 2023 18:18:03 GMT
server: AmazonS3
x-timer: S1677194143.964700,VS0,VE0
etag: "84fdd1b955b1552883551ceebcba5c86"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 adEditor~alertsUnsubscribePage~api-video-meta~biztoolsPage~car-comparator~car-selector~car-shopping-~f9df17bd.c6241a3daecca1fd0f85.js Show response
x.kinja-static.com/assets/new-client/ 9 KB
2 KB 13ms
12ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/adEditor~alertsUnsubscribePage~api-video-meta~biztoolsPage~car-comparator~car-selector~car-shopping-~f9df17bd.c6241a3daecca1fd0f85.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5be266d1a196a7b245b12fb2d70a9b517511d817ec9672ff275695aaac36e7b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: TN149HTJS7BXQYKG
age: 10
x-cache: HIT
content-length: 1637
x-amz-id-2: Yn95Yx+9sF5x0akiVsE5MYMG+jm66r7FIyh9lpnMFXPFpHDYboceqncsQX5Tnr+xUzNXP4xitBdCkl9ICV1duA==
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Tue, 21 Feb 2023 19:50:34 GMT
server: AmazonS3
x-timer: S1677194143.964684,VS0,VE1
etag: "00cad1e6d8a4b6b0d61ff6c479a3a602"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 adEditorComponent~alertsUnsubscribePage~api-video-meta~biztoolsPage~car-comparator~car-selector~car-~231c7468.89d8e118732120a27d66.js Show response
x.kinja-static.com/assets/new-client/ 33 KB
8 KB 10ms
9ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/adEditorComponent~alertsUnsubscribePage~api-video-meta~biztoolsPage~car-comparator~car-selector~car-~231c7468.89d8e118732120a27d66.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bee3fef74c446f2498c8e2e2c3dc5b2c86c83505faa5fef83e725125975626e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: C9VBVNDD6JB10K88
age: 51
x-cache: HIT
content-length: 7686
x-amz-id-2: A/sJB8Ua+5WibSwX+BagprhOC5xvy1BiZBu0EwSCGXs4XPUujE51nuKZjKlkb3nLqoXx11wUZo8=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 15 Feb 2023 13:58:42 GMT
server: AmazonS3
x-timer: S1677194143.964662,VS0,VE0
etag: "7a18b8a09643fce49e2ae555ef102136"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 adEditorComponent~alertsUnsubscribePage~api-video-meta~biztoolsPage~commerce-inset-module~commerceDa~7bb17927.9ee21cb01dd81500251a.js Show response
x.kinja-static.com/assets/new-client/ 6 KB
2 KB 11ms
11ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/adEditorComponent~alertsUnsubscribePage~api-video-meta~biztoolsPage~commerce-inset-module~commerceDa~7bb17927.9ee21cb01dd81500251a.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

70d0defc99f27713ca0907f20d482ab6d6e55837adfd29c6b32612b7bfd22a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: APPTG97WMF95ZE2D
age: 0
x-cache: HIT
content-length: 2192
x-amz-id-2: 5Q7lMpMUFOZxnKd2JXEbpd0QQcsXvlR3y9Dw6dolT3c2bEid72M0ggWsRldvAVT+AEmB/JaCiljYC2WxdlwxnA==
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 08 Feb 2023 10:00:22 GMT
server: AmazonS3
x-timer: S1677194143.978715,VS0,VE1
etag: "f47ba7ae4325cbc54475ccf006f03103"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 PlaylistCarousels~biztools~commerceDashboard~curatedHomepage~curatedPostsPage~getPopularPostIdsForNe~f7966be6.84c171b4ca632257ba6c.js Show response
x.kinja-static.com/assets/new-client/ 11 KB
3 KB 19ms
18ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/PlaylistCarousels~biztools~commerceDashboard~curatedHomepage~curatedPostsPage~getPopularPostIdsForNe~f7966be6.84c171b4ca632257ba6c.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e2de62e59d6f3bce6e1458a464adf2802e1e7fc1f3170d938a8724677729060f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: CCAJEPE6S9VP01B9
age: 22
x-cache: HIT
content-length: 2753
x-amz-id-2: j17yasc5NZK4jl+IREjTnt10SJR1Vse3F4eNrRXzhkkMZO81cIjCdKkMo28z0dhcnSL/gcueVnY=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 15 Feb 2023 13:58:41 GMT
server: AmazonS3
x-timer: S1677194143.978726,VS0,VE1
etag: "fb35efc0a3436a2bb664cfb6d88babe8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 curatedHomepage.ca725923d894b0464aa3.js Show response
x.kinja-static.com/assets/new-client/ 151 KB
32 KB 18ms
17ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/curatedHomepage.ca725923d894b0464aa3.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d5c34b47a6eb853a60c77a25fdc18a2c60e5129b80a59921c7404fd555c47192

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:42 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: MKXF7WDBXB5K1VZ1
age: 79
x-cache: HIT
content-length: 32098
x-amz-id-2: biJ2ajmVhy/zsxOtvuSnnaMZDQHmucYzRt81YDzlCkC74FDlNAOAQqNEYV7ChOpSQJ0OmP1doeQ=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 22 Feb 2023 09:00:08 GMT
server: AmazonS3
x-timer: S1677194143.978723,VS0,VE1
etag: "19803cd75fd870c8835184f07019e889"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
440 B 151ms
41ms XHR
application/json 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 pid Show response
www.theonion.com/api/magma/veritas/ 40 B
807 B 112ms
111ms Fetch
text/html 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/magma/veritas/pid?cb=1677194142973

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.0e88cc821c1da5b93a1b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

1e01b0b91857b4dab681cd0fbc26240dbc32f277f933a5db16aa1fc1134c3d93

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-kinja-server: kinja-magma-kube02-56bccf95d-svpzq
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 23:15:43 GMT
via: 1.1 varnish, 1.1 varnish
x-kinja-build: 3878
x-powered-by: Express
x-cache: MISS, MISS
x-ua-device: desktop
x-kinja: kinja-magma-kube02-56bccf95d-svpzq #3878
x-cdn-fetch: mantle-nocache
content-length: 40
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200038-IAD, cache-hhn-etou8220035-HHN
x-googlenews-bot: false
x-timer: S1677194143.977998,VS0,VE102
etag: W/"28-8rENDaS1zcko1Iw4blIHDbK5nEI"
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-Kinja-GDPR, X-Kinja-CCPA, X-Kinja-Location
content-type: text/html; charset=utf-8
cache-control: private, no-store, no-cache
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-kinja-revision: ff8a4558037c534033087073b6b1bf2be2ee784a
x-cache-hits: 0, 0

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://kinja-com.videoplayerhub.com/gallery.js
https://btloader.com/tag?h=kinja-com&upapi=true

15 KB
7 KB

64ms
15ms

Script
application/javascript

2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=kinja-com&upapi=true
Protocol: H2
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc0665a6b715c3694ae469b94baa0a556fae623c8103c0b22a73ceeb7200f7c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Feb 2023 22:51:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1366
etag: W/"3bf5f1e7cef8daa4bd6cae20b96067ba"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9z37ASdVW%2Fd5Q7miI7fb3%2FL76goguC2WMZz1NgIeZ2DF7u7V3mM6f2%2FqL1P7qCF0N4yjnIskDGyT3FEygx6qDkMWNnoq1mBlUy9zCp0X1t46qb65aqABIhPRdp1ucE0RzZF%2B8cboiVYUcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 79e3aa427c70362d-FRA

Redirect headers

date: Thu, 23 Feb 2023 23:15:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YOaanl2fRpNQgDVTDXPxpQRFwjv0AibPuhPafoUMr4gbEplhsHv1biAARwWyTqAqBevW3Hj5dS%2BN4A96I6at6cB2DwWqZckDct2ffTWHflLsspwupW3YeqEXLidT5nj672N2AP4%2B5spK4CqQrVAKTRzIRQtTUwmEc8%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=kinja-com&upapi=true
cache-control: max-age=3600
cf-ray: 79e3aa41da1535ed-FRA
expires: Fri, 24 Feb 2023 00:15:43 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 86ms
8ms Script
application/x-javascript 2600:9000:223c:3400:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:3400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 02:57:12 GMT
content-encoding: gzip
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 73111
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: IMZwCYmgT8YqZTagz7OE0LXdkHgIWIEltNm8M6_iVYvjXxGpZ5uPCA==
expires: Fri, 24 Feb 2023 02:57:12 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
261 B 123ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 23 Feb 2023 23:15:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 111 KB
44 KB 119ms
43ms Script
application/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-W523ND3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH42LHK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3e63f3a7930cb997075fe08a3a4df7c6b943ff28f82cc0c5b9af6c799832c1cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44806
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 22:48:50 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Feb 2023 23:15:43 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
11 KB 63ms
8ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?231
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 22:38:55 GMT
content-encoding: br
age: 2208
x-guploader-uploadid: ADPycduKA7Wkk9RGKdbXAcWdqzWAYBVejftE5Nq0BtOcM3U4LinrRFbBV36NR-LckgDK_2NVjWtYtOCpC_f7dZ3xogFPhUCbjgbT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10469
last-modified: Tue, 09 Aug 2022 21:49:07 GMT
server: UploadServer
etag: W/"fe36d3317b1b052708eb2260e253aa63"
vary: Accept-Encoding
x-goog-generation: 1660081747697868
x-goog-hash: crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
content-type: application/javascript
cache-id: FRA-1209ea83
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: none

GET
H2 200 client-v2.js Show response
rr3s4p9hfoptgmhna.ay.delivery/ 55 KB
18 KB 60ms
15ms Script
application/javascript 2606:4700:e2::ac40:8104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rr3s4p9hfoptgmhna.ay.delivery/client-v2.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH42LHK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba5bdf852127bc161ee324dfb6982056c0ad85d64c8c57cbd8be08abe92aca30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Feb 2023 22:02:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 843
etag: W/"63ec04ee-da18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbdY9yPn35kyWlaubh5IjKqe5s%2FetKEI6JtSmLNzbg34T2VTQ7Fzrr%2B2CCnxKtvcuxJ6SQdDnJuCHqrQOpxyVKaTED7oH1hNIICalIfS043tcDzoThQldFpqXiteSWD8%2FUE0EgF3eJEM9C4G3J4tXuSGWPZCbXrmBv1MwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 79e3aa42987e3619-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
79 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3R8KRK8GCN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH42LHK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f5fb365854798d5dc2beed3f6fc3d503b1a388eecd3790da50d2199de2deb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80758
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Feb 2023 23:15:43 GMT

GET
H2 200 gomedia_015a5_the_onion.js Show response
cdn-magiclinks.trackonomics.net/client/static/v2/ 95 KB
28 KB 125ms
11ms Script
text/javascript 2600:9000:225e:dc00:1d:8c8c:47c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:dc00:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash: 5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 01:34:38 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jun 2022 11:07:33 GMT
server: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
x-amz-cf-pop: FRA60-P4
age: 78121
etag: W/"17c61-5e21b75ea5252"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-id: VbuUjUeid5bNdj9jJWmarRz2N7smYjtrBCwzb1dDcU_H9VvOB7w1fQ==

GET
H2 200 iframe-communication.9814867dc29fa9e65758.js Show response
x.kinja-static.com/assets/new-client/ 3 KB
2 KB 9ms
7ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/iframe-communication.9814867dc29fa9e65758.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dbca21de82ba69b1bc23cd1c49721d7b763db98007a74397ad196d494e552f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 6S974HHJVBE7YPRB
age: 60
x-cache: HIT
content-length: 1218
x-amz-id-2: OHFx6FsN7u3kB9CSt03cbFSWY8/YilO4tCRYUc8OtCQ7OpTG1gtJM2XVF7DLU0UP5Pj0jYezx7c=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Mon, 20 Feb 2023 20:19:35 GMT
server: AmazonS3
x-timer: S1677194143.139162,VS0,VE0
etag: "aa0ce04290e2a01380cb9b1ab0a85b3f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3298

GET
H2 200 next-video-loader.46ccd2b59f91b4c550ce.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
965 B 10ms
9ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/next-video-loader.46ccd2b59f91b4c550ce.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1e778e751217ca0ba57eb77af9916c05bdac2ce11b7ff5aab37fea12cfecf365

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: D97JKDRPTCVC2MC4
age: 0
x-cache: HIT
content-length: 741
x-amz-id-2: lg4KL5MDSb3MY8q8BRHiSMY95Q4WfJROq2F7tCppRhgRSaA99zG4qePeLoumROVcfRQDJs6mYbc=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 22 Feb 2023 09:00:10 GMT
server: AmazonS3
x-timer: S1677194143.145209,VS0,VE1
etag: "d3e08332ceb621a80a209df39a0c96f1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 api-video-meta~carousel~curatedPageEditor~feed-stream-load-more~getPopularPostIdsForNetwork~getShowB~fc6d689c.b65e1eaa788f018e9503.js Show response
x.kinja-static.com/assets/new-client/ 7 KB
2 KB 15ms
14ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/api-video-meta~carousel~curatedPageEditor~feed-stream-load-more~getPopularPostIdsForNetwork~getShowB~fc6d689c.b65e1eaa788f018e9503.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

66fc6624b0d794ef30410b6bda5889f63f1b1d72568c97f7deff77e95d2921e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 1AG688SYM6F4MBGC
age: 32
x-cache: HIT
content-length: 1908
x-amz-id-2: UmxRUUpC6+/L6P3Tv2J62/b3rLBqFbhzFg8zDYKNA+mOqwEoNoRF8dhHDxFPvIz+vyzGL5lisRg=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 08 Feb 2023 10:00:22 GMT
server: AmazonS3
x-timer: S1677194143.145103,VS0,VE5
etag: "81b65f66d4a2d61598f65e3975e63e17"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 api-video-meta.342158ca3b2ede1b1924.js Show response
x.kinja-static.com/assets/new-client/ 18 KB
5 KB 9ms
9ms Script
application/javascript 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/api-video-meta.342158ca3b2ede1b1924.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ec63f53a3bb5fea844f4a9a93fa1651bcaa5f0fa534cef22be487f5d2bda23f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 1AGF21Q4X6ZDJD4F
age: 18
x-cache: HIT
content-length: 4967
x-amz-id-2: 1f+LyVLvEhffx5bobJTnfYIuqlEeHLxfGwBSpoyH7EUAI5ZCyUziWkTbW0nQivNzh66QeDXupcE=
x-served-by: cache-hhn-etou8220035-HHN
last-modified: Wed, 08 Feb 2023 10:00:22 GMT
server: AmazonS3
x-timer: S1677194143.144948,VS0,VE1
etag: "110b1524287cec3cff55cc90a88b67da"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 any Show response
idx.liadm.com/idex/ie/ 54 B
432 B 305ms
94ms XHR
application/json 34.231.246.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/ie/any

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.246.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-246-225.compute-1.amazonaws.com

Software

Resource Hash

bb2bb35a38e3e8c60752c7b7952e2a84de7e93233aaf78d90b8dd1c110637146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 3
content-type: application/json
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
trace-id: d4f5dd5e653dcd9f
content-length: 54
expires: Fri, 24 Feb 2023 23:15:43 GMT

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
168 B 340ms
118ms XHR
application/json 52.54.240.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=GOMEDIA&sv_domain=www.theonion.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.240.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-240-100.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 23 Feb 2023 23:15:43 GMT
access-control-allow-credentials: true
server: nginx/1.22.0
content-length: 2
vary: Origin
content-type: application/json

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
390 B 54ms
39ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183957&gdpr=1&gdpr_consent=CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 7b404e96fdbba10bc2a096facd4eadae312eb419dd59e02a7e09f8fcaa355511

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 25 Mar 2023 23:15:43 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 0
254 B 74ms
19ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope&cv=CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA&ct=4
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 proxima_nova_cond_sbold-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 27 KB
28 KB 8ms
8ms Font
binary/octet-stream 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_sbold-webfont.woff2?08252015

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

63125723c148b0c5391dea8c827d96958a6706a542f8b45822904aaefe10c4ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 18EGT0C5CBS44WNM
age: 24
x-cache: HIT
content-length: 28136
x-amz-id-2: 6v14oX2PbW3Nqm1//fP9nhXtKTrPb7ckVB7AuelHzfIFMV0P85wy1SS6yPF81hIJ7YAQqiarCV0=
x-served-by: cache-hhn-etou8220079-HHN
last-modified: Tue, 24 Jan 2023 21:48:36 GMT
server: AmazonS3
x-timer: S1677194143.164151,VS0,VE0
etag: "7ac1e4b7ab03f256e831e00e3b5618a6"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 proxima_nova_cond_reg-webfont.woff2
f.kinja-static.com/assets/fonts/proxima/ 27 KB
28 KB 9ms
9ms Font
binary/octet-stream 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/proxima/proxima_nova_cond_reg-webfont.woff2?08252015

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8fe5f0c4bdaf3e031a6172679193e88d3a24c7deb6e3c7e2b2a477061cc1ad81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: Y2DCEAVX0TC641JM
age: 24
x-cache: HIT
content-length: 28044
x-amz-id-2: hKBOsGvI94NOsrnMSvi8UteYk9D8tQleG4Gqd+21Xy3c+KfOImvoaXSpP87S9k7uPiofb04GDEU=
x-served-by: cache-hhn-etou8220079-HHN
last-modified: Mon, 09 Jan 2023 19:22:52 GMT
server: AmazonS3
x-timer: S1677194143.164461,VS0,VE0
etag: "94cbaf403b2922fd6858c812dae091fb"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/ 18 KB
18 KB 9ms
9ms Font
binary/octet-stream 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: ZE10VDVCEE3Z2V5F
age: 15
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17984
x-amz-id-2: 3Sy39CWUCITcyiYXmZUMgfixTlhWPKQmWxGSXxgohoeXfej8oWumeECPNCuLB/1JBTvC3UWh04pQEQ0NqUQkAw==
x-served-by: cache-hhn-etou8220079-HHN
last-modified: Wed, 22 Feb 2023 12:28:17 GMT
server: AmazonS3
x-timer: S1677194143.164461,VS0,VE0
etag: "0518781cd45a71291d17ea1febfcc5fe"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
94 B 90ms
41ms XHR
application/json 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 291ms
92ms Image
image/gif 3.218.221.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=theonion.com&p=%2F&u=DMEk5vDqf5-ECxdQfD&d=theonion.com&g=3012&g0=www.theonion.com&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6557&o=4000&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.theonion.com%2F&b=427&t=BKY6qhBsbgae-ZFOJCISySm83CvZ&V=139&i=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&tz=0&sn=1&sv=CXp9XaCGROpEgZNWHBIGhrZH7nPC&sd=1&im=067b2ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.221.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-221-170.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 23 Feb 2023 23:15:43 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 px.gif
ad-delivery.net/ 43 B
337 B 54ms
16ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1965598
x-guploader-uploadid: ADPycdsyFiPWI5k8lNA6WucjtsLvGr4WIgQ7e_T35orDP0opOoZPOuzOZ6Gmk0gvOFzbh4AeyuNvy5Ngj5kZ2gFQx7Ilf7Fxhh4t
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSflTimWHyZ5XJ5EGU8TRvCWpnk2QJVFoIAPbbWl5B5v7hH2HO70jRqix%2B316zrLhSXdXXPMIroGTtiztQgJ1QuAikeA890YOZj91InGc9kjhXMdaaXYz%2BEV7NaK70KJsaWU4Iri5lqFPM07HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 79e3aa436d883667-FRA
expires: Wed, 01 Feb 2023 06:09:32 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 125ms
23ms Image
image/x-icon 142.251.208.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 06:29:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Feb 2023 06:29:31 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
968 B 52ms
15ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.5807517140325238
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1965598
x-guploader-uploadid: ADPycdsyFiPWI5k8lNA6WucjtsLvGr4WIgQ7e_T35orDP0opOoZPOuzOZ6Gmk0gvOFzbh4AeyuNvy5Ngj5kZ2gFQx7Ilf7Fxhh4t
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BxJniK9QMpQ7zuP%2BYtqvowA8SmEeqE5mCm%2BZm0vanNcTGRncja3vyCEvEk7Zla36sKlC%2BPhoZUYHQ7UoNavIpFyKHAxhlsGq%2FRQCaG0up%2F0qQX37oZIdA2yP8dlkaZ5ko9vU7Ph63tbVIh13Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 79e3aa436d8a3667-FRA
expires: Wed, 01 Feb 2023 06:09:32 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 45ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-51ZFDQMT8H&gtm=45je32m0&_p=857578233&cid=1308135673.1677194143&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677194143&sct=1&seg=0&dl=https%3A%2F%2Fwww.theonion.com%2F&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3R8KRK8GCN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 23:15:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 38ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3R8KRK8GCN&gtm=45je32m0&_p=857578233&cid=1308135673.1677194143&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677194143&sct=1&seg=0&dl=https%3A%2F%2Fwww.theonion.com%2F&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3R8KRK8GCN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 23:15:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 43ms
41ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=857578233&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABFAQCACAAI~&jid=1096389655&gjid=1963914650&cid=1308135673.1677194143&tid=UA-223393-1&_gid=1978274848.1677194143&_r=1&_slc=1&cd34=none&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=frontpage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=frontpage&cd134=1&z=1168727961

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 23:15:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 41ms
40ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=857578233&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABFAQCACAAI~&jid=1644413160&gjid=1767217059&cid=1308135673.1677194143&tid=UA-142218-33&_gid=1978274848.1677194143&_r=1&_slc=1&cd34=none&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=frontpage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=frontpage&cd134=1&z=209557135

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 23:15:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 info Show response
www.theonion.com/api/veritas/ 49 B
664 B 100ms
100ms Fetch
application/json 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/veritas/info?pi=b3ab3caca305e084284621e40b334afefe333058&cb=1677194143365

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.0e88cc821c1da5b93a1b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b15f4c904318f78951bc291e423aac0241aff602b4c2225733fae049b20e0768

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 23:15:43 GMT
via: 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: master-only
age: 0
x-cache: MISS, MISS
x-ua-device: desktop
x-cdn-fetch: mantle-origin-cache
content-length: 71
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100156-IAD, cache-hhn-etou8220079-HHN
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1677194143.368164,VS0,VE92
x-frame-options: DENY
vary: Accept-Encoding, Authorization, X-Valid-Scroll-User
content-type: application/json
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0

POST
H2 200 b
www.theonion.com/api/veritas/ 0
0 102ms
101ms Fetch 151.101.194.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/veritas/b?debug=0

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.0e88cc821c1da5b93a1b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-Veritas-Version: 1.0.28
Content-Encoding: gzip
Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 23:15:43 GMT
x-permitted-cross-domain-policies: master-only
x-cache: MISS, MISS
x-ua-device: desktop
x-cdn-fetch: mantle-nocache
content-length: 0
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200030-IAD, cache-hhn-etou8220079-HHN
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1677194143.371923,VS0,VE95
x-frame-options: DENY
cache-control: no-cache, no-store, private
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0

GET
H2 200 country Show response
api.btloader.com/ 16 B
141 B 170ms
122ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
128 B 166ms
119ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=Jlz4pxQD&w=5197056576585728&o=5726495427264512&cv=2.1.07-4-g5b119f8&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.theonion.com%2F&sid=obVi5gOSDD&upapi=true
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 23 Feb 2023 23:15:43 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 71ms
25ms XHR
text/plain 2a00:1450:4025:402::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-223393-1&cid=1308135673.1677194143&jid=1096389655&gjid=1963914650&_gid=1978274848.1677194143&_u=aCDACEAAFAQCACAAI~&z=1289166320

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 Feb 2023 23:15:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 69ms
24ms XHR
text/plain 2a00:1450:4025:402::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-142218-33&cid=1308135673.1677194143&jid=1644413160&gjid=1767217059&_gid=1978274848.1677194143&_u=aCDACEABFAQCACAAI~&z=1478337446

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 Feb 2023 23:15:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.134.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 203ms
27ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.134.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.8829619ad326b9bddb65.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
server: nginx
etag: W/"63c74972-162fb"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Feb 2023 23:15:43 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 109ms
46ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-142218-33&cid=1308135673.1677194143&jid=1644413160&_u=aCDACEABFAQCACAAI~&z=1911013504

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 23:15:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 47ms
21ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-142218-33&cid=1308135673.1677194143&jid=1644413160&_u=aCDACEABFAQCACAAI~&z=1911013504

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 23:15:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
501 B 56ms
20ms XHR
text/plain 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=365217&u=https%3A%2F%2Fwww.theonion.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 23:15:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRl0%2F49JEHF7mE9ZdE0d5u21XhSqgegf45bTCkttfaBwtkctC8nQxndDykLh84QSj2MmDi5Fos9dWR%2BbSlcBj3nyHPiGEaWEJnVBCDbMFfiXOMEHLuqPVl2JI2z3j4xyR%2B1ixqQsLzs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 79e3aa451ba83a8b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 53ms
26ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

08521ed33214df099c037cff71468eb0c565633081ace195c9da6eb85a16c0fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 13 Feb 2023 18:43:00 GMT
server: nginx
etag: W/"63ea84b4-162c6"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Feb 2023 23:15:43 GMT

GET
H2 403 action_links.json Show response
fr-actions.trackonomics.net/prod/www.theonion.com/ 243 B
587 B 156ms
108ms Fetch
application/xml 99.86.4.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fr-actions.trackonomics.net/prod/www.theonion.com/action_links.json
Requested by: Host: cdn-magiclinks.trackonomics.net
URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-115.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05cb066c1e4ee8ad0e478ee48f35eb6aa28474f261712e2aecb96cc34dedae3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:15:46 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA6-C1
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Error from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/xml
x-amz-cf-id: p-48bDASCWhvW-3uzYdYdI1vN3EnUOZ2n-AMmwnvR0GabHu-vLlmcQ==

GET
H2 200 i.png
trx-hub.com/i/m/ 128 B
462 B 61ms
8ms Image
image/png 18.66.147.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0iiLS3A48kAV2gA2AZ2Y9IMWGAAOU6jgyiKUsHmqwYYAMbUiAbVBDE-bURAALKFKGEA9DZQOAdBDPVEOLO8ebElGyApoanhqaCDoUwDwKDgkVHRsfFESAF0KTV4hCF9YGjpFEE0BLDkIdXYdQhAAJgAGaoBmAFp6psaAFUbCAEYAVkIAFgA2RwaBhoAtKOVVcogBSpB21wACAHkPdxWAHxWAQRpoLE0wAHIhFYAxXGoslYA5ahQLgGUjaG1HKKwsBSqfjDdIYAdmB3QAnANusMxg0AEbYKLUABupXUAE9ZKZ2FIgkIhJ4cFEMllfKFYL9THgydgwLBan0wL11K5YO5CcTflJulSaVg6QzekyWTp0lzqqZ2e4QCQgA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-62.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 16:41:14 GMT
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 04:40:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 23673
etag: "90eb1bf3b49429bde87a3b5f0b53e6a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 128
x-amz-cf-id: JnbyH00NdGAo1LoyGe169vf3Bmm461C9UafJ15_0Ttg4gH_wvL7yVw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=392270&zone_id=2189722&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=1&gdpr_consent=CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA&rf=https%3A%2F%2Fwww.theonion.com%2F&kw=TheOnion&tg_v.iab_segments=1-4&tg_i.page=https%3A%2F%2Fwww.theonion.com%2F&tg_i.domain=theonion.com&tg_i.pbadslot=%2F4246%2Ffmg.onion%2Ffrontpage&tk_flint=pbjs_lite_v7.35.0&x_source.tid=62581657-468b-4d01-a76f-3f1072de32ba&l_pb_bid_id=187e3af0370c053&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F4246%2Ffmg.onion%2Ffrontpage&slots=1&rand=0.059558008937057094

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.theonion.com/	1969-12-31 23:59:59	Name: geocc Value: DE
.theonion.com/	1970-01-20 18:38:50	Name: KinjaBucket Value: 5
www.theonion.com/	1970-01-20 09:53:14	Name: KinjaSetBucket Value: 5\|1677194100\|BBcMQskN3ghcgjwVFj0MhgeMRTyjFgEcjcc9nB39oYQ=
www.theonion.com/	1970-01-20 09:53:15	Name: lux_uid Value: 167719414165953805
kinja.com/	1970-01-20 10:03:18	Name: KinjaSession Value: 4e2d4c45-ad00-44d0-8864-ecad81528f05
.kinja.com/	1970-01-20 18:38:50	Name: KinjaBucket Value: 5
kinja.com/	1970-01-20 09:53:14	Name: KinjaSetBucket Value: 5\|1677194100\|BBcMQskN3ghcgjwVFj0MhgeMRTyjFgEcjcc9nB39oYQ=
www.theonion.com/	1970-01-20 10:36:26	Name: _sp_v1_uid Value: 1:418:d8a981e1-7b0a-43b7-9895-14579fcde566
www.theonion.com/	1970-01-20 10:36:26	Name: _sp_v1_data Value: 2:469349:1677194141:0:1:0:1:0:0:_:-1
www.theonion.com/	1970-01-20 10:36:26	Name: _sp_v1_ss Value: 1:H4sIAAAAAAAAAItWqo5RKimOUbLKK83J0YlRSkVil4AlqmtrlXTgyqKRGXkghkFtLC59OCWUYgEO1mB4eQAAAA%3D%3D
.theonion.com/	1970-01-20 18:38:50	Name: consentUUID Value: 79b85427-dd31-49ee-b19a-603996a94afa
www.theonion.com/	1970-01-20 10:36:26	Name: _pbjs_userid_consent_data Value: 2490855148454349
www.theonion.com/	1970-01-20 09:54:40	Name: pageDepth Value: 1
.kargo.com/	1970-01-20 18:38:50	Name: ktcid Value: f22e3810-4c4f-071a-1883-522bce61dc63
www.theonion.com/	1970-01-20 09:54:40	Name: _lr_geo_location Value: DE
.theonion.com/	1970-01-20 19:22:02	Name: _cb Value: DMEk5vDqf5-ECxdQfD
.theonion.com/	1970-01-20 19:22:02	Name: _chartbeat2 Value: .1677194143193.1677194143193.1.CXp9XaCGROpEgZNWHBIGhrZH7nPC.1
.theonion.com/	1970-01-20 09:53:15	Name: _cb_svref Value: null
.theonion.com/	1970-01-20 19:29:14	Name: _ga_51ZFDQMT8H Value: GS1.1.1677194143.1.0.1677194143.0.0.0
.theonion.com/	1970-01-20 19:29:14	Name: _ga_3R8KRK8GCN Value: GS1.1.1677194143.1.0.1677194143.0.0.0
.theonion.com/	1970-01-20 09:53:17	Name: AMP_TOKEN Value: %24NOT_FOUND
.theonion.com/	1970-01-20 19:29:14	Name: _ga Value: GA1.2.1308135673.1677194143
.theonion.com/	1970-01-20 09:54:40	Name: _gid Value: GA1.2.1978274848.1677194143
.theonion.com/	1970-01-20 09:53:14	Name: _gat_unique Value: 1
.theonion.com/	1970-01-20 09:53:14	Name: _gat Value: 1
www.theonion.com/	1970-01-20 10:36:26	Name: vtas_f Value: b3ab3caca305e084284621e40b334afefe333058
www.theonion.com/	1970-01-20 10:36:26	Name: vtas_version Value: 1.0.28
.liadm.com/	1970-01-20 19:29:14	Name: lidid Value: e264c453-3ed1-40b2-8025-e82afae1d189

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://tagan.adlightning.com/gomedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope&cv=CPnor0APnor0AAGABCENC4CgAAAAAE_AAAYgAAARpgHgAXADaAI4ATgA7gCAAEIAIsAXUBJwCpQFqALzAYsBGkAgJABAIAGgAgEAEQAQCACoAIAjhkAEARxCACAI4pABAScVAAgBtAAA.YAAAAAAAAAAA&ct=4 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://fr-actions.trackonomics.net/prod/www.theonion.com/action_links.json Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-dtb-cf.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ampcid.google.com
ampcid.google.de
api.btloader.com
api.rlcdn.com
as-sec.casalemedia.com
ats.rlcdn.com
bidder.criteo.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cdn-magiclinks.trackonomics.net
cdn.speedcurve.com
f.kinja-static.com
fastlane.rubiconproject.com
fr-actions.trackonomics.net
fusion-media-group-d.openx.net
geo.privacymanager.io
grid.bidswitch.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.kinja-img.com
ib.adnxs-simple.com
id.sv.rkdms.com
idx.liadm.com
imasdk.googleapis.com
insight.adsrvr.org
js-sec.indexww.com
kinja-com.videoplayerhub.com
kinja.com
krk.kargo.com
match.adsrvr.org
ml314.com
no.kinja-img.com
ping.chartbeat.net
pixel.adsafeprotected.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
region1.google-analytics.com
rr3s4p9hfoptgmhna.ay.delivery
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sourcepoint.theonion.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
tagan.adlightning.com
tlx.3lift.com
trx-hub.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.theonion.com
x.kinja-static.com
fastlane.rubiconproject.com
104.18.10.47
104.18.24.185
104.18.25.185
13.32.121.17
13.32.27.75
13.32.99.35
130.211.23.194
142.251.208.166
143.204.89.3
151.101.194.166
151.101.2.217
151.101.66.166
18.193.53.227
18.198.85.142
18.66.108.49
18.66.147.50
18.66.147.62
185.64.190.77
185.89.210.20
2001:4860:4802:34::36
2600:9000:223c:3400:18:1fcd:351:7bc1
2600:9000:225e:dc00:1d:8c8c:47c0:93a1
2606:4700:20::681a:832
2606:4700:20::ac43:4513
2606:4700:20::ac43:4686
2606:4700:e2::ac40:8104
2a00:1450:4001:811::2003
2a00:1450:4001:813::2008
2a00:1450:400d:802::2002
2a00:1450:400d:803::200e
2a00:1450:400d:805::200e
2a00:1450:400d:806::200e
2a00:1450:400d:807::200a
2a00:1450:400d:808::2006
2a00:1450:400d:80d::2004
2a00:1450:4025:402::9a
2a02:2638:3::3
2a02:2638::24
3.127.163.7
3.218.221.170
3.33.220.150
34.111.234.236
34.120.133.55
34.225.45.79
34.231.246.225
34.253.161.49
35.157.246.167
35.244.159.8
52.29.23.92
52.54.240.100
99.86.3.236
99.86.4.115
0151f873faa4ceb7de840eafb4cdc8f3ac206cc525a9fd88287101f08ab1e744
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05cb066c1e4ee8ad0e478ee48f35eb6aa28474f261712e2aecb96cc34dedae3d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08521ed33214df099c037cff71468eb0c565633081ace195c9da6eb85a16c0fc
0a96ab8c95c2122d631a5160c8dc12c9427c1a0d9d51a08b61d7169094ef56ce
0aa415e7728c450f678c4abc599c9be6960f3a497ba22865f8b7ddf1f728cd9d
10bbd59ee7bf28ef42936991c46b4e656a13c9f5368376148dcf035ebc9304a3
10d6863fc4929c74b03d4bd10c72bf12ccdee653b150f8864dba85b494ef6a93
159e4a1dc6b4c3d9ffb77a1d459ff7bb546a1b116b57262dae146a0d24a86e39
18ed1c1634d9f96286eecd6bfe892542a2cd46f4e46d437210fa99e4c8482966
1be09b056744278b4b2a246530f56863d487ba9a968c3972d648ecadabee1874
1e01b0b91857b4dab681cd0fbc26240dbc32f277f933a5db16aa1fc1134c3d93
1e778e751217ca0ba57eb77af9916c05bdac2ce11b7ff5aab37fea12cfecf365
229adf49a9c3ba4790b2f86a02ac235a5f0ac737192148b7656b4b4cb4dc8c56
22aef325371983285d26aaa20a8a89beee8cb710c8d1066507cffedbcca52b5b
243db612aba3f1a4c9be4b4224f9654eab384065819c359ab8a083c2361a5fa7
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396
2f743365173225cab6561f738fc7ead4cb4a9f562ce086af20f331f2c5c7b974
2fde3288ed7eb09fb14ad5b916b6376e9da933668c28d2f29c95093b233aa758
2fe879fc63e105ead7e053261b49c5f0ea2f638ff2f6f8b002cd27566c8cd19c
30d6dfd42b9a5f0be38020e3fe03042fe88b4931993c6c63c0b8061e934d727f
31f0c5010be7b960e29db8c32d20025f91d3b5b36de54668fa59b469ec18c342
38a25347725de5bbe457abc03a06b2d0db60cd91738924a7e08975fdb07b0d48
39bb31b78df72d18ff738f117f516bb1b6390a6ca319841135ff78ca91e43a28
3a5a8654923a9a24b3bf66858d7722db97e9fc0d31f19821c1002f5b46810e94
3d764be1388f0488c90be29ca58c3ad082f9d954ece8448448779bb79e3ca7a4
3e439a52c75929d8a6b65a89889ee7442330660ea402a29806e079cca52e408b
3e63f3a7930cb997075fe08a3a4df7c6b943ff28f82cc0c5b9af6c799832c1cf
3ec63f53a3bb5fea844f4a9a93fa1651bcaa5f0fa534cef22be487f5d2bda23f
41fc7cc9969897374a7a68b0d0e54143db8bde3c47f23a9d4ea81dd389ceb15b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44ca7238118aae1f81a96fb3797738afcb9d0d4617bf3acc35b50ff89aaed893
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
46d71219ea57ff21bf56c5be24f28b528e9937e835ec6ca8a77f4526aa36e1bb
48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf
4bd12e30c80ebaa26b56c4b2d9c16dc9b4f533a10b27271568c774c718644478
4d5127d6b31baf0b8327b06d2fb4f0964c9b0de73219c0b5689a32bb63a78df6
4db348ed2be18b5f5dbc15aefe803f49680185daed5c6503162144f1cec32035
4f1c6b7cb9a1f781b1a57bf68518755e1b3ab49b5790ad69dca5323f8bd39d50
4f5fb365854798d5dc2beed3f6fc3d503b1a388eecd3790da50d2199de2deb6a
51db9235c0b4049e6adbfe61a23d808e170a9481d64047e2403740cc10b190f2
527acca79f65ad4471c1c9f55b5e23b19535454ead4d8cac427bcfeea5892b17
56650307c96a00512a6dd45ccc2bd7dafd875dfdb8cee6d8f8fcf80b6d7a92df
568068711d00d07ac001e1937acdb4621d0d7ea602ff8beb225c1b9f22701d1d
591745688ca784d62ba243e7b30efcde5904317888dce28c2ef581814f940e04
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8d757b61fd8426db4888c00704583d3ed2b873dc7d3d12a8caaf5c4037cb90
5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc
5be266d1a196a7b245b12fb2d70a9b517511d817ec9672ff275695aaac36e7b5
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
626a1a3a966835661fd675614389c65711f85dd9c8f7a760e79081801b78ed88
62744fcae843f4bcf64e83df42f94c1316b2fddc4a99266a917d46f225b22e89
63125723c148b0c5391dea8c827d96958a6706a542f8b45822904aaefe10c4ad
643b13f1be4ab10de097c4cfdeda115aa34f733201017945aecb182898e19c59
66fc6624b0d794ef30410b6bda5889f63f1b1d72568c97f7deff77e95d2921e4
6785e98328a4cc409a3f625fc82a0fa7b7aeca6324cd0c84bff9ee3863071ee9
67f6c462111ca4caf315cbce36e37f253972c809973980d71eb052b4626ac278
6872c7da82c7d25a283f0f16a2381b08b218c00dbbd8807ccf9e233a5f3ade33
6ad61602e9db9558662d5280058aee442dbf0b3676a043158ea945439e4f6346
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7043b6257490e24d661fcabd70ce357d79129d21faa1f24b48de23c5dea7783e
70d0defc99f27713ca0907f20d482ab6d6e55837adfd29c6b32612b7bfd22a0c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7b404e96fdbba10bc2a096facd4eadae312eb419dd59e02a7e09f8fcaa355511
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
7f1643206d445b775a3c7b9bdb3f506f2952f86308d46c169fcbb9b3239104b8
7ffac4e38eafb75b19d760e7f26a61fd40c29f36a24f2987ce6af66c16b21106
841c0c4799da33c4cf19694445eb99407422d32dac8bf54723283f60008dff69
8489bcf2fc3414c581055e957affa2b26ffb7384b62605b7186cb707d4dbb3ee
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f8fd6b8b98f1b72b0981e15100e82b28c15433fdcada5feb9d0905faf427ec
8537b0e8f6e757c548634512fa96c0618c92715a49b197740b2b7ac43ea4c5a8
85bb85347bc2b8692a14b30aa8fa9434be1765b1aba472fa1a2dd1116504c683
86c053d7dea18e7e61ac684da82a849013f9e9d369d0e60a4780061356b5256f
87477c6ee0e82d3d3a3001e16a509139b4024c22ffc49e18de03f1b654c5eba3
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8d2c867ae480b6b318900eb4168d5645f635420bdb1626976c9c0af71c45eb
8fe5f0c4bdaf3e031a6172679193e88d3a24c7deb6e3c7e2b2a477061cc1ad81
92ecf6aef70ae620577429697225394cdb4912069b3e8579d36cc7a4d8d3efc2
974befab1c27fc1abebbc546073c7afe687b7668f54f76d1d72e8ced2e02dd07
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9dd295f1b8047318855e74e81dbeb02d463452670f2997dd64764a6ad88f3884
9f595752c16c301a6e9162630034bd2e379f1e5127e53d5fb0a880217527dc07
9ffa67e09d282f2541b86759be00c51ea3c2d94c94adc8068be27196ea961f64
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a661f8f8090e763d9e46c3b0745a402070fc823d3cf116aba6c2ad0287282d62
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae8572f2e8a78c81df30df62295bac324cd80a6ca55567213906b7ca7a88df8e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b15f4c904318f78951bc291e423aac0241aff602b4c2225733fae049b20e0768
b4497486fe998f332d89e838c7d1d72689c25cdec23230bd85751f6bae8d2190
b959d2a78af201f9efc2810e0bcc98b1311a17ca1d442d30a3fe6d52f119f80e
ba5bdf852127bc161ee324dfb6982056c0ad85d64c8c57cbd8be08abe92aca30
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2bb35a38e3e8c60752c7b7952e2a84de7e93233aaf78d90b8dd1c110637146
bc0665a6b715c3694ae469b94baa0a556fae623c8103c0b22a73ceeb7200f7c5
bee3fef74c446f2498c8e2e2c3dc5b2c86c83505faa5fef83e725125975626e9
c1e6472e5cbfbb70807685b2eb82c6a19ddd7d59979c293a7946d390432333a5
c8ca2a4f25aee6cdd85b60543cd678e00dedbc809a52978b75f55aa0b3273bdd
c8dc4d387c4e74a24ffeacb473c5cec08143808458cc0dd8efa153608af4f66f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa755a959d37daec60fd5a715fdea09aad8622b9c4177df213da8ebabf12a68
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2f77295617af6b8bd70026fcf5390abd82bc0cce8d8337848d0dcf9b92e4761
d364c4c1019140cbe2b45768ab406c8b24bd141b5dabc23d4594db014edeb0b9
d5c34b47a6eb853a60c77a25fdc18a2c60e5129b80a59921c7404fd555c47192
d6b9ac7adf6752dd8e705c692f3beebfb9104236824ac75dd5a32c0753cd3964
d7d8eda923854d45e87c11183868b806aff279a82906f1226d8752793a17ab67
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da0fbbba59be8d2ef4b4aa6e60bc627aaf715304da0b68f612ad27ab9927f090
dbca21de82ba69b1bc23cd1c49721d7b763db98007a74397ad196d494e552f19
e282de4d4ce2b000ecebe6a1492e552ec007a43d0f0ff5d9fbddaa9f6a13f969
e2de62e59d6f3bce6e1458a464adf2802e1e7fc1f3170d938a8724677729060f
e38c2a5a252c36e76d74066ea7d52220192a44f01e2e47db2830969332643322
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73a140c69c1bc697cacc30b095e0adbe7153c61bb8d94b3b550e34601c4b042
e9c6ce5a96de81c2b31dc9c7f2596074cad1fbebcb11599196e31eb11a2870d1
ea844674143b6db8fd476ccfa92a15e651e37ca3add1a312d07825e2086d7320
ec0822bb72d5947ecdeb360b56c6b970ce2fb5f0028d80bb100edbd20276ea3f
ec55c15430be1419cea9afc73b57a2fa4f7556073faffed83deca3994fc36767
ee47856987b41d8f4c8fc65359ffe268f78164cb166662caa198dc2f3184c5b2
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f71a689d2e63df27d08bd3f0ae9b47d72161617a1e7081301aff8979f1f266ac
f7935fdc753357949b15d88cd8748fcdd70f0229f10e93a0049f88f9c67ef256
fb1f20bc5e083028d7ffa9335b3e3775d599d39f10abd8c68f2bcd23c2be8c4c
fb2386bd1c726f996f116b27444b08fe468f8561423bca2b8a1703a4035862b4
ff063c6287e08578617bb66c707b811930bb37f17c699f160190c17294b74766

www.theonion.com Open in urlscan Pro 151.101.66.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

164 Requests

99 %HTTPS

37 %IPv6

45 Domains

59 Subdomains

52 IPs

7 Countries

1850 kBTransfer

5556 kBSize

28 Cookies

14 Outgoing links

Page URL History

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theonion.com Open in urlscan Pro
151.101.66.166 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

99 %
HTTPS

37 %
IPv6

45
Domains

59
Subdomains

52
IPs

7
Countries

1850 kB
Transfer

5556 kB
Size

28
Cookies

164 HTTP transactions
1 data transactions