www.theonion.com Open in urlscan Pro
151.101.130.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.theonion.com/
Effective URL:
https://www.theonion.com/
Submission: On November 16 via api (November 16th 2023, 1:13:02 pm UTC) from US — Scanned from DE

Summary HTTP 356 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 89 IPs in 9 countries across 67 domains to perform 356 HTTP transactions. The main IP is 151.101.130.166, located in United States and belongs to FASTLY, US. The main domain is www.theonion.com. The Cisco Umbrella rank of the primary domain is 129312.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q3 on August 2nd 2023. Valid for: a year.

This is the only time www.theonion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 76	151.101.130.166 151.101.130.166	54113 (FASTLY) (FASTLY)
9	151.101.66.166 151.101.66.166	54113 (FASTLY) (FASTLY)
2	18.245.60.107 18.245.60.107	16509 (AMAZON-02) (AMAZON-02)
1	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
5	216.239.34.178 216.239.34.178	15169 (GOOGLE) (GOOGLE)
4	151.101.2.166 151.101.2.166	54113 (FASTLY) (FASTLY)
2	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
20	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
3	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
4	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
10	141.226.124.48 141.226.124.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	13.32.27.69 13.32.27.69	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
9	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
5 6	63.35.77.76 63.35.77.76	16509 (AMAZON-02) (AMAZON-02)
2 15	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	88.221.169.246 88.221.169.246	16625 (AKAMAI-AS) (AKAMAI-AS)
10	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
6	18.66.147.119 18.66.147.119	16509 (AMAZON-02) (AMAZON-02)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
4 7	18.197.176.130 18.197.176.130	16509 (AMAZON-02) (AMAZON-02)
3 3	35.210.239.72 35.210.239.72	19527 (GOOGLE-2) (GOOGLE-2)
1 1	211.120.53.206 211.120.53.206	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2 2	3.120.47.64 3.120.47.64	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.101 185.86.139.101	201081 (SMARTADSE...) (SMARTADSERVER)
9 13	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
5 8	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	54.154.9.19 54.154.9.19	16509 (AMAZON-02) (AMAZON-02)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1 1	143.244.208.184 143.244.208.184	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
2 2	3.122.66.171 3.122.66.171	16509 (AMAZON-02) (AMAZON-02)
1 3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
5 6	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
1	104.18.38.76 104.18.38.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	99.86.4.71 99.86.4.71	16509 (AMAZON-02) (AMAZON-02)
2 3	67.220.224.144 67.220.224.144	16509 (AMAZON-02) (AMAZON-02)
2 4	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	52.48.186.244 52.48.186.244	16509 (AMAZON-02) (AMAZON-02)
4	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1	13.32.99.20 13.32.99.20	16509 (AMAZON-02) (AMAZON-02)
3 3	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	23.48.23.64 23.48.23.64	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.58.37.65 52.58.37.65	16509 (AMAZON-02) (AMAZON-02)
1 1	52.5.145.170 52.5.145.170	14618 (AMAZON-AES) (AMAZON-AES)
1	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.239.50.115 18.239.50.115	16509 (AMAZON-02) (AMAZON-02)
1	2.23.78.67 2.23.78.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1 1	104.26.8.50 104.26.8.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.41.60 172.67.41.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.64.124 18.245.64.124	16509 (AMAZON-02) (AMAZON-02)
5	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
7	50.17.157.125 50.17.157.125	14618 (AMAZON-AES) (AMAZON-AES)
2	64.233.166.155 64.233.166.155	15169 (GOOGLE) (GOOGLE)
1	3.223.198.8 3.223.198.8	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	44.214.217.0 44.214.217.0	14618 (AMAZON-AES) (AMAZON-AES)
3	52.29.125.157 52.29.125.157	16509 (AMAZON-02) (AMAZON-02)
3	52.223.6.21 52.223.6.21	16509 (AMAZON-02) (AMAZON-02)
2	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
4	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	3.67.103.10 3.67.103.10	16509 (AMAZON-02) (AMAZON-02)
3	54.171.212.190 54.171.212.190	16509 (AMAZON-02) (AMAZON-02)
8	3.64.21.219 3.64.21.219	16509 (AMAZON-02) (AMAZON-02)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.99.59 13.32.99.59	16509 (AMAZON-02) (AMAZON-02)
1 4	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
1	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
2	34.193.198.225 34.193.198.225	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.185.225 142.250.185.225	15169 (GOOGLE) (GOOGLE)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.26.3.70 104.26.3.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
2	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.239.18.69 18.239.18.69	16509 (AMAZON-02) (AMAZON-02)
10	13.227.219.26 13.227.219.26	16509 (AMAZON-02) (AMAZON-02)
5	142.250.184.193 142.250.184.193	15169 (GOOGLE) (GOOGLE)
9	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
2 3	198.47.127.18 198.47.127.18	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	172.217.23.106 172.217.23.106	15169 (GOOGLE) (GOOGLE)
6	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2.16.238.14 2.16.238.14	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	130.211.44.5 130.211.44.5	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.66.122.102 18.66.122.102	16509 (AMAZON-02) (AMAZON-02)
1	18.245.60.65 18.245.60.65	16509 (AMAZON-02) (AMAZON-02)
4	54.185.187.243 54.185.187.243	16509 (AMAZON-02) (AMAZON-02)
356	89

76 151.101.130.166 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.theonion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.kinja-img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kinja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.66.166 (United States)

ASN54113 (FASTLY, US)

f.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
no.kinja-img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-107.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.239.34.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.166 (United States)

ASN54113 (FASTLY, US)

x.kinja-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.theonion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprchmp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)

ch-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ch-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ch-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-69.fra56.r.cloudfront.net

d24zb9qreavi2u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 63.35.77.76 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-77-76.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.169.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.147.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-119.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.197.176.130 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-176-130.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.210.239.72 (Brussels, Belgium) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com

u.ipw.metadsp.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.120.53.206 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.47.64 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-47-64.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 69.173.144.165 (Frankfurt am Main, Germany) 9 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.23.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.9.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-9-19.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.244.208.184 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sid.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.66.171 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-66-171.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.138 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.224.144 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.186.244 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-186-244.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-20.fra60.r.cloudfront.net

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.62.37 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.64 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-64.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.37.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-37-65.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.145.170 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-145-170.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.50.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-115.ams58.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.78.67 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-78-67.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.8.50 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kinja-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.41.60 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.64.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-64-124.fra60.r.cloudfront.net

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 50.17.157.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-157-125.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.166.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.223.198.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-198-8.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.214.217.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-214-217-0.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.125.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-125-157.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.6.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8c33d2b6751b365d.awsglobalaccelerator.com

direct.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.67.103.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-103-10.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.171.212.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-212-190.eu-west-1.compute.amazonaws.com

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.64.21.219 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-21-219.eu-central-1.compute.amazonaws.com

krk2.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-59.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.4 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.193.198.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-198-225.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net

5f02800fe5536f1d34b9fa042638b4e0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.3.70 (None, )

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.18.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-69.ams58.r.cloudfront.net

cdn-magiclinks.trackonomics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.227.219.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-26.ams54.r.cloudfront.net

gomedia-tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.18 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.238.14 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-14.deploy.static.akamaitechnologies.com

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.44.5 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.44.211.130.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-102.fra60.r.cloudfront.net

fr-actions.trackonomics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-65.fra60.r.cloudfront.net

trx-hub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.185.187.243 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-185-187-243.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	taboola.com 2 redirects cdn.taboola.com — Cisco Umbrella Rank: 1136 beacon.taboola.com — Cisco Umbrella Rank: 21860 trc.taboola.com — Cisco Umbrella Rank: 705 vidstat.taboola.com — Cisco Umbrella Rank: 3029 ch-trc-events.taboola.com — Cisco Umbrella Rank: 3996 imprchmp.taboola.com — Cisco Umbrella Rank: 5193 ch-match.taboola.com — Cisco Umbrella Rank: 5323 ch-vid-events.taboola.com — Cisco Umbrella Rank: 4931 sync.taboola.com — Cisco Umbrella Rank: 1322 match.taboola.com — Cisco Umbrella Rank: 5178 sync-t1.taboola.com — Cisco Umbrella Rank: 1630 pips.taboola.com — Cisco Umbrella Rank: 1694 cds.taboola.com — Cisco Umbrella Rank: 1933 vidstatb.taboola.com — Cisco Umbrella Rank: 5039	610 KB
36	theonion.com 1 redirects www.theonion.com — Cisco Umbrella Rank: 129312	372 KB
27	kinja-static.com f.kinja-static.com — Cisco Umbrella Rank: 32070 x.kinja-static.com — Cisco Umbrella Rank: 30373	383 KB
25	kinja-img.com i.kinja-img.com — Cisco Umbrella Rank: 25419 no.kinja-img.com — Cisco Umbrella Rank: 62935	188 KB
24	rubiconproject.com 15 redirects eus.rubiconproject.com — Cisco Umbrella Rank: 602 pixel.rubiconproject.com — Cisco Umbrella Rank: 376 token.rubiconproject.com — Cisco Umbrella Rank: 458 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156 fastlane.rubiconproject.com — Cisco Umbrella Rank: 513	29 KB
22	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 ad.doubleclick.net — Cisco Umbrella Rank: 154 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	211 KB
16	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890 s.amazon-adsystem.com — Cisco Umbrella Rank: 310 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394	77 KB
16	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2185 gomedia-tagan.adlightning.com — Cisco Umbrella Rank: 117835	160 KB
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 5f02800fe5536f1d34b9fa042638b4e0.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	158 KB
14	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 587 pixel.adsafeprotected.com — Cisco Umbrella Rank: 736 dt.adsafeprotected.com — Cisco Umbrella Rank: 570	113 KB
12	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353 insight.adsrvr.org — Cisco Umbrella Rank: 584 direct.adsrvr.org — Cisco Umbrella Rank: 3477	3 KB
10	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 351 grid.bidswitch.net — Cisco Umbrella Rank: 1165	2 KB
9	pubmatic.com 3 redirects simage2.pubmatic.com — Cisco Umbrella Rank: 843 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502 image8.pubmatic.com — Cisco Umbrella Rank: 662 image2.pubmatic.com — Cisco Umbrella Rank: 924	2 KB
9	yahoo.com 8 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492 ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	5 KB
8	kargo.com krk2.kargo.com — Cisco Umbrella Rank: 2762	2 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	42 KB
6	gstatic.com fonts.gstatic.com	121 KB
6	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 757 gum.criteo.com — Cisco Umbrella Rank: 454	7 KB
6	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 417 tlx.3lift.com — Cisco Umbrella Rank: 572	2 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	104 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 496 tps.doubleverify.com — Cisco Umbrella Rank: 515 tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 11101	105 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
4	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 511 dsum.casalemedia.com — Cisco Umbrella Rank: 1396	2 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 877 api.btloader.com — Cisco Umbrella Rank: 948	18 KB
4	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 246	3 KB
3	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 2448	861 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	193 KB
3	metadsp.co.uk 3 redirects u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5190	323 B
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 447 fonts.googleapis.com — Cisco Umbrella Rank: 31	368 KB
2	trackonomics.net cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 6223 fr-actions.trackonomics.net — Cisco Umbrella Rank: 12512	28 KB
2	ml314.com ml314.com — Cisco Umbrella Rank: 1908	11 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	62 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 946	1 KB
2	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1376	401 B
2	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 3275 api.rlcdn.com — Cisco Umbrella Rank: 957	37 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 573	1 KB
2	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 659	768 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131	1 KB
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 3211	633 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
1	trx-hub.com trx-hub.com — Cisco Umbrella Rank: 6981	463 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	64 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6862	408 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1825	607 B
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 5530	232 B
1	liadm.com idx.liadm.com — Cisco Umbrella Rank: 2376	372 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1585	15 KB
1	videoplayerhub.com 1 redirects kinja-com.videoplayerhub.com — Cisco Umbrella Rank: 36549	445 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155	17 KB
1	connatix.com capi.connatix.com — Cisco Umbrella Rank: 1113	82 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 909	516 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 559	35 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 938	315 B
1	primis.tech live.primis.tech — Cisco Umbrella Rank: 1458	524 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 377	727 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 674	14 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 440	921 B
1	storygize.net 1 redirects sid.storygize.net — Cisco Umbrella Rank: 1564	311 B
1	contextweb.com bh.contextweb.com — Cisco Umbrella Rank: 547	692 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1122	534 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 904	371 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 774	45 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1208	731 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	17 KB
1	cloudfront.net d24zb9qreavi2u.cloudfront.net	429 B
1	kinja.com kinja.com — Cisco Umbrella Rank: 30306	1 KB
1	speedcurve.com cdn.speedcurve.com — Cisco Umbrella Rank: 6204	9 KB
356	67

	Domain	Requested by
36	www.theonion.com	1 redirects www.theonion.com tagan.adlightning.com
24	i.kinja-img.com	www.theonion.com
19	x.kinja-static.com	www.theonion.com tagan.adlightning.com
14	sync.taboola.com	2 redirects imprchmp.taboola.com ch-match.taboola.com www.theonion.com
13	pixel.rubiconproject.com	9 redirects www.theonion.com
13	cdn.taboola.com	www.theonion.com cdn.taboola.com
10	gomedia-tagan.adlightning.com	tagan.adlightning.com
10	securepubads.g.doubleclick.net	www.theonion.com tagan.adlightning.com securepubads.g.doubleclick.net
9	tpc.googlesyndication.com	www.theonion.com cdn.ampproject.org tagan.adlightning.com
8	krk2.kargo.com	x.kinja-static.com www.theonion.com
8	cm.g.doubleclick.net	5 redirects www.theonion.com
8	match.adsrvr.org	imprchmp.taboola.com ch-match.taboola.com www.theonion.com js-sec.indexww.com
8	f.kinja-static.com	www.theonion.com
7	pixel.adsafeprotected.com	x.kinja-static.com tagan.adlightning.com
7	x.bidswitch.net	4 redirects ch-match.taboola.com www.theonion.com
6	fonts.gstatic.com	tagan.adlightning.com fonts.googleapis.com
6	token.rubiconproject.com	5 redirects eus.rubiconproject.com
6	tagan.adlightning.com	www.theonion.com tagan.adlightning.com
6	pr-bh.ybp.yahoo.com	5 redirects www.theonion.com
6	ch-trc-events.taboola.com	cdn.taboola.com www.theonion.com
5	cdn.ampproject.org	www.theonion.com
5	aax.amazon-adsystem.com	c.amazon-adsystem.com
5	pagead2.googlesyndication.com	imasdk.googleapis.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	www.google-analytics.com	www.theonion.com www.google-analytics.com tagan.adlightning.com
4	dt.adsafeprotected.com
4	www.google.com	1 redirects www.theonion.com tagan.adlightning.com
4	bidder.criteo.com	x.kinja-static.com static.criteo.net
4	hbopenbid.pubmatic.com	x.kinja-static.com
4	ib.adnxs.com	www.theonion.com x.kinja-static.com
4	s.amazon-adsystem.com	2 redirects www.theonion.com
4	vidstat.taboola.com	cdn.taboola.com tagan.adlightning.com
3	image8.pubmatic.com	2 redirects www.theonion.com
3	api.btloader.com	kinja-com.videoplayerhub.com
3	hb.yellowblue.io	x.kinja-static.com
3	tlx.3lift.com	x.kinja-static.com
3	direct.adsrvr.org	x.kinja-static.com
3	grid.bidswitch.net	x.kinja-static.com
3	ups.analytics.yahoo.com	3 redirects
3	aax-eu.amazon-adsystem.com	2 redirects www.theonion.com
3	www.googletagmanager.com	www.theonion.com www.googletagmanager.com
3	eb2.3lift.com	1 redirects www.theonion.com
3	u.ipw.metadsp.co.uk	3 redirects
3	c.amazon-adsystem.com	www.theonion.com c.amazon-adsystem.com
3	ch-match.taboola.com	vidstat.taboola.com tagan.adlightning.com
3	static.adsafeprotected.com	www.theonion.com tagan.adlightning.com
2	gum.criteo.com	tagan.adlightning.com gum.criteo.com
2	region1.google-analytics.com	www.googletagmanager.com
2	cdn.doubleverify.com	tagan.adlightning.com
2	dsum.casalemedia.com	2 redirects
2	ml314.com	www.theonion.com ml314.com
2	static.criteo.net	x.kinja-static.com static.criteo.net
2	ad-delivery.net	www.theonion.com
2	ping.chartbeat.net	www.theonion.com
2	htlb.casalemedia.com	x.kinja-static.com
2	fastlane.rubiconproject.com	x.kinja-static.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	match.prod.bidr.io	2 redirects
2	u.openx.net	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	ih.adscale.de	2 redirects
2	eus.rubiconproject.com	imprchmp.taboola.com eus.rubiconproject.com
2	trc.taboola.com	cdn.taboola.com
2	imasdk.googleapis.com	www.theonion.com imasdk.googleapis.com
2	sb.scorecardresearch.com	www.theonion.com
1	tpsc-ew1.doubleverify.com	cdn.doubleverify.com
1	trx-hub.com
1	fr-actions.trackonomics.net	cdn-magiclinks.trackonomics.net
1	tps.doubleverify.com	tagan.adlightning.com
1	googleads.g.doubleclick.net	www.theonion.com
1	www.googletagservices.com	tagan.adlightning.com
1	fonts.googleapis.com	tagan.adlightning.com
1	image2.pubmatic.com	1 redirects
1	cdn-magiclinks.trackonomics.net	tagan.adlightning.com
1	vidstatb.taboola.com	www.theonion.com
1	ad.doubleclick.net	www.theonion.com
1	5f02800fe5536f1d34b9fa042638b4e0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de	www.theonion.com
1	geo.privacymanager.io	ats.rlcdn.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	idx.liadm.com	js-sec.indexww.com
1	insight.adsrvr.org	www.theonion.com
1	static.chartbeat.com	tagan.adlightning.com
1	btloader.com	www.theonion.com
1	kinja-com.videoplayerhub.com	1 redirects
1	cds.taboola.com	cdn.taboola.com
1	secure.cdn.fastclick.net	tagan.adlightning.com
1	ats.rlcdn.com	tagan.adlightning.com
1	capi.connatix.com	www.theonion.com
1	sync.ipredictive.com	1 redirects
1	match.sharethrough.com	www.theonion.com
1	hb.yahoo.net	www.theonion.com
1	live.primis.tech	www.theonion.com
1	px.ads.linkedin.com	www.theonion.com
1	config.aps.amazon-adsystem.com	tagan.adlightning.com
1	pips.taboola.com	cdn.taboola.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	js-sec.indexww.com	tagan.adlightning.com
1	sync-t1.taboola.com	www.theonion.com
1	match.taboola.com	www.theonion.com
1	id5-sync.com	www.theonion.com
1	sid.storygize.net	1 redirects
1	bh.contextweb.com	www.theonion.com
1	simage2.pubmatic.com	www.theonion.com
1	jadserve.postrelease.com	www.theonion.com
1	trace.mediago.io	1 redirects
1	ssbsync.smartadserver.com	www.theonion.com
1	tg.socdm.com	1 redirects
1	ch-vid-events.taboola.com	www.theonion.com
1	imprchmp.taboola.com	vidstat.taboola.com
1	s0.2mdn.net	imasdk.googleapis.com
1	d24zb9qreavi2u.cloudfront.net	www.theonion.com
1	beacon.taboola.com	cdn.taboola.com
1	kinja.com	www.theonion.com
1	no.kinja-img.com	www.theonion.com
1	cdn.speedcurve.com	www.theonion.com
356	116

This site contains links to these domains. Also see Links.

Domain
theonion.com
avclub.com
deadspin.com
gizmodo.com
jalopnik.com
jezebel.com
kotaku.com
qz.com
theroot.com
thetakeout.com
theinventory.com
store.theonion.com
facebook.com
twitter.com
www.reddit.com
go.consumerbags.com
popup.taboola.com
trc.taboola.com
trk.healthy-tracker.com
commonsearches.net
qsearch.io
go.health-headline.com

Subject Issuer	Validity	Valid
*.avclub.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-02` - `2024-09-02`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-19` - `2024-05-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-07-08` - `2024-08-05`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-16`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-10` - `2024-05-09`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-28`	a year	crt.sh
rkdms.com Amazon RSA 2048 M03	`2023-10-04` - `2024-11-01`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-19` - `2024-05-17`	a year	crt.sh
*.dev.kargo.com Amazon RSA 2048 M01	`2023-02-13` - `2024-03-12`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2023-10-10` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.trackonomics.net Sectigo RSA Domain Validation Secure Server CA	`2022-12-01` - `2023-12-01`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
*.trx-hub.com Amazon RSA 2048 M02	`2023-01-21` - `2024-02-19`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.theonion.com/
Frame ID: 64F2CEB9DE714F7B423E2BEAB4915350
Requests: 249 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: E5FA02A4E2A9A138E7AE393E9C1E1915
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0ED1E9D203A820E31A1B6357F53FBC5D
Requests: 1 HTTP requests in this frame

Frame: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&cmcv=&pix=undefined&cb=1700140349319&uv=3358&tms=1700140349319&abt=adxLoadDist7-out_vC!adxsub-out_vA!adxsub-out_vB!rbcatc_vA!tmaxc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=faf23df0-54a1-44df-b2e8-d486a01d985f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 92DBE261E5D78D06ED208C18B4C1C7CD
Requests: 3 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 3A1B81A193B639858687AC782112ADAD
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: DCEA09D6FC099B9A7C595FCCD4D352F0
Requests: 20 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZVYVQMCo5tAAAJUkazQAAAAA
Frame ID: C67A87D40B049B46F47EA1AA50C9CFFB
Requests: 17 HTTP requests in this frame

Frame: https://5f02800fe5536f1d34b9fa042638b4e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 03E3A5385CF38526613BFFD2F88D4040
Requests: 1 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: F5BC65363634AB7CC85F3F75AFB61855
Requests: 4 HTTP requests in this frame

Frame: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Frame ID: 418C6FF92501E747288D0C67BD7FF893
Requests: 26 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCo3QDHB8K1_e8vJ9qCx3TqsWBHhHzNQvxIlWB7Rw3UmiSOhe0L8_mWGnsCQvt2AAFeO_FKRUtrWuPal9XChG7P6mvOTQUm5a8cqUn4SWSqcSFaRVoI5P6G7DhLZzr1-a2vFltVVw88PnALqXbBWWEe6OaJUQtgBzuci-7V7CRDD4bAUcgk7upE55KxZY0KGfSUEWoZXRNoVLD8fgEIvcM8pVKYWOUwXOkIIsXFW8laG5yU7pWtDJwmyZ5OOLMrHwY07sUhtCyElrhzAK8G6hEfr0jXihU2AcrVbJnyHqA6sPA-yvUcmqdU0oD5qyMjlUnzo-14evNtGZjdUy-QlHBqlrZHGVCkmcTQRpULkqF87_0&sai=AMfl-YT93Nyvsj5bFr8VyZxHuvoTqC_6YfqD9HHOcKHIJB8EAt2chuuKCvMqU0jHvWMJrl0Ltejz8p8ieKBCyyMAxc4rW5i6r-DBsYd0M8eShEx37DCgGDO_1YEnTto0z-6vW8IokHGQGmZUxm6wGgHqbA&sig=Cg0ArKJSzHG_4SQz85mAEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3C8E097ECB936068E2BF6E8AB8701EFE
Requests: 15 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931294&campId=1600x350&pubId=4920965234&chanId=22405397127&placementId=6376910866&pubCreative=138446248708&pubOrder=3248573455&cb=2039925071&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-01
Frame ID: 0EBF80AC3A2A781115B2761CEA836B3B
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4946.js
Frame ID: AF44202E5D2FC6C35904B86D7EF80469
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com
Frame ID: 896CCA7D1BB7C160073F4CA1DEEFAFBD
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 9A726C16B647643E058F9328156A1DB2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CEF087F5AD2FF358F41D0B01CE216C3E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5FC4DFB453269ECAEF6BDCD073E7E18B
Requests: 2 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 8AC9B4F59984FBD17A68776147FC2FB1
Requests: 4 HTTP requests in this frame

Frame: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Frame ID: 666D2F6A60C830D33B335C383B101528
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Onion | America's Finest News Source.

Page URL History Show full URLs

http://www.theonion.com/ HTTP 307
https://www.theonion.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

356
Requests

85 %
HTTPS

0 %
IPv6

67
Domains

116
Subdomains

89
IPs

9
Countries

3541 kB
Transfer

10464 kB
Size

74
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://theonion.com/
Title: The Onion

Search URL Search Domain Scan URL

URL: https://avclub.com/
Title: The A.V. Club

Search URL Search Domain Scan URL

URL: https://deadspin.com/
Title: Deadspin

Search URL Search Domain Scan URL

URL: https://gizmodo.com/
Title: Gizmodo

Search URL Search Domain Scan URL

URL: https://jalopnik.com/
Title: Jalopnik

Search URL Search Domain Scan URL

URL: https://jezebel.com/
Title: Jezebel

Search URL Search Domain Scan URL

URL: https://kotaku.com/
Title: Kotaku

Search URL Search Domain Scan URL

URL: https://qz.com/
Title: Quartz

Search URL Search Domain Scan URL

URL: https://theroot.com/
Title: The Root

Search URL Search Domain Scan URL

URL: https://thetakeout.com/
Title: The Takeout

Search URL Search Domain Scan URL

URL: https://theinventory.com/
Title: The Inventory

Search URL Search Domain Scan URL

URL: https://store.theonion.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer.php?u=https%3A%2F%2Fwww.theonion.com%2Fscientist-explains-how-climate-crisis-would-be-averted-1851025052%3Futm_medium%3Dsharefromsite%26utm_source%3Dfacebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.theonion.com%2Fscientist-explains-how-climate-crisis-would-be-averted-1851025052%3Futm_medium%3Dsharefromsite%26utm_source%3Dtwitter&text=Scientist%20Explains%20How%20Climate%20Crisis%20Would%20Be%20Averted%20If%20Greta%20Thunberg%20Just%20Tried%20A%20Little%20Harder
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fwww.theonion.com%2Fscientist-explains-how-climate-crisis-would-be-averted-1851025052%3Futm_medium%3Dsharefromsite%26utm_source%3Dreddit&title=Scientist%20Explains%20How%20Climate%20Crisis%20Would%20Be%20Averted%20If%20Greta%20Thunberg%20Just%20Tried%20A%20Little%20Harder
Title: Reddit

Search URL Search Domain Scan URL

URL: https://go.consumerbags.com/2eff091e-48db-4d43-a471-203df9e9860b
Title: Trending Gifts 2023

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=gomedia1-theonion&utm_medium=referral&utm_content=thumbs-feed-01-b-delta:Below%20Homepage%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/gomedia1-theonion/log/3/click?pi=%2F&ri=36615aa5b74b50ba629a520b1c2230b7&sd=v2_93b78add3492aa24f5237fc4e9db939c_326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc_1700140348_1700140348_CIi3jgYQ5LxeGLzli8K9MSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGiLspCgye6O3i5wAQ&ui=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&it=video&ii=~~V1~~-3704619505949205396~~IO1SfXG-dSDnhWjnHufPqFcx5zp66TSUfI6F_Bmr5Kt9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kCf1P1jxHcE5td_gGW9B2uKZSjrjynoH_BxneMVQ3AwfKHXvQUbfotssTw4FZr4d4uYMnh5csrC8D4G9LX-wObgaE3iK7ebMf8nQ4vZ9kk8x4nihmyDN13ihF0TfT4aHNg&pt=home&li=rbox-h2v&sig=2b49e0688ed0f13fd7968b375c9a97b760fefadcd842&redir=https%3A%2F%2Fgo.consumerbags.com%2F2eff091e-48db-4d43-a471-203df9e9860b%3Fsite%3Dgomedia1-theonion%26site_id%3D1547876%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F767e5b7e4ea928c8a3665a7bd9a54882.jpg%26title%3D29%252B%2BCoolest%2BGifts%2BNobody%2BWould%2BThink%2BOf%26site_domain%3Dtheonion.com%26campaign_id%3D29942387%26campaign_item_id%3D3855923689%26tci%3DGiDYftrp0IZnj-xjhLmiItGVptfhnCVd20Xxj7N50aErTCCawlgoq6DRmvjCxdPzAQ%23tblciGiDYftrp0IZnj-xjhLmiItGVptfhnCVd20Xxj7N50aErTCCawlgoq6DRmvjCxdPzAQ&vi=1700140348092&p=adqualitymedia-20-sc&r=68&tvi48=10637&tvi50=12261&lti=test_impl_blocked_send_event_var&ppb=CKIE&cpb=Em8yMDIzMTExMy0zNF9iMS1QUi02MzczMS1ERVYtMTQ2ODg5LWltcGwtbG9hZC1pcy1ibG9ja2VkLWluLXByaXZhdGUtdGFiLWluLXNhZmFyaS1vbi1pcGhvbmUtd2l0aC1pb3MtMWQ0MzcxOWFjZTYYASCc__________8BKhljaC50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM4MDI3OTiA2s-DC0CRpA5It74OUN3O2QNY-ANjCNA3EI1TGDBkYwi_SBDlXxgyZGMI3v__________ARDe__________8BGCJkYwjXFhDVHxgjZGMI3P__________ARDc__________8BGCRkYwjSAxDgBhgIZGMIlhQQmBwYGGRjCM9SELBtGApkYwj_RhCMZhgdZGMI9BQQnh0YH2RjCKQnEIM1GC9keAGAAQKIAZP-34oCkAEcmAH_5YvCvTE&cta=true
Title: Learn More

Search URL Search Domain Scan URL

URL: https://trk.healthy-tracker.com/ee33683c-081f-484f-9b1a-aa9698f03eca
Title: Healthy Guru

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/gomedia1-theonion/log/3/click?pi=%2F&ri=36615aa5b74b50ba629a520b1c2230b7&sd=v2_93b78add3492aa24f5237fc4e9db939c_326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc_1700140348_1700140348_CIi3jgYQ5LxeGLzli8K9MSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGiLspCgye6O3i5wAQ&ui=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&it=text&ii=~~V1~~-3478967306723550068~~xS_zGA37J8V1Gt96ai6rBe54RzR-LyO1PqAtgD4HFq0YZP1VQrz5C7Siv4Q2NBvhz5ZjnilPLLgmNeVCHk-qkZHRlxkrnuSnnAoWV76UlrGPF8C2yPvlmbo_NIFLjI3J6nZuhLfp9lLB2gjUGn6eOg&pt=home&li=rbox-h2v&sig=944495d7ba7a820abae3712dfa93cb9d50a3e1f683be&redir=https%3A%2F%2Ftrk.healthy-tracker.com%2Fee33683c-081f-484f-9b1a-aa9698f03eca%3Fsite%3Dgomedia1-theonion%26site_id%3D1547876%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F9fbe649d7dad3b808719aec0bcc3bd67.jpg%26title%3DSimple%2BJapanese%2BTrick%2Bfor%2BNail%2BInfection%26campaign_id%3D24489412%26campaign_item_id%3D3680991663%26timestamp%3D2023-11-16%2B13%253A12%253A28%26platform%3DDesktop%26click_id%3DGiDYftrp0IZnj-xjhLmiItGVptfhnCVd20Xxj7N50aErTCC881oomOnE_qzx6NVs%26c_id%3DGiDYftrp0IZnj-xjhLmiItGVptfhnCVd20Xxj7N50aErTCC881oomOnE_qzx6NVs%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26oct_dec%3Dtrk%26bnr_id%3Dkera%26costenc%3DRxbAxEyzhnRxE944CwlP0u80cwnBu7h0sbvd5Cw0z_M%3D%26tblci%3DGiDYftrp0IZnj-xjhLmiItGVptfhnCVd20Xxj7N50aErTCC881oomOnE_qzx6NVs%23tblciGiDYftrp0IZnj-xjhLmiItGVptfhnCVd20Xxj7N50aErTCC881oomOnE_qzx6NVs&vi=1700140348092&p=mobilitr-kerassentials-sc&r=12&tvi48=10637&tvi50=12261&lti=test_impl_blocked_send_event_var&ppb=CKIE&cpb=Em8yMDIzMTExMy0zNF9iMS1QUi02MzczMS1ERVYtMTQ2ODg5LWltcGwtbG9hZC1pcy1ibG9ja2VkLWluLXByaXZhdGUtdGFiLWluLXNhZmFyaS1vbi1pcGhvbmUtd2l0aC1pb3MtMWQ0MzcxOWFjZTYYASCc__________8BKhljaC50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM4MDI3OTiA2s-DC0CRpA5It74OUN3O2QNY-ANjCNA3EI1TGDBkYwi_SBDlXxgyZGMI3v__________ARDe__________8BGCJkYwjXFhDVHxgjZGMI3P__________ARDc__________8BGCRkYwjSAxDgBhgIZGMIlhQQmBwYGGRjCM9SELBtGApkYwj_RhCMZhgdZGMI9BQQnh0YH2RjCKQnEIM1GC9keAGAAQKIAZP-34oCkAEcmAH_5YvCvTE&cta=true
Title: Read More

Search URL Search Domain Scan URL

URL: https://commonsearches.net/index.php
Title: CommonSearches

Search URL Search Domain Scan URL

URL: https://qsearch.io/index.php
Title: Qsearch

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=gomedia1-theonion&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Homepage%20Thumbnails%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://go.health-headline.com/d8138a54-19db-48ac-8828-f9ae1b593c43
Title: Health Headlines

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/gomedia1-theonion/log/3/click?pi=%2F&ri=a8755bf20d1aca5b8ddbce32097df53c&sd=v2_93b78add3492aa24f5237fc4e9db939c_326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc_1700140348_1700140348_CIi3jgYQ5LxeGLzli8K9MSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGiLspCgye6O3i5wAQ&ui=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&it=text&ii=~~V1~~3677647412431103168~~9QhZbmtJMhnO2Pt_a8rlj3a0sB-i5KIJp0gkmKL8xAznoZueAsnM0UTkqRiz-o8uuKa2_rupL9I0kvx1XVufut2qKIJrSNJ_InWKPTfYcgzaXzWc0vY2-B5N-kofkML8an0gNujsIyFr1n3-accCYAMZto0uGNE4YjSZH6bVRCCCxcitxCFDY7aSz-7YYd90TS8Maux2jWC1gRU3nx5A7rEVxuOWKWhrQzvXHgQEr6voYD60qVYzKB_9uZqcHlwH&pt=home&li=rbox-h2v&sig=7f5ac0df553484fd3ce6fb68955999d44e636cc7c112&redir=https%3A%2F%2Fgo.health-headline.com%2Fd8138a54-19db-48ac-8828-f9ae1b593c43%3Fsite%3Dgomedia1-theonion%26siteid%3D1547876%26sitedomain%3Dtheonion.com%26thumbnail%3Dhttp%253A%252F%252Fc3.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Fso_auto%252Ff_jpg%252Fv1696692923%252Fhcsqktwzbjpd2fyziyar.jpg%26title%3DNature%25E2%2580%2599s%2B%25E2%2580%2598Liquid%2BAdderal%25E2%2580%2599%2Bis%2Bgoing%2Bviral%2Bin%2BWilmington%26campaignid%3D28562725%26campaignname%3DSMART%2BDROPS%2B-%2BDESKTOP%2B-%2BMAXCON%2B-%2B10.7.23%26platform%3DDesktop%26click_id%3DGiDYftrp0IZnj-xjhLmiItGVptfhnCVd20Xxj7N50aErTCD_2VQo3-2RyrbL2PfUAQ%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiDYftrp0IZnj-xjhLmiItGVptfhnCVd20Xxj7N50aErTCD_2VQo3-2RyrbL2PfUAQ%23tblciGiDYftrp0IZnj-xjhLmiItGVptfhnCVd20Xxj7N50aErTCD_2VQo3-2RyrbL2PfUAQ&vi=1700140348092&p=bossmedia-healthrepair-sc&r=61&tvi48=10637&tvi50=12261&lti=test_impl_blocked_send_event_var&ppb=CPAG&cpb=Em8yMDIzMTExMy0zNF9iMS1QUi02MzczMS1ERVYtMTQ2ODg5LWltcGwtbG9hZC1pcy1ibG9ja2VkLWluLXByaXZhdGUtdGFiLWluLXNhZmFyaS1vbi1pcGhvbmUtd2l0aC1pb3MtMWQ0MzcxOWFjZTYYASCc__________8BKhljaC50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM4MDI3OTiA2s-DC0CRpA5It74OUN3O2QNY-ANjCNA3EI1TGDBkYwi_SBDlXxgyZGMI3v__________ARDe__________8BGCJkYwjXFhDVHxgjZGMI3P__________ARDc__________8BGCRkYwjSAxDgBhgIZGMIlhQQmBwYGGRjCM9SELBtGApkYwj_RhCMZhgdZGMI9BQQnh0YH2RjCKQnEIM1GC9keAGAAQKIAZP-34oCkAEcmAH_5YvCvTE&cta=true
Title: Try Now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.theonion.com/ HTTP 307
https://www.theonion.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://www.theonion.com/undefined HTTP 301
https://www.theonion.com/

Request Chain 81

https://pr-bh.ybp.yahoo.com/sync/taboola/326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc?gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-UbD1jF9E2oSc3KtHpnpgMtk4VEqhyxnbyMZcNw--~A

Request Chain 96

https://pr-bh.ybp.yahoo.com/sync/taboola/326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc?gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-9Z5_ZN1E2oRJ1VXuVjjj7YXZUjZNXqTz1mQJUA--~A

Request Chain 97

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=taboola&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b

Request Chain 98

https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZVYVQMCo5tAAAJUkazQAAAAA

Request Chain 99

https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=eb6ce8df617742e792ffb5396b9fa0e9 HTTP 302
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=eb6ce8df617742e792ffb5396b9fa0e9

Request Chain 101

https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LP17O3LC-1B-9P8J

Request Chain 102

https://trace.mediago.io/ju/cs/taboola HTTP 302
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=1b7de7e8f53990c82jxzz700lp17o3mw

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGdn_wv008ArrZN2lRXsjxw&google_cver=1

Request Chain 106

https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc

Request Chain 109

https://sid.storygize.net/ccm/8a5f7a0b-b1ad-46dc-a085-63906ab7b98c HTTP 302
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 111

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=taboola&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b

Request Chain 112

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=39726b6b-5c4c-4c3f-a18e-4bfb403f6035 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=39726b6b-5c4c-4c3f-a18e-4bfb403f6035&tbid=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&query=taboola_hm%3D39726b6b-5c4c-4c3f-a18e-4bfb403f6035&isDirect=0

Request Chain 113

https://eb2.3lift.com/xuid?mid=7772&xuid=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=

Request Chain 114

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=05b467a8-d07a-00b1-2c9f-6a68f0dc7ade

Request Chain 144

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LP17O3VF-1J-M0NM HTTP 302
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---

Request Chain 149

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OMwXW114SGmuVrKr7g-dMQ&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OMwXW114SGmuVrKr7g-dMQ&gdpr=0

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEB7kAOFRvt6-0PELB3T0h9k&google_cver=1

Request Chain 151

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LP17O3VF-1J-M0NM&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---

Request Chain 153

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZIKz3LBJSli4IPprnbz1Kw&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZIKz3LBJSli4IPprnbz1Kw&gdpr=0

Request Chain 154

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjVmMzE1NzFlMDQ5NjMyMDA1ZWJkZTc3M2Q1OThjZTBkNTBkOWQyZg&gdpr=0&us_privacy=1---

Request Chain 155

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFAxN08zVkYtMUotTTBOTQ==&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEPhG0QOpyCTk8r6TxQY2V2Y&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxN08zVkYtMUotTTBOTQ==&google_push=&gdpr=0

Request Chain 156

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/3X2aWnNj6rRucwJj7ctVTMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.l.5XSJE2oI0coNGaxetDYcyEi0SEs7TsEycqw--~A

Request Chain 157

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---

Request Chain 158

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1--- HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFoiU7KrCsAABWTdfAMtw&expires=30&gdpr=0

Request Chain 159

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&us_privacy=1--- HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---

Request Chain 160

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&us_privacy=1--- HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---

Request Chain 161

https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1--- HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP17O3VF-1J-M0NM&redir=true&gdpr=0&us_privacy=1--- HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP17O3VF-1J-M0NM&gdpr=0&redir=true&us_privacy=1--- HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1IejBWRV85RTJ1SE5iTXY2bzg2M01vclVDbjdqQVRkMH5B&gdpr=0&ovsid=LP17O3VF-1J-M0NM&dpid=58160&us_privacy=1---

Request Chain 162

https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&us_privacy=1--- HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---

Request Chain 163

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=157191fd-9286-4e11-8dbe-9589f34f6587&expires=30&gdpr=0&us_privacy=1---

Request Chain 164

https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0&us_privacy=1--- HTTP 302
https://capi.connatix.com/us/pixel?puid=LP17O3VF-1J-M0NM&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---

Request Chain 171

https://kinja-com.videoplayerhub.com/gallery.js HTTP 301
https://btloader.com/tag?h=kinja-com&upapi=true

Request Chain 249

https://pr-bh.ybp.yahoo.com/sync/taboola/326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc?gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-9Z5_ZN1E2oRJ1VXuVjjj7YXZUjZNXqTz1mQJUA--~A

Request Chain 250

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-_DGpPgBE2uEHqj92bfOd2xFUvYjHFhjP~A&gdpr_in_effect=0

Request Chain 277

https://image8.pubmatic.com/AdServer/ImgSync?p=161204&us_privacy=1YNY HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=161204&us_privacy=1YNY&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTVGQTAzQjQtOTEyRS00MUE3LUJFQkEtODA0MjA4MTBCQjc2&gdpr=-1&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

Request Chain 278

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=1YNY HTTP 302
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=1YNY&C=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/ZVYVSTnFo10yixbuc6ABogAADOwAAAAB?gdpr_consent=&us_privacy=1YNY&gdpr=&gpp=&gpp_sid=

Request Chain 299

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 340

https://pr-bh.ybp.yahoo.com/sync/taboola/326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc?gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-9Z5_ZN1E2oRJ1VXuVjjj7YXZUjZNXqTz1mQJUA--~A

Request Chain 341

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=taboola&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b

356 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.theonion.com/
Redirect Chain

http://www.theonion.com/
https://www.theonion.com/

398 KB
64 KB

250ms
119ms

Document
text/html

151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

5e75e4bffd9cfed6f0a3057889c05818b7e803412a49f29176f1cd18fb03455d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: stale-if-error=86400, stale-while-revalidate=300
content-encoding: gzip
content-length: 64397
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Thu, 16 Nov 2023 13:12:27 GMT
etag: W/"63902-25WnthAnwBm70Khwk4nd8KgKn6E"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-UA-Device, X-Kinja-GDPR, X-Kinja-CCPA, X-Kinja-Location, Authorization
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 22, 1
x-cdn-fetch: mantle-default
x-content-type-options: nosniff
x-exp-id: NotInTest
x-exp-variant: NotInTest
x-googlenews-bot: false
x-kinja: kinja-magma-kube01-98554957b-84z5q #4584
x-kinja-build: 4584
x-kinja-country: US
x-kinja-revision: c37399aea4c7ca3f931356c4405a21c67225b26a
x-kinja-server: kinja-magma-kube01-98554957b-84z5q
x-kinja-superheroloaded: true
x-powered-by: Express
x-served-by: cache-iad-kiad7000116-IAD, cache-fra-eddf8230068-FRA
x-timer: S1700140347.275041,VS0,VE93
x-ua-device: desktop
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.theonion.com/
Non-Authoritative-Reason: HSTS

GET
H2 200 roboto_condensed_ext_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 22 KB
22 KB 192ms
28ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_reg-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cf63e82bd1a86cf85c62989cc15541677669740180c62e7855e00a967f18ba06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: E29DMFM09CRHSR8J
age: 42
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 22464
x-amz-id-2: mQ3EcOT9AgDlC3EiJuJe6gDaI3Z4JJxBI1T31kwN5fGqx82mWiFQaO+zJmVh6hTSaz0x2NZBi3U=
x-served-by: cache-fra-eddf8230058-FRA
last-modified: Thu, 10 Aug 2023 17:07:53 GMT
server: AmazonS3
x-timer: S1700140348.598445,VS0,VE0
etag: "07a9822d47ff9a6f495d0f1c04d185c8"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 roboto_condensed_ext_reg_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 24 KB
24 KB 222ms
59ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_reg_it-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6d87c7ff3d2452025a212149a7dac507a9c36b0dcc9f851a52a29d2d87e8ba2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 96QFN5PVEV0FW71G
age: 21
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 24548
x-amz-id-2: ED7v0iAAi265WCxiKO4pB5NH6QECXDvl3+LssCmxSK8F62sOshszL6h7JExVPyFsw9Iraxgn0Qo=
x-served-by: cache-fra-eddf8230058-FRA
last-modified: Thu, 10 Aug 2023 17:07:53 GMT
server: AmazonS3
x-timer: S1700140348.598429,VS0,VE1
etag: "f8702959a16d4d4310dc4090c484eaf0"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 roboto_condensed_ext_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 22 KB
22 KB 233ms
70ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_bold-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

aa4a10fb18a7cf972ee266856700400200e09d0557441a4aed5adf6f1d4a94a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 8H3693CZ3V6HZKB2
age: 86
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 22308
x-amz-id-2: 2pc6FAbZMyuCaK0sYZQymQZMEnSakNqjNTPb+SN38SUj1d4fA831/Ox+RFGNhBPrjkSoo3zPVPw=
x-served-by: cache-fra-eddf8230058-FRA
last-modified: Thu, 10 Aug 2023 17:07:51 GMT
server: AmazonS3
x-timer: S1700140348.598492,VS0,VE1
etag: "5b89baa90ed9f475cc75193a4873c51a"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 roboto_condensed_ext_bold_it-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 24 KB
24 KB 228ms
65ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_bold_it-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

32a4f630fcc22ae4d318d9d3a94ab47e165cb2026c21e58de13260c54d4eba74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 2XXJ6EBEYXJQMWZT
age: 74
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 24352
x-amz-id-2: l8FmqX0gMSqWMk0mjHsDKHvA17GfqlYNc1sTmIhBhQlYxb5BzkuaGqzC6zLkY3FMx/0KOiIOrTA=
x-served-by: cache-fra-eddf8230058-FRA
last-modified: Thu, 10 Aug 2023 17:07:50 GMT
server: AmazonS3
x-timer: S1700140348.598492,VS0,VE1
etag: "3ea5bce10a12f4f87d3ca8e37e94fb83"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/ 18 KB
18 KB 229ms
66ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: BJ233AP0Q6SFTDH9
age: 110
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17984
x-amz-id-2: XR/HBk2AMr0uyJHAuo+rmRUU5pEpASyeEk4Lqo9gn/v4OPoAGyvDrBmdazfl78O2tpxz+cCkZ1ce0BkGqgb76kiX+bqDOAYj
x-served-by: cache-fra-eddf8230058-FRA
last-modified: Wed, 15 Nov 2023 21:53:04 GMT
server: AmazonS3
x-timer: S1700140348.598433,VS0,VE1
etag: "0518781cd45a71291d17ea1febfcc5fe"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 246ms
47ms Script
application/javascript 18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 08:54:33 GMT
content-encoding: gzip
via: 1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 15475
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 2dZi5Zi1LCzp-KJ3A6jvFlDEQ6F7QGm0nS2zjxHdkjp3-jK6RYRj5Q==

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 20 KB
9 KB 219ms
35ms Script
application/javascript 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=527761496
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 9f415e7fe835a3f7a109c97a300be83e41b0c880fd57914376c0b076b0b9eac3

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Thu, 23 Nov 2023 12:56:19 GMT
date: Thu, 16 Nov 2023 13:12:27 GMT
via: 1.1 vegur, 1.1 varnish
content-encoding: gzip
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 968
x-cache: HIT
content-length: 8051
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1700139379&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=dkY5XL6p%2BoM1AMl5%2BoHJgcdO0K4c7OgA%2Fj5Af%2FOkPS0%3D
x-served-by: cache-fra-eddf8230048-FRA
last-modified: Thu, 16 Nov 2023 12:56:19 GMT
server: Apache
x-timer: S1700140348.656339,VS0,VE0
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1700139379&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=dkY5XL6p%2BoM1AMl5%2BoHJgcdO0K4c7OgA%2Fj5Af%2FOkPS0%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 511ms
17ms Script
text/javascript 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 11:49:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4966
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 16 Nov 2023 13:49:41 GMT

GET
H2 200 470f28d4841c88d1f32ce7a736d472df.jpg
i.kinja-img.com/image/upload/c_fill,h_362,q_60,w_645/ 11 KB
11 KB 96ms
64ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_362,q_60,w_645/470f28d4841c88d1f32ce7a736d472df.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcf4213b177bb8314a0fdb5feacf9bb4b6dc722d93df0e3cc4bc8fd9ac5acfcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: SSTfIUnTvErzdvAcrnZU8kNBBF94wEAU
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300719
x-amz-request-id: T09MDRWW2BDRSTXC
x-amz-server-side-encryption: AES256
age: 67793
x-cache: HIT, HIT
fastly-io-info: ifsz=529322 idim=1920x1080 ifmt=jpeg ofsz=10934 odim=645x362 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 10934
x-amz-id-2: yXtEMMc0v0JGYjM7Z5MHk+SGuw9O2jSGVSJHgCOtWACgUgsS1cI5L+C2d3UT82blqbOxqhnkI68=
x-served-by: cache-iad-kcgs7200067-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.531580,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=362&quality=60&width=645
etag: "dMYredTvVxrbGcE4TyLOlZ3EY1hLHwKRnsavqw6jbtA"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 29, 1

GET
H2 200 e67b67864c5e4587367f6614e4c02d4e.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 12 KB
13 KB 95ms
63ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/e67b67864c5e4587367f6614e4c02d4e.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95dbc86590e7563df41e00554fda659bbb62e36ad8acdd939b45a5aa4188a2e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 3rLQusZaUGi3wK3CK3y3Rlr1tFZjTzIn
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300707
x-amz-request-id: YNEGNRHZG2R3WYFM
x-amz-server-side-encryption: AES256
age: 85181
x-cache: HIT, HIT
fastly-io-info: ifsz=3671337 idim=2000x1125 ifmt=png ofsz=12444 odim=340x191 ofmt=webp
x-amz-storage-class: STANDARD_IA
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 12444
x-amz-id-2: rtTR3wpw1hgYoWL+BUV+4SwHpvqQYZ641xRzDm2qyXdJ0M5PUm5R1R7jSjBbO/g5U/jKSenYP/P77MWt5qnSoUXrLTiB+8WCHRHM8603TjQ=
x-served-by: cache-iad-kiad7000146-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.531580,VS0,VE0
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "JUo7tN8vb+68DAlKztxbSSSjCewvuepo9nXmcQ9fkKM"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 487

GET
H2 200 56ccd99e39ecb67d9c8e610b57dbcf09.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 8 KB
9 KB 97ms
67ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/56ccd99e39ecb67d9c8e610b57dbcf09.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16d92dcb2bca93188f5b5c97a8cefa842e3e3a880d2f365b468d9d04d383ee3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: umDLUEwACyPNwF6VTEx8dt90A5MzFiJO
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300705
x-amz-request-id: MDT88W69EKPPCAE9
x-amz-server-side-encryption: AES256
age: 157928
x-cache: HIT, HIT
fastly-io-info: ifsz=382105 idim=2000x1125 ifmt=jpeg ofsz=8272 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 8272
x-amz-id-2: RHOuBEA5FlPHOp6gxoow5e7R5OejF66WofdDVog4pVCNG0BX6joDs2PDIab+vKikpUM8oIGcknE=
x-served-by: cache-iad-kjyo7100055-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.531835,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "Jm5/dTFYosN2iNlHrZ/2CAt1e4dxZFL4EQqETTBZV8Q"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 14, 1

GET
H2 200 e4625d505bbdaed1f6377939fa298da2.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 5 KB
6 KB 95ms
65ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/e4625d505bbdaed1f6377939fa298da2.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2485bf24705316701d8e29beb84ed0664781ae7f350cdc604417d9664e129739

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: Qtk5ZDvKPBs13KVIJCL6FXhF8gerc_Rz
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300716
x-amz-request-id: S6ZY8SZWYPMH7NCH
x-amz-server-side-encryption: AES256
age: 86208
x-cache: HIT, HIT
fastly-io-info: ifsz=2639138 idim=2000x1125 ifmt=png ofsz=5488 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 5488
x-amz-id-2: bwWfBitAIuEnU+/nN+K3FPhWmmot+OHAhHPD7zxUrRx8OyRbCzShZ0vuyq9iimmXdRZGi2Dlvck=
x-served-by: cache-iad-kjyo7100167-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.531361,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "IZ5BLlcREG6EdThjS72weR8WSTP/mm+8TOzCs44RcCg"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 12, 1

GET
H2 200 e54e2a9cc5cccb523f5d3787bc240b89.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 3 KB
3 KB 95ms
66ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/e54e2a9cc5cccb523f5d3787bc240b89.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ace0f8bb6fd68701266150f68bebad6e67aa0c26245a5075bcd1bc76ffa0c7a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 5aqENa2QFo_AWqu60lAE72kPL..sCxrE
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300711
x-amz-request-id: Y5BJF38T2FC89W22
x-amz-server-side-encryption: AES256
age: 93127
x-cache: HIT, HIT
fastly-io-info: ifsz=4056716 idim=2000x1125 ifmt=png ofsz=3092 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 3092
x-amz-id-2: TjD5rh9QZI+wSjw8qNV6/huaRGBJ9XkzwI3/fEjgltkvb5+vx8zOBazveisqglAwdbORj4wza+g=
x-served-by: cache-iad-kiad7000034-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.531400,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "7Z+qYXF6hldagLFxlqkDeIqkUhFYYem+j0HpdtsAP1U"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 12, 1

GET
H2 200 197xrjaz7466rpng.png
no.kinja-img.com/image/upload/c_fill,h_542,pg_1,q_60,w_965/ 62 B
696 B 244ms
26ms Image
image/webp 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://no.kinja-img.com/image/upload/c_fill,h_542,pg_1,q_60,w_965/197xrjaz7466rpng.png
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03373eb90a89218f4d4c5073bd27f4e574a372a8e3ef50169d264d0f7288d0f9

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: original
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
x-amz-request-id: NH2AJE8R0P41QXER
age: 173963
x-amz-meta-cld-version: 1388776355
x-cache: HIT, HIT
fastly-io-info: ifsz=95 idim=1x1 ifmt=png ofsz=62 odim=965x542 ofmt=webp
fastly-stats: io=1
content-length: 62
x-amz-id-2: PjxApdKfdjFQ4dbfql/5yTaeX62nQrCS4WnY+CiZUH7az1V0F+jl/gshPVEM6Y2OhT1qZa8Cad0=
x-served-by: cache-iad-kjyo7100146-IAD, cache-fra-eddf8230069-FRA
server: AmazonS3
x-timer: S1700140348.705160,VS0,VE0
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=png&frame=1&height=542&quality=60&width=965
etag: "10mOKoIdfi0D0hsFJZtxG1IX+NZ3/lkuAr8tncLMAH0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 36931, 3

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 7c0d9ec0b9408a8ed59d587850f57672.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 11 KB
12 KB 101ms
72ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/7c0d9ec0b9408a8ed59d587850f57672.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca9ff49f3e0525607b4c601ddfa87287bbe4397f371856bfc127655013a71d8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: UAL_olpeKV_c9r9KwHawmv2iR5pUKY45
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300719
x-amz-request-id: 5ZT532V9YXJNEWZF
x-amz-server-side-encryption: AES256
age: 240914
x-cache: HIT, HIT
fastly-io-info: ifsz=1790215 idim=2000x1125 ifmt=png ofsz=11748 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 11748
x-amz-id-2: ++wBA4NWBiLZ1kDVaIzvB3HZmyDkslAhNgvwJW9Y1yyqiG1cI+nEcFhbRnan3ZhBk4ZrNZD9PMw=
x-served-by: cache-iad-kiad7000054-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.531404,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "SkJI5J+CMS54uy24IxKlUtSdjk9w0aVbtELpdAYY1E0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 1162caa20785a9b67da46ec08aa782cf.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 7 KB
7 KB 68ms
63ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/1162caa20785a9b67da46ec08aa782cf.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2f5841f9bf313a50d8c3007b7c6fd1e28531ff7e7ad745f5572169dfe90878d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: km5yatl2LB7EW53H.Yw9XijegW1nAR9Y
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300709
x-amz-request-id: CK8SEX21CTDVWXRJ
x-amz-server-side-encryption: AES256
age: 160654
x-cache: HIT, HIT
fastly-io-info: ifsz=1340828 idim=2298x1293 ifmt=jpeg ofsz=7164 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 7164
x-amz-id-2: yyzGKHQu+4vRtCXUX/k0cSxQBQHGQBsykqD4YXQLs/t4XM7Mbl+hKOF4e2WiwyvZCj3X85pk5Hk=
x-served-by: cache-iad-kcgs7200165-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.604207,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "HiGzQgS+45QzgjBc+UEJzwyDa3O+sPUmHLGUnPQ8uUg"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 53, 1

GET
H2 200 43b97ed3e5ce7d547b1084b7a0d1f875.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 8 KB
9 KB 67ms
62ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/43b97ed3e5ce7d547b1084b7a0d1f875.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 185dc01242de1fa263d52242e722af1ceeb21debbc48f13608917422f75350d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: DYa9AosSMYakyPzZMDdtkgxieBKSzIrz
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300718
x-amz-request-id: 902YF80N4J0GK8D1
x-amz-server-side-encryption: AES256
age: 173324
x-cache: HIT, HIT
fastly-io-info: ifsz=2623320 idim=2000x1125 ifmt=jpeg ofsz=8432 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 8432
x-amz-id-2: yme5Xku2J8YpUhk9PCcB8LFNlIH9GPbRgXYhmTwdPxFu6kHdgxzqoW+TvhQl3vvuCT996bNrQbgPAYStnrzzMcaM7Ee7JRKO9+W0wNXtzPo=
x-served-by: cache-iad-kjyo7100141-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.603887,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "uTUork4EvpD8eBVcoe3dFJEH3Y6758LNcubarFsum8Y"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 11, 1

GET
H2 200 2c1d973059d32a5970372f2de4e0a9b9.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 10 KB
10 KB 67ms
63ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/2c1d973059d32a5970372f2de4e0a9b9.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f599024b5fd95e25d285247bf049eb230337f9845fb03469784a3efe0c331a80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: V_g539JnM.CMuxXbqXJMEzGUBEzclFPL
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300715
x-amz-request-id: KNW6D7CVT72E1C74
x-amz-server-side-encryption: AES256
age: 172912
x-cache: HIT, HIT
fastly-io-info: ifsz=3202056 idim=2000x1125 ifmt=png ofsz=10004 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 10004
x-amz-id-2: FvKVxXmfdBM/SM6my06qV1BYRjD8F1Tk1UDRMWpBSVBNTL2My0ns6o8rMjzV6cC48MlvKWZ7Fq4=
x-served-by: cache-iad-kjyo7100121-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.604204,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "QWlFKLZvkstnpt0lzk3RpaQlJK2mN743pkiqZ83+I6o"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 26, 1

GET
H2 200 8abaf754193e109e2e6dfbddf0d86b2c.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 5 KB
5 KB 64ms
60ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/8abaf754193e109e2e6dfbddf0d86b2c.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 638de3b4b5fdf7998569a5bcf63ecbe80ba8a229c92fd86c4fb2966e6e4b6aea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: fy3ydhTOVWkvvm5ynYYs7s.q1JHFDcU6
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300705
x-amz-request-id: EPMPC9CQ448XPP59
x-amz-server-side-encryption: AES256
age: 173377
x-cache: HIT, HIT
fastly-io-info: ifsz=268272 idim=2000x1125 ifmt=jpeg ofsz=5062 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 5062
x-amz-id-2: rGpAa70rCI9nn6nazwNJvyWkiYLnz4Bx72MbnAEx8wnMNVrtraQXkKWxlfuwpYQcHd04H73Q0kM=
x-served-by: cache-iad-kjyo7100140-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.603813,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "6Hix3pz148t5Fenhc5qhUVF4hj1IfOUulf3t7FtFu48"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 21, 1

GET
H2 200 707a9f25c4ca07a8ae89b4950afd2b93.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 5 KB
5 KB 62ms
60ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/707a9f25c4ca07a8ae89b4950afd2b93.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b83dfef123f558517ab1bd09cd3557134af1564eeb60b81f70db11eedc8268d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: Wqh1nc9j3Sm0.3g4xequcEckaxKju0l1
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300702
x-amz-request-id: M6VM8HZFY6J9JZ49
x-amz-server-side-encryption: AES256
age: 264132
x-cache: HIT, HIT
fastly-io-info: ifsz=366098 idim=2000x1125 ifmt=jpeg ofsz=4874 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 4874
x-amz-id-2: rzoSC3X6sbsqo149tJXX/P/zSo9bzjBPJyLog78PFQBeW3ISx0oX8UO/IXkk/ZX383Mp7KxUyHU=
x-served-by: cache-iad-kcgs7200124-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.603791,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "ztVXyTINV8sJUQ/aODyygqToEdr+BGGoLtdZEby08XQ"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 23, 1

GET
H2 200 0ce6e585177dba142fb9070f8e5c8e3c.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 8 KB
9 KB 54ms
52ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/0ce6e585177dba142fb9070f8e5c8e3c.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 593dd9da441e6aaf6525ee837f5dfa489e00f2e08effbb598bea2bf4a6ed7ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: JilhLitUXgUkJ7fqOPK52gjcgf6MxE1k
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300702
x-amz-request-id: JT2CMPA08WHJR31N
x-amz-server-side-encryption: AES256
age: 511144
x-cache: HIT, HIT
fastly-io-info: ifsz=1379284 idim=2000x1125 ifmt=jpeg ofsz=8482 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 8482
x-amz-id-2: 19VNF4D6kImi2+SElin8o5x72Yv0MUqrfCsM9R5XMWefLAlOcLwVbPXemIWpyiPL13wYr0H3tqo=
x-served-by: cache-iad-kiad7000023-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.670204,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "FPsBjmVCow4QGLYa49v46u/5upo41Q81GKPUuN14nX4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 13, 1

GET
H2 200 ef114b75430a384e6f7e181c361fafd7.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 7 KB
8 KB 53ms
51ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ef114b75430a384e6f7e181c361fafd7.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ccce3d80bbc6bc914befb27c629fa520b39d2af9ce4476b0f08df14113c1141

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: v6sktUmGWJrJ7pCjh_xoRH3N6lLS5YMf
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300707
x-amz-request-id: 8N548QP9FXFX08MK
x-amz-server-side-encryption: AES256
age: 197222
x-cache: HIT, HIT
fastly-io-info: ifsz=553122 idim=2000x1125 ifmt=jpeg ofsz=7272 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 7272
x-amz-id-2: UFBtqDsukBw9nSJdVACa0tq9qAzL0kC6YWyjtN0i9M17PZhpudDNL3Xb4d9eI1AFFqGvJR8TXBI=
x-served-by: cache-iad-kjyo7100050-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.669722,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "7STVqfI16LCFNaPCbF9suH6uwH5E/s2bEExal1EWaAo"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 3, 1

GET
H2 200 1d3be804146a003532b5588558698c4c.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 1 KB
2 KB 48ms
47ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/1d3be804146a003532b5588558698c4c.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ef791cccbab0190f15dadc1df6bbd40d61e8289cff26cf6561b14533d6fe90c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 5nlfQD1QABflxPGblyyEU_.F1Fl1cb_R
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300703
x-amz-request-id: TK5DJ8GZ3W286W56
x-amz-server-side-encryption: AES256
age: 261543
x-cache: HIT, HIT
fastly-io-info: ifsz=228135 idim=2000x1125 ifmt=png ofsz=1496 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 1496
x-amz-id-2: PqLUr/ff1MtX/hkhlmj85p7UMnYeXMcrRIiMBqwRhWeb6X0VgSXpmzwd+X4FCJE3RW6sFa25Ve8=
x-served-by: cache-iad-kcgs7200148-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.669716,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "HF/QDJOek96pwN0bunHG84Its13HzqZYE4PFVm8i9Lk"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 3, 1

GET
H2 200 a1glirmtpgnnrgkq96yv.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 9 KB
10 KB 47ms
46ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/a1glirmtpgnnrgkq96yv.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 98555f82ad12532d426de758a88dbfe0d27a0d57f42a62cce2c700a6891ae6c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: AmericanVoice_OG_FINAL
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
x-amz-meta-cld-interesting: {"eyedea":[[427,10,347,463],[54,70,312,416],[804,10,336,448]]}
fastly-io-served-by: vpop-mnz1300714
x-amz-meta-cld-transformation-id: 10000011314925
x-amz-request-id: QXPMM9BPXH75S0MV
x-amz-meta-cld-version: 1526415104
x-cache: HIT, HIT
fastly-io-info: ifsz=761483 idim=1200x627 ifmt=jpeg ofsz=9086 odim=340x191 ofmt=webp
x-amz-storage-class: STANDARD_IA
x-amz-meta-cld-surrogate-key: 518906947868701340742262034292367127578
age: 2014548
fastly-stats: io=1
content-length: 9086
x-amz-id-2: nMU9XnSl+1lA9lKv0aElt2gYwTnl7ZF7Y+Xl1Nc5ZY3N9tHaRtg/6gKin9/RcGw9ssP4Ft3xYSg=
x-served-by: cache-iad-kjyo7100116-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.669699,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "PRBmtvRCn9V0E1H9+X/6W8GnpVgLvyY1cPsdlyxihnA"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-amz-meta-cld-original-extension: jpg
x-cache-hits: 13, 1

GET
H2 200 21326f23be93dd97a3775e2da5d3c8b0.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 7 KB
7 KB 47ms
46ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/21326f23be93dd97a3775e2da5d3c8b0.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1bc6eadf386236d9de93a02560234258c669a27658c64fb185b05cf573623491

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: ssUOIY2yZ1Yln8fr_xlIKd2QcAmS4ivy
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300714
x-amz-request-id: 2E4D7EJX5TYR4ESY
x-amz-server-side-encryption: AES256
age: 784519
x-cache: HIT, HIT
fastly-io-info: ifsz=3048151 idim=2000x1125 ifmt=png ofsz=6910 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 6910
x-amz-id-2: bpy8tgpnWnd/H3NRIj9e80IOZD3Mu37RdaAbOVXGMXDRl8Q/fOcgqrRQvnbhVzpCQUr1G/uHnjg=
x-served-by: cache-iad-kiad7000087-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.669726,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "1/hqk06XBHybBq/zejIvQZR42If/tTv8KUxd+PRY6rQ"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 1f8d94d18ac1a2c7755b7f5a2d911218.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 12 KB
12 KB 33ms
32ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/1f8d94d18ac1a2c7755b7f5a2d911218.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 790f3ae0db4b2214dc0e8a048362658c8fae797a35ae163a4c0fe5d3b1e51fec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: AigIhursW4MN14LfqhxkS62pJ4naaqZU
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300711
x-amz-request-id: ADJWB6NESF4G9VSK
x-amz-server-side-encryption: AES256
age: 2493763
x-cache: HIT, HIT
fastly-io-info: ifsz=3556953 idim=2000x1133 ifmt=png ofsz=11950 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 11950
x-amz-id-2: szJwu/aalvnk/Ke9oZs9yFbbgb/6vkNCqz7vQAvQ4c40WqfUH4NYSv160yVXbQj/nVjLEyWyPyU=
x-served-by: cache-iad-kjyo7100082-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.702229,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "RgbcSrx6M12GfXv+7jOXdYPbmrrkEMdgLYmZnfDGZLw"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 19, 1

GET
H2 200 e897ee6f8563ce0541a5ebf49da7b2e8.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 5 KB
6 KB 28ms
27ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/e897ee6f8563ce0541a5ebf49da7b2e8.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f783acaf29219a64e147aa5706baf2d240309bb9c4104fe0c3eaec6daadb0f7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: mBD.47QyOt55Y51LghtuUlSvYNDln8cV
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300707
x-amz-request-id: AHTADZ2QZVGR53GY
x-amz-server-side-encryption: AES256
age: 231613
x-cache: HIT, HIT
fastly-io-info: ifsz=209068 idim=1600x900 ifmt=jpeg ofsz=5168 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 5168
x-amz-id-2: EjOIyJnrrOcJLW8ED+YIp5UcTTR8ncC3ARV70tuQWb2m0xQAqfGPjxvTZge/qA8aOY8ofDx+6Jc=
x-served-by: cache-iad-kjyo7100032-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.705501,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "AUMYdJTBSaAdpSVxaRS0ZwxJ48z7WObL7ofhqFXTwSk"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 13, 1

GET
H2 200 6cb9e854d5c77695a0dc62533d8da703.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 8 KB
8 KB 29ms
28ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/6cb9e854d5c77695a0dc62533d8da703.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a7d053d4d4b854b14e64100878f076250b569dc8783ed696257eab83adcea80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: uQ.ILwI7OBUFFSd4L7_la2fWHbbM7EZD
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300707
x-amz-request-id: SBHQADQVDVGWM27R
x-amz-server-side-encryption: AES256
age: 236641
x-cache: HIT, HIT
fastly-io-info: ifsz=3406734 idim=2000x1125 ifmt=png ofsz=7742 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 7742
x-amz-id-2: dEvCwOzYhfaqUYBiC4vaCQEq9rGnjayO2q6ONf8dD2GRuiikHw3+yUaAO9iAGciuLNaBZeCV1dA=
x-served-by: cache-iad-kiad7000096-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.705262,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "Z+zJzkZWNDCrFVA3Hly3N+cXc20MycTpYFNgyK2FJjc"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 9, 1

GET
H2 200 b40a762d26f445bb991496615bdc9b4c.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 11 KB
11 KB 27ms
27ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/b40a762d26f445bb991496615bdc9b4c.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88f561c8ff9069fbc084592234c2b73f1329aef1ac2ccc063e5c7eb821211c26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: Rctsy5kk.dCsB6s0.HNz2G7Gf29jBLa3
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300713
x-amz-request-id: BKBJFN3QZ1JF4WJG
x-amz-server-side-encryption: AES256
age: 494132
x-cache: HIT, HIT
fastly-io-info: ifsz=388667 idim=1996x1125 ifmt=jpeg ofsz=11292 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 11292
x-amz-id-2: wUga7OfW87YujK5s84vavu3bE8zSNr98dfpNQ02xiUUxBLmalUkvGzkjnY6zn27mgf3+qUwjKeQ=
x-served-by: cache-iad-kjyo7100146-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.705253,VS0,VE2
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "rGoi3bnAFnKfQGhrU+yJxAKJ4uH6EHWMxomyU3J0UO8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 9, 1

GET
H2 200 932041b22b255964eee6e0b33898b729.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 5 KB
5 KB 23ms
22ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/932041b22b255964eee6e0b33898b729.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ee509f76edd297bde61b7af0123dba5cde0991111f3f47740a9d023bc5d8420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: lkEVMLaJFRghJULIZnIf1xI2X48mUCF5
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300701
x-amz-request-id: PQJRAWD30SHDRKMP
x-amz-server-side-encryption: AES256
age: 1403806
x-cache: HIT, HIT
fastly-io-info: ifsz=1512943 idim=2000x1125 ifmt=jpeg ofsz=5222 odim=340x191 ofmt=webp
x-amz-replication-status: COMPLETED
fastly-stats: io=1
content-length: 5222
x-amz-id-2: Z2xBqXNVJJ1NEDzOYPqnilbuD3jLkB6VWuxSq2ONiC91DnBL88NuaR2/Rs1Idg/bLsYc55rEK0fp9m2+V5bf5Q==
x-served-by: cache-iad-kcgs7200033-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.705234,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "Nyw5MNGDZu+QL+YnomPWzEthN6BJGNmSdDeBAz00nZ4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 7, 1

GET
H2 200 db01a5b8dfea1b5a5bcc395b2451659c.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 8 KB
9 KB 24ms
23ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/db01a5b8dfea1b5a5bcc395b2451659c.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a091ef882dbaea27ecdaa5137c95193798d96d998f64be57e505b00f9835de0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: jDpU6GG01NsWJx8GUsjVN1GLoDqfk4UX
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300719
x-amz-request-id: ECVWCQ3MCQWBEPXB
x-amz-server-side-encryption: AES256
age: 2061232
x-cache: HIT, HIT
fastly-io-info: ifsz=3280479 idim=2000x1125 ifmt=png ofsz=8374 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 8374
x-amz-id-2: o9etXUeAqaaZ5TXvNYhKVEWWfMAWPD4NpRNw2S6pp34WIxtP5zE9YmuMqwMX3hvxniXu3C5G8aU=
x-served-by: cache-iad-kjyo7100131-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.705252,VS0,VE4
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "dsl+Lkv9EtuAa011h/9l9NlwM2axo9zHuccXESAClsY"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 11, 1

GET
H2 200 6999925b8b49f9431d8dfafc43ef19de.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 5 KB
6 KB 57ms
56ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/6999925b8b49f9431d8dfafc43ef19de.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8be87f4585da41a84d5c2559cea1a8c9bd9a1aaaadd88c56e1a20d1f0c438826

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: NbQMMbIR6gbGTx2j7lOC_92xcfNSZ9zz
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: vpop-mnz1300717
x-amz-request-id: Z2WNWE50GS0CQMG6
x-amz-server-side-encryption: AES256
age: 2388677
x-cache: HIT, HIT
fastly-io-info: ifsz=3411263 idim=2000x1125 ifmt=png ofsz=5552 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 5552
x-amz-id-2: e4KgtcBU0EYN7la80kRcG6uKB7EBZ33X/npE4r0kvTEiKalaHBvmzWyIHLSCuyvzrPYc1QSELrI=
x-served-by: cache-iad-kiad7000143-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.753860,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "+BezuBcIVp2TK2uCgkTJFoR024sIqLh9I2rtxzwy2IU"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 691, 1

GET
H2 200 89e0f5542561a79ba477b849a813f552.jpg
i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/ 4 KB
4 KB 57ms
57ms Image
image/webp 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.kinja-img.com/image/upload/c_fill,h_191,q_60,w_340/89e0f5542561a79ba477b849a813f552.jpg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 15d6361ed8efe5a5f7d870fa8fdecef8ae55975e6f546a9d910461d3e3e20f7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: wKOCxcquYszYQJ9ywugBVjxd6tu.6c.6
via: 1.1 varnish, 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
fastly-io-served-by: img02-us-east4
x-amz-request-id: K7JW92D8TTBXKR5V
x-amz-server-side-encryption: AES256
age: 2582195
x-cache: HIT, HIT
fastly-io-info: ifsz=1207677 idim=2000x1125 ifmt=jpeg ofsz=4232 odim=340x191 ofmt=webp
x-amz-replication-status: PENDING
fastly-stats: io=1
content-length: 4232
x-amz-id-2: ajHZv/DdQVy2b9gVgDYV1+Fb5Jw51wkoJRMIuqtO9zYvg+3eA7BKNmxYKoKapKe2L5H2bSjOuo4=
x-served-by: cache-iad-kcgs7200038-IAD, cache-fra-eddf8230068-FRA
server: AmazonS3
x-timer: S1700140348.753656,VS0,VE1
x-kinja-qs: auto=webp&enable=upscale&fit=crop&format=pjpg&frame=1&height=191&quality=60&width=340
etag: "MMFoAQSzQDhEgYQ4s51Rv71Ea+VwuNy/rbGFnCowfEE"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
x-cache-hits: 36, 1

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~251de3ca.8ad766a322c348abd8a2.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 16 KB
5 KB 55ms
50ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~251de3ca.8ad766a322c348abd8a2.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9b3e7f6528c49730d8109c98014ee95a319a7d1d8a08cb6d4a268dd0918553c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: DSMQFN5WTM88T43K
age: 49168
x-amz-server-side-encryption: AES256
x-cache: MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 5086
x-amz-id-2: /HjgPHTb8uzcrEkIXgRU5OGYFFfOIBbCtmEaNYd4b8zM7TiXdYZzjrUia36E4RH5PXzj6rSBNpI=
x-served-by: cache-fra-etou8220106-FRA, cache-fra-eddf8230068-FRA
last-modified: Wed, 15 Nov 2023 21:52:58 GMT
server: AmazonS3
x-timer: S1700140347.496181,VS0,VE0
etag: "6e72a53de2de855eb31640a97bb33425"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 0, 2

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~8b2687c0.8653cfdb00c890a8e687.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 5 KB
2 KB 55ms
50ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~8b2687c0.8653cfdb00c890a8e687.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

353c493b7ff3cc76c99b3fb094406e6536a6623344919dfa1f0f175c3bd2916c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id: 107MY7QPWW1C92RP
age: 803407
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1729
x-amz-id-2: pfjf5mKsOwnWAYiZccrto3/wsYidXRSNeHrpDDkEFyZ3AMOKFEb8B60bfL0YpcfeC1NNV4L/sRs=
x-served-by: cache-fra-eddf8230131-FRA, cache-fra-eddf8230068-FRA
last-modified: Wed, 25 Oct 2023 16:18:36 GMT
server: AmazonS3
x-timer: S1700140347.496131,VS0,VE0
etag: "0b7f37a8e0f013f57fc9706b2e420a76"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 0, 2

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~1a7700aa.e1cabbc1d3ae99833f4a.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 7 KB
3 KB 55ms
51ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~1a7700aa.e1cabbc1d3ae99833f4a.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

557f64e58e17972bffbe930e0534973a28d06da7e906ee34414a57d6cc245ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id: 24C2GHTC4Y5YE5EE
age: 823533
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2561
x-amz-id-2: yr9ZktCCCHmNHj51p5z4tu578I1B1sfCWvNx/KH9mkK35Lf0CTEoVIuGDN7133oKM77Tp6gfB0k=
x-served-by: cache-fra-etou8220087-FRA, cache-fra-eddf8230068-FRA
last-modified: Tue, 26 Sep 2023 11:19:04 GMT
server: AmazonS3
x-timer: S1700140347.495566,VS0,VE1
etag: "840e74d9ff2cecb97ccd917764a05236"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 0, 0, 2

GET
H2 200 runtime~ga4.4fa95d1880e01ab1fed8.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
1 KB 233ms
48ms Script
application/javascript 151.101.2.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/runtime~ga4.4fa95d1880e01ab1fed8.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

63710710890c4cb490bcbb990c93396d49f05cff1a2f7206d5de257107939d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 10RWNSJNPHYHCXGQ
age: 109
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 686
x-amz-id-2: PhZi0oXSQfiu5ezxD5F71US4yyq/ExKHYZKPQmpMLCdr0Bk02BM+8WwYzXrmBLWpSRHQmYDIb0o=
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Tue, 07 Nov 2023 06:10:40 GMT
server: AmazonS3
x-timer: S1700140348.687376,VS0,VE1
etag: "e171d6d4875754d065c7446f329e6e90"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ga4.b60369697f1d1eb7bc00.js Show response
x.kinja-static.com/assets/new-client/ 7 KB
3 KB 233ms
49ms Script
application/javascript 151.101.2.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/ga4.b60369697f1d1eb7bc00.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4c8e3116a2a89e1f2aeb829f9f6f5a846a1af34238435f7c80dff700787a4d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: F55T1NBYAZN3Q4X6
age: 83
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2551
x-amz-id-2: 9s1FntqXU2QbKRH/wzef6aclsB8l8RXbT/zaT8Y1jXMf9caM/nFPW+rAAhRXz1Ea0jcBLRlVcfE=
x-served-by: cache-fra-eddf8230136-FRA
last-modified: Mon, 06 Nov 2023 23:57:29 GMT
server: AmazonS3
x-timer: S1700140348.687320,VS0,VE3
etag: "e07e73766b4fc9046ad4f5ce1c7ab9ee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 adManager~video-html5-playlist~videoHtml5.f8ca5d1b7c1c3b8152c1.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
2 KB 55ms
51ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adManager~video-html5-playlist~videoHtml5.f8ca5d1b7c1c3b8152c1.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e600bcf2ed8f86a2a1ed40e71039df73a9bbd9800fcac01d960f0a133521f660

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: P6J0YW91VRAJN0VC
age: 219936
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2059
x-amz-id-2: xCSgh4anVSUcmLoAu90LSgMjF8dUf5hc0f7hKZnNu+RZgV2S61a36ahda1nS6958Bde+3IlLjmk=
x-served-by: cache-fra-etou8220094-FRA, cache-fra-eddf8230068-FRA
last-modified: Mon, 13 Nov 2023 03:04:38 GMT
server: AmazonS3
x-timer: S1700140347.495730,VS0,VE0
etag: "c39630b890ced0152f8f25b88b613eb0"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 2

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~c0e5e8c7.2affe01a1383941b28fa.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
1 KB 55ms
52ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~c0e5e8c7.2affe01a1383941b28fa.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

742bdcd300d7076fe7fffd2a846e4a47944030dfea4eabb1a93daf236bdb4782

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: KNN29QMHS62KXS92
age: 731700
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 881
x-amz-id-2: Wp/3SjwEcHUsWM5IeJHbvg4rt+kY9NZCsy1mF9cXQb4JKG7FCWUzgSgi1T1dlqLD0p2wC6n/NvQ=
x-served-by: cache-fra-eddf8230055-FRA, cache-fra-eddf8230068-FRA
last-modified: Tue, 07 Nov 2023 16:02:05 GMT
server: AmazonS3
x-timer: S1700140347.495528,VS0,VE0
etag: "81634d3f9c34ec97f59742304f4fbda4"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 2, 2

GET
H2 200 runtime~videoHtml5.95bda4e686404062b2f4.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 7 KB
2 KB 55ms
51ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoHtml5.95bda4e686404062b2f4.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5d84379b9a434f2a894ec1e4d18c2174f5ff36711ebff2901ec1dc2f46170f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: Q3G5A0DXF40CG3VY
age: 295246
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1942
x-amz-id-2: Blvhc92TgXVfVPurYqE9MWzUv0s85si/3n54LQfcnjSRDrNQgf2bTmKrqLBu6n0PVmObXQLRdqT3VAqX4TCHQy3+lZK/04Hr/jgg3hoOOm0=
x-served-by: cache-fra-eddf8230035-FRA, cache-fra-eddf8230068-FRA
last-modified: Mon, 13 Nov 2023 03:04:43 GMT
server: AmazonS3
x-timer: S1700140347.495521,VS0,VE0
etag: "ca4e89617bc7f74b43eaa858594d9b02"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 2

GET
H2 200 vendor~video-html5-playlist~videoHtml5.d8af3e4197ba529c0bd4.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
3 KB 55ms
52ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~video-html5-playlist~videoHtml5.d8af3e4197ba529c0bd4.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ab6de8eec44f4e06e08799f338541cc03952d7e2522ffd3f3b113a2c1a01cd14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 8ZP16H0E4N0DWWJ1
age: 118398
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2188
x-amz-id-2: Ustc6Mt62HHMr817Viatb/Htvpo7j+83tyS+A2NaiGWWDkU0/I4fppx+QfgjVxu6W6QpE0LDL6Y=
x-served-by: cache-fra-eddf8230022-FRA, cache-fra-eddf8230068-FRA
last-modified: Tue, 14 Nov 2023 20:51:47 GMT
server: AmazonS3
x-timer: S1700140347.495545,VS0,VE0
etag: "5e4139cf5491f3d40e4d8f3fc1b52fc9"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 2

GET
H2 200 video-html5-playlist~videoHtml5.eddc6f9132c4681259c4.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 48 KB
13 KB 58ms
55ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.eddc6f9132c4681259c4.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0ee729052c49b8104ebd6ec49249d6383a982afc8b1e08905f1f00ace536a62d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id: DAM0VHSKJRDSV4CP
age: 1418318
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 13368
x-amz-id-2: pzXCJxgYaRhnyqld6+n0J3xMrJEPENGd3XqyKnM1n3v8N7kjVseLW8VFGC1GX7oRkfNkIFAz/AQ=
x-served-by: cache-fra-etou8220101-FRA, cache-fra-eddf8230068-FRA
last-modified: Tue, 24 Oct 2023 17:03:09 GMT
server: AmazonS3
x-timer: S1700140347.497607,VS0,VE0
etag: "825a0787bb636588fcee75c1cd668333"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 0, 2

GET
H2 200 videoHtml5.a33a4c544be8e5f2380f.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 12 KB
4 KB 59ms
56ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/videoHtml5.a33a4c544be8e5f2380f.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f99fad2880a9888d3cfb1463753d06ff1c38d515a0002868d2d84af581652f2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 8ZP737E3JFH79MR9
age: 133331
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 3604
x-amz-id-2: lCpOslvaAtMSbXkLM0LnmDzOz97Wt+g/9Tn30afNWbYEGV19pUtuQ0Cl1tg8siqF9MJEaz9mx1M=
x-served-by: cache-fra-eddf8230086-FRA, cache-fra-eddf8230068-FRA
last-modified: Tue, 14 Nov 2023 20:51:48 GMT
server: AmazonS3
x-timer: S1700140347.497559,VS0,VE0
etag: "ee5dc2238e5971180a3a4a8a38f5139d"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 2

GET
H2 200 runtime~taboolaLoader.683b559fe2d66b7544b6.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
1 KB 58ms
55ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~taboolaLoader.683b559fe2d66b7544b6.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d3e6ff2649ac9a0611e35d957b3a5b693d0efb3a53c2ebe79e990f178a7e5768

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 4WNWB923A8MAW2ST
age: 127024
x-amz-server-side-encryption: AES256
x-cache: MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1062
x-amz-id-2: UZrrAK1w+lof0UBIuSKmsez92gvnS9uqV2wvc/SfQrs/cf9kV8UHiCtRd8OhUPRtPcF9rsGIPzLKtPdmIf26yQ8RwmcqF3kAlaTYWePYYhk=
x-served-by: cache-fra-etou8220034-FRA, cache-fra-eddf8230068-FRA
last-modified: Tue, 14 Nov 2023 22:46:45 GMT
server: AmazonS3
x-timer: S1700140347.497559,VS0,VE0
etag: "89cace423b1d656236b9a1d1c4e41ce8"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 0, 2

GET
H2 200 taboolaLoader.3c56ecb82aa09a2d6112.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 17 KB
5 KB 59ms
56ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/taboolaLoader.3c56ecb82aa09a2d6112.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0b4bd8a10e3c42db650d2b1de8861c1356ab421d4329b9b4a04aeab88349e01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-amz-request-id: BVGJJAB76KPARH3D
age: 1204200
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 5159
x-amz-id-2: MZU4WYM4xFCd8I3enHjEk17yw8ZYR/5dEYnQ97ROGNV4uA/GxLughWjHSjsleRX5wR1TjjLlYE0=
x-served-by: cache-fra-etou8220060-FRA, cache-fra-eddf8230068-FRA
last-modified: Thu, 02 Nov 2023 14:39:04 GMT
server: AmazonS3
x-timer: S1700140347.497521,VS0,VE0
etag: "3b72c1b576b450f0167c74b93d720cc8"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 2, 0, 2

GET
H2 200 runtime~layoutShiftTrackerLoader.b1f0dc788401acfd8f58.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
1 KB 61ms
58ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~layoutShiftTrackerLoader.b1f0dc788401acfd8f58.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d02c927370dbbe2b267e10e141ecad0a56bb0c722df0331f92154509b584822b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: V6T94YCCHFG0JZWG
age: 1047
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1044
x-amz-id-2: LMzZf+PLGaVjFEgrilVmLTrFNR7+Fwi2S9ADxSRORapVV4+m2Id2vrywQyobJ+eEh4GVKbc0N3o=
x-served-by: cache-fra-etou8220049-FRA, cache-fra-eddf8230068-FRA
last-modified: Thu, 16 Nov 2023 12:47:56 GMT
server: AmazonS3
x-timer: S1700140347.497061,VS0,VE0
etag: "8e561c9446589da7358a96083ec6faae"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 2

GET
H2 200 layoutShiftTrackerLoader.cfbb1b78b6cab9028776.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
1 KB 60ms
57ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/layoutShiftTrackerLoader.cfbb1b78b6cab9028776.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d4e4446ba8c8cd93ad31092943a3454a09a88cd9c3557bfb681ab2840f0bd9b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 8ZP3V2XAH4HGT5CP
age: 144837
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 624
x-amz-id-2: PMRWHsuMXkfniRZ4WajoGWbu0+viVDTV7p6nGS33bbKGRX6kmKHqy3y3ZH8rI1fMoZ5Q5+0LDnA=
x-served-by: cache-fra-eddf8230126-FRA, cache-fra-eddf8230068-FRA
last-modified: Tue, 14 Nov 2023 20:51:43 GMT
server: AmazonS3
x-timer: S1700140347.496977,VS0,VE0
etag: "12f17ba602b498365356488642eed6a1"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 2

GET
H2 200 runtime~videoMediaQuerySupport.87053d08d5634a107c35.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
1 KB 60ms
58ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~videoMediaQuerySupport.87053d08d5634a107c35.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id: R2F0PQJY40BC3C0G
age: 828895
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 774
x-amz-id-2: oDPx2miqj4VyGfVgE9o9wi0BLlfAxjOHATxjZKFUxiZV0dkOpg1J/u/S5M4sd8RlmQDOnUeZSvSWqMyxtNZI2w==
x-served-by: cache-fra-eddf8230083-FRA, cache-fra-eddf8230068-FRA
last-modified: Fri, 06 Oct 2023 21:12:51 GMT
server: AmazonS3
x-timer: S1700140347.497029,VS0,VE0
etag: "df042ee2742c71b59300a1b35069e3aa"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 0, 2

GET
H2 200 videoMediaQuerySupport.b68e2424feab32dd0c91.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 1 KB
1 KB 59ms
56ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/videoMediaQuerySupport.b68e2424feab32dd0c91.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id: 2WW8SHX0E5K4YX0F
age: 1934291
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 683
x-amz-id-2: uv90bpOnAA3GPC6wHsxVEhq1mRt0AGKAp12vokugw+qD85HL0Qk1uStJxQJ7UNz1Azp2XnrZPe8=
x-served-by: cache-fra-etou8220068-FRA, cache-fra-eddf8230068-FRA
last-modified: Tue, 26 Sep 2023 18:28:14 GMT
server: AmazonS3
x-timer: S1700140347.496952,VS0,VE0
etag: "cd8a0c9965106e2f8e59fd060ddad4f1"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 0, 2

GET
H2 200 accountwithtoken Show response
kinja.com/api/profile/ 256 B
1 KB 137ms
118ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kinja.com/api/profile/accountwithtoken?jsonp=_thirdPartyFastToken&newFollows=true

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

900bdf5f3727290576c53dc46d1f4ce6f7c29bbb03ee4a987b249fa2d65ac90d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 13:12:27 GMT
via: 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: master-only
x-cache: MISS, MISS
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja-continent: NA
x-cdn-fetch: mantle-setcookie
content-length: 233
x-xss-protection: 1; mode=block
x-kinja-region: US-DE
x-served-by: cache-iad-kcgs7200139-IAD, cache-fra-eddf8230068-FRA
x-exp-variant: NotInTest
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-exp-id: NotInTest
x-timer: S1700140348.603787,VS0,VE96
x-frame-options: DENY
vary: Accept-Encoding,Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache, no-store, private
accept-ranges: bytes
x-kinja-country: US
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 33ms
30ms Image
text/plain 18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6770184&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700140347722&ns_c=UTF-8&c7=https%3A%2F%2Fwww.theonion.com%2F&c8=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&c9=
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
via: 1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-amz-cf-id: 97VY4lHmJLdJiGEKGxP4bRoJKApuFdEGdwQ2Yq4reWe4ZB9nyFvpIQ==
x-cache: Miss from cloudfront

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
126 KB 392ms
24ms Script
text/javascript 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.eddc6f9132c4681259c4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

sffe /

Resource Hash

4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128094
x-xss-protection: 0
expires: Thu, 16 Nov 2023 13:12:28 GMT

GET
H2 200 layoutShiftTracker.ac5a8166d0674aca448a.js Show response
x.kinja-static.com/assets/new-client/ 3 KB
2 KB 42ms
41ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/layoutShiftTracker.ac5a8166d0674aca448a.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~layoutShiftTrackerLoader.b1f0dc788401acfd8f58.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5cc130d785b38b339d32aeadf6bc9f5283e496cd44fc615321ee05c0ef1f756b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: XKVR4PTARKTE2AMX
age: 93
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1520
x-amz-id-2: jY0hq7AmWr+7WUXBiP1DZhi2G9wOlGbiUzTdPz6V4sLIOSddh2kIcQbHh2bgNijAFKC5aNaP0l8=
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Thu, 16 Nov 2023 12:47:54 GMT
server: AmazonS3
x-timer: S1700140348.753287,VS0,VE0
etag: "c457dbd210af6defd61639386ef9420f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2

200

/
www.theonion.com/
Redirect Chain

https://www.theonion.com/undefined
https://www.theonion.com/

64 KB
64 KB

30ms
29ms

Image
text/html

151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.theonion.com/

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-kinja-server: kinja-magma-kube01-98554957b-84z5q
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 13:12:27 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-kinja-build: 4584
x-powered-by: Express
age: 1
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja: kinja-magma-kube01-98554957b-84z5q #4584
x-cdn-fetch: mantle-default
content-length: 64397
x-xss-protection: 1; mode=block
x-exp-variant: NotInTest
x-served-by: cache-iad-kiad7000116-IAD, cache-fra-eddf8230068-FRA
x-googlenews-bot: false
x-exp-id: NotInTest
x-timer: S1700140348.935868,VS0,VE0
etag: W/"63902-25WnthAnwBm70Khwk4nd8KgKn6E"
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-UA-Device, X-Kinja-GDPR, X-Kinja-CCPA, X-Kinja-Location, Authorization
content-type: text/html; charset=utf-8
cache-control: stale-if-error=86400, stale-while-revalidate=300
accept-ranges: bytes
x-kinja-country: US
x-kinja-revision: c37399aea4c7ca3f931356c4405a21c67225b26a
x-cache-hits: 22, 2

Redirect headers

x-kinja-server: kinja-magma-kube01-98554957b-pxxp2
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 13:12:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-kinja-build: 4584
x-powered-by: Express
x-cache: HIT, MISS
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja: kinja-magma-kube01-98554957b-pxxp2 #4584
x-cdn-fetch: mantle-default
content-length: 35
x-xss-protection: 1; mode=block
x-exp-variant: NotInTest
x-served-by: cache-iad-kiad7000150-IAD, cache-fra-eddf8230068-FRA
x-googlenews-bot: false
x-exp-id: NotInTest
x-timer: S1700140348.753272,VS0,VE119
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-UA-Device, X-Kinja-GDPR, X-Kinja-CCPA, X-Kinja-Location, Accept, Authorization
content-type: text/plain; charset=utf-8
location: /
cache-control: stale-if-error=86400, stale-while-revalidate=300
accept-ranges: bytes
x-kinja-country: US
x-kinja-revision: c37399aea4c7ca3f931356c4405a21c67225b26a
x-cache-hits: 2, 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/gomedia1-network/ 171 KB
47 KB 218ms
14ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3092e0f04fffc40ba54604b87fd8d627d7cc6e3c757d68c95b794d52a822d22d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: xsjLoCXEOZDv9jQOs9yzDUqm4vtYbOA.
content-encoding: gzip
via: 1.1 varnish
date: Thu, 16 Nov 2023 13:12:27 GMT
x-amz-request-id: JJ5CNCFR1XXEXQ9K
age: 1411
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 9
x-amz-replication-status: FAILED
content-length: 47365
x-amz-id-2: JA9OxHhOFvnbd4D1K2uVOP0uY5tJ569wdjA31/13agyIfo2m1gAwXomiAcbb3kJ3pdixJgvyiHE=
x-served-by: cache-fra-eddf8230127-FRA
last-modified: Thu, 16 Nov 2023 11:00:10 UTC
server: nginx
x-timer: S1700140348.949611,VS0,VE2
etag: "b5456e203593cdda8c904faac733756327ceb579"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 8
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
79 B 9ms
9ms Image
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=test_impl_blocked_send_event_var
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230127-FRA
date: Thu, 16 Nov 2023 13:12:27 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1700140348.983261,VS0,VE0
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 impl.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.js Show response
cdn.taboola.com/libtrc/ 817 KB
170 KB 12ms
10ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: ecfe9646ad93c421630b0735ec831509cbd0587a6bc97fbe1c80e9ef2c091de4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: FWfmihFmf2LVrxpJCzwyp4ezxKrgAn5q
content-encoding: br
via: 1.1 varnish
date: Thu, 16 Nov 2023 13:12:28 GMT
x-amz-request-id: NC731R3N1MNQNDQ9
age: 2546
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 173224
x-amz-id-2: yYjS5ojBGWYEQfiGHjAoE8fFgz7sjSnqmw5gge8P4Ixo6szbhOzlKVRK7f4Ooc9Je7lcnAOkr1M=
x-served-by: cache-fra-eddf8230127-FRA
last-modified: Tue, 14 Nov 2023 09:19:47 GMT
server: AmazonS3-br
x-timer: S1700140348.015086,VS0,VE0
etag: "6b6af85ab60408d37f7dafdea4e2c7b1"
vary: Accept-Encoding
content-type: application/javascript
abp: 12
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 5

POST
H2 204 /
beacon.taboola.com/ 0
198 B 34ms
17ms Ping
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-served-by: cache-fra-eddf8230127-FRA
date: Thu, 16 Nov 2023 13:12:28 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1700140348.033834,VS0,VE0
access-control-allow-methods: GET, POST
content-type
access-control-allow-origin: https://www.theonion.com
x-cache: HIT
cache-control: private, no-store
access-control-allow-credentials: true
accept-ranges: bytes
retry-after: 0
x-cache-hits: 0

GET
H2 200 card-interference-detector.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 202ms
202ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b4903b3392f98d2239bfb94c76beb96376349cd94a251e43081a4ce4afb50a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: Eq6CAI69c6uH.vvt_8q17NXL2AueczoO
content-encoding: gzip
via: 1.1 varnish
date: Thu, 16 Nov 2023 13:12:28 GMT
x-amz-request-id: 5HZS1FEC6KSQ6ZX8
age: 127
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
fastly-restarts: 1
x-amz-id-2: lTBN5i8BF6bxyyi+gS4Lx23RaM7Lygma2JNkSAw0MME1i0lLqdAko90Wc7rzrPoD/Z+zHMWD2l8=
x-served-by: cache-fra-eddf8230127-FRA
content-length: 2253
last-modified: Tue, 14 Nov 2023 09:19:45 GMT
server: AmazonS3
x-timer: S1700140348.088948,VS0,VE192
etag: "50b5338af81faaec6386de6fa99bf669"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 74
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 2014

GET
H2 200 json Show response
trc.taboola.com/gomedia1-theonion/trc/3/ 68 KB
24 KB 452ms
441ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/gomedia1-theonion/trc/3/json?tim=14%3A12%3A28.095&lti=test_impl_blocked_send_event_var&data=%7B%22id%22%3A62%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1699964764513%2C%22vi%22%3A1700140348092%2C%22cv%22%3A%2220231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A%2214000%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.theonion.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5970%2C%22nsid%22%3A%22gomedia1-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dgomedia1-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A5969.625%2C%22mw%22%3A1300%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Dgomedia1-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22test_impl_blocked_send_event_var%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6f1af16d77d4cb272715e2b8568b9ee7354aca28782ae98ae0433a72545bcdd6

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 431
date: Thu, 16 Nov 2023 13:12:28 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.3758333333333333
x-fastly-to-nlb-rtt: 100019
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230127-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1700140348.107860,VS0,VE431
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 vans-adapter-google-ima.js Show response
static.adsafeprotected.com/ 19 KB
7 KB 361ms
12ms Script
application/javascript 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/video-html5-playlist~videoHtml5.eddc6f9132c4681259c4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 4UvdbwUsN2CunQyNARaRw4ABpoiv.VmX
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
date: Sun, 12 Nov 2023 04:49:14 GMT
x-amz-cf-pop: FRA56-P5
age: 375795
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 08 Jul 2021 19:25:58 GMT
server: AmazonS3
etag: W/"8ec0c211dda60907ae57f46e621bc794"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: SvmlaKdsWqmXzLmv9mYxWfb52htTRJ41Xf1LMESevY50mX6-SckBxw==

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.5.7/ 130 KB
35 KB 77ms
9ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3a5c0220cd47633052fafc7165b728d2fa3c0afcb4e6c093f60d430a6a9d5cd

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:28 GMT
via: 1.1 f192553c835240a9b5df520fb7ffd876.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P5
age: 188362
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 35262
x-served-by: cache-fra-eddf8230107-FRA
last-modified: Tue, 14 Nov 2023 08:52:22 GMT
server: AmazonS3
x-timer: S1700140349.663734,VS0,VE0
etag: "acbf4feb7c49eb33282548b433b4476b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Jo5l-Lqg8vP3PvPYFHU-4aF9JButzd_bIlasCp5HILfOA__dzXaDuw==
x-cache-hits: 33024

GET
H2 200 feed-card-placeholder.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 162ms
135ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 313c596bb22e728c083ad1765feaebeadfa6ced5eb174967cfc3e2bb86bb77f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: POOCnVLIlBkjHvuJ67ToW_RSD12uiz7Z
content-encoding: gzip
via: 1.1 varnish
date: Thu, 16 Nov 2023 13:12:28 GMT
x-amz-request-id: 1GM7CFNM949EVA8B
age: 126
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
fastly-restarts: 1
x-amz-id-2: wPlrJ/Vn0P+tKzKxZOry6IuisyMDcdcbATKNax5RNQmxiEdUeSfT4i0MO4D5QJ1yfZ/9lY3GN9Q=
x-served-by: cache-fra-eddf8230127-FRA
content-length: 1326
last-modified: Tue, 14 Nov 2023 09:19:54 GMT
server: AmazonS3
x-timer: S1700140349.629661,VS0,VE108
etag: "08aa4b5b4f0124412a4c6ac73c97094b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 79
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 5724

GET
H2 200 userx.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.es6.js Show response
cdn.taboola.com/libtrc/ 18 KB
6 KB 111ms
111ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ddfb9dd881a87a8c0f4d41895cd2aea3825886f12f3156c3acaa98bf689a214

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: pAcL69afYNPbTDV60qtVl7IjqoFpG1Jt
content-encoding: gzip
via: 1.1 varnish
date: Thu, 16 Nov 2023 13:12:28 GMT
x-amz-request-id: A4SHSEBK4WGHWAY5
age: 110
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
fastly-restarts: 1
x-amz-id-2: piqq4zBe2b4oqbALM2e55lwLpxAUkEse2/q2dyRzWcVuj85M8Rw1VRVjnixI7vKkznQgNXSZuS0=
x-served-by: cache-fra-eddf8230127-FRA
content-length: 5468
last-modified: Tue, 14 Nov 2023 09:20:22 GMT
server: AmazonS3
x-timer: S1700140349.684902,VS0,VE101
etag: "315fd14a7eda7c6cd6a3f0ebdad8a0d1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 2061

GET
H2 200 distance-from-article.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 219ms
219ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3f65d5330e577ec961762c4b11d017a91517a84cfb59de72f0b6db5ceab7962

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: yIZM4nxyH0zraZbP4FOxOk_UmMdeEwSv
content-encoding: gzip
via: 1.1 varnish
date: Thu, 16 Nov 2023 13:12:28 GMT
x-amz-request-id: 3GVE9Y12BAYE9F84
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
fastly-restarts: 1
x-amz-id-2: S8c4NR52wFCyJlbz6VG4X2kyp5JRXzjM8Rxoow/WmVWIJ1pdaUI7X2REpaqO6jgNb2oNB34s6hY=
x-served-by: cache-fra-eddf8230127-FRA
content-length: 1205
last-modified: Tue, 14 Nov 2023 09:19:48 GMT
server: AmazonS3
x-timer: S1700140349.685070,VS0,VE209
etag: "fef99e9c3dba2acc991f8d0798dc768e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 29
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 6195

GET
H2 200 article-detection.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 306ms
306ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gomedia1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04ea204cd6320989331791920a8bc41f0e68c0e66721655042952040ede94d61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 4FqK7TRlz.HNYTP9MQIs7DuTnNypHBOX
content-encoding: gzip
via: 1.1 varnish
date: Thu, 16 Nov 2023 13:12:28 GMT
x-amz-request-id: 3GVE7ZKF55XQK522
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
fastly-restarts: 1
x-amz-id-2: AN4nN7wyI46+7VGKeLbVu8+eVHYE9rV0I2eD8RcB4IjvJqc+7/LYWbL+U4VMHa5XATSn/PwjZKs=
x-served-by: cache-fra-eddf8230127-FRA
content-length: 1363
last-modified: Tue, 14 Nov 2023 09:19:42 GMT
server: AmazonS3
x-timer: S1700140349.686367,VS0,VE297
etag: "4e3c5a559a6fa37f5becd132a5e22cb7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 6317

POST
H2 204 abtests
ch-trc-events.taboola.com/gomedia1-theonion/log/3/ 0
523 B 386ms
105ms Ping
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-trc-events.taboola.com/gomedia1-theonion/log/3/abtests?route=US:CH:V&tvi48=10637&tvi50=12261&lti=test_impl_blocked_send_event_var&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1700140348703%7D&tim=14%3A12%3A28.703&id=7989&llvl=2&ri=36615aa5b74b50ba629a520b1c2230b7&sd=v2_93b78add3492aa24f5237fc4e9db939c_326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc_1700140348_1700140348_CIi3jgYQ5LxeGLzli8K9MSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGiLspCgye6O3i5wAQ&ui=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&pi=/&wi=3642577999104193222&pt=home&vi=1700140348092&
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: https://www.theonion.com
pragma: no-cache
date: Thu, 16 Nov 2023 13:12:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 1x1.png
d24zb9qreavi2u.cloudfront.net/ 95 B
429 B 135ms
51ms Image
image/png 13.32.27.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d24zb9qreavi2u.cloudfront.net/1x1.png
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-69.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:17:17 GMT
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
last-modified: Mon, 16 May 2022 07:24:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 14121
etag: "71a50dbba44c78128b221b7df7bb51f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 95
x-amz-cf-id: v5Y3RhJwN6abjgpvgCw04G3ILoebyNyMjLgUjjoDd_i9RS0wSDgtWg==

GET
H2 204 abtests
ch-trc-events.taboola.com/gomedia1-theonion/log/3/ 0
507 B 377ms
104ms Image
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch-trc-events.taboola.com/gomedia1-theonion/log/3/abtests?route=US:CH:V&tvi48=10637&tvi50=12261&lti=test_impl_blocked_send_event_var&ri=36615aa5b74b50ba629a520b1c2230b7&sd=v2_93b78add3492aa24f5237fc4e9db939c_326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc_1700140348_1700140348_CIi3jgYQ5LxeGLzli8K9MSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGiLspCgye6O3i5wAQ&ui=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&pi=/&wi=3642577999104193222&pt=home&vi=1700140348092&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1700140348641%7D&tim=14%3A12%3A28.642&id=3910&llvl=2&cv=20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6&
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 16 Nov 2023 13:12:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 36ms
35ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Thu, 16 Nov 2023 13:12:28 GMT
x-amz-request-id: Y1PG8J215N22T8P1
age: 51
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by: cache-fra-eddf8230127-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1700140349.742608,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 20
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 79

GET
H2 200 bridge3.605.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E5FA 752 KB
241 KB 19ms
17ms Document
text/html 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

sffe /

Resource Hash

a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 123469
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 246766
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 02:54:39 GMT
expires: Thu, 14 Nov 2024 02:54:39 GMT
last-modified: Wed, 15 Nov 2023 02:49:47 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 851ms
50ms Script
text/javascript 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 Nov 2023 13:12:29 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0ED1 40 KB
14 KB 789ms
17ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 12:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 16 Nov 2023 13:12:43 GMT

GET
H2 204 supply-feature
ch-trc-events.taboola.com/gomedia1-theonion/log/3/ 0
506 B 369ms
368ms Image
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch-trc-events.taboola.com/gomedia1-theonion/log/3/supply-feature?route=US:CH:V&tvi48=10637&tvi50=12261&lti=test_impl_blocked_send_event_var&ri=36615aa5b74b50ba629a520b1c2230b7&sd=v2_93b78add3492aa24f5237fc4e9db939c_326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc_1700140348_1700140348_CIi3jgYQ5LxeGLzli8K9MSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGiLspCgye6O3i5wAQ&ui=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&pi=/&wi=3642577999104193222&pt=home&vi=1700140348092&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2271.625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A12%3A29.307&id=5179&llvl=2&cv=20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6&
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 16 Nov 2023 13:12:29 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 st Show response
imprchmp.taboola.com/ Frame 92DB 577 B
464 B 240ms
237ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&cmcv=&pix=undefined&cb=1700140349319&uv=3358&tms=1700140349319&abt=adxLoadDist7-out_vC!adxsub-out_vA!adxsub-out_vB!rbcatc_vA!tmaxc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=faf23df0-54a1-44df-b2e8-d486a01d985f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d32a3c8c4f1cc3f79f946d6f568bbb23a52f48d5821706c3142013b18100b77d

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Thu, 16 Nov 2023 13:12:29 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230127-FRA
x-timer: S1700140350.637420,VS0,VE194

GET
H2 200 sync Show response
ch-match.taboola.com/ Frame 3A1B 422 B
516 B 731ms
131ms Document
text/html 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-match.taboola.com/sync?dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 141926deabd19c13e76255d10e20608c4cfa99f1610e95bcd5d298841c443d9e

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 16 Nov 2023 13:12:30 GMT
machineid: 3805
server: nginx

GET
H2 200 st
ch-vid-events.taboola.com/ 0
43 B 327ms
292ms Image
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&cmcv=&pix=31589837&cb=1700140349319&uv=3358&tms=1700140349319&abt=adxLoadDist7-out_vC!adxsub-out_vA!adxsub-out_vB!rbcatc_vA!tmaxc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1700140347130.5!ts:1700140349319&mntl=2
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:29 GMT
content-length: 0
server: nginx

POST
H2 204 bulk Show response
trc.taboola.com/gomedia1-theonion/log/3/ 0
592 B 160ms
147ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/gomedia1-theonion/log/3/bulk?tvi48=10637&tvi50=12261&route=US%3ACH%3AV&lti=test_impl_blocked_send_event_var&bulkSize=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 100
date: Thu, 16 Nov 2023 13:12:29 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 93400
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230127-FRA
pragma: no-cache
server: nginx
x-timer: S1700140350.852771,VS0,VE100
content-type: image/gif
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 92DB 70 B
149 B 412ms
99ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&cmcv=&pix=undefined&cb=1700140349319&uv=3358&tms=1700140349319&abt=adxLoadDist7-out_vC!adxsub-out_vA!adxsub-out_vB!rbcatc_vA!tmaxc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=faf23df0-54a1-44df-b2e8-d486a01d985f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprchmp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:30 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 92DB
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc?gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-UbD1jF9E2oSc3KtHpnpgMtk4VEqhyxnbyMZcNw--~A

0
374 B

815ms
222ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-UbD1jF9E2oSc3KtHpnpgMtk4VEqhyxnbyMZcNw--~A
Requested by: Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&cmcv=&pix=undefined&cb=1700140349319&uv=3358&tms=1700140349319&abt=adxLoadDist7-out_vC!adxsub-out_vA!adxsub-out_vB!rbcatc_vA!tmaxc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=faf23df0-54a1-44df-b2e8-d486a01d985f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprchmp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8434

Redirect headers

date: Thu, 16 Nov 2023 13:12:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-UbD1jF9E2oSc3KtHpnpgMtk4VEqhyxnbyMZcNw--~A
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame DCEA 281 B
555 B 351ms
69ms Document
text/html 88.221.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by: Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&cmcv=&pix=undefined&cb=1700140349319&uv=3358&tms=1700140349319&abt=adxLoadDist7-out_vC!adxsub-out_vA!adxsub-out_vB!rbcatc_vA!tmaxc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=2&cirid=faf23df0-54a1-44df-b2e8-d486a01d985f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprchmp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Nov 2023 13:12:30 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
31 KB 690ms
156ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

bd5c1242d073f2de1acd4f4f16055da73470247d1e8023457f99d88c02a54037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31466
x-xss-protection: 0
server: cafe
etag: 930 / 19677 / m202311090101 / config-hash: 12061389886161084213
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 13:12:30 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/gomedia/ 18 KB
8 KB 310ms
48ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/op.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f772686bbebf392bf3ab2ba5916d320dc192555ff46f618f90a27150d836c0f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 12:36:41 GMT
content-encoding: gzip
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-version-id: 0_ykVOUU1gLHmt2VNaAZoEpcq2z_PTwM
x-amz-cf-pop: FRA60-P4
age: 2150
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8175
x-amz-meta-git_commit: bf5d88b
last-modified: Thu, 16 Nov 2023 04:04:30 GMT
server: AmazonS3
etag: "66a1518aca12b471e6ee4c70eb8fef1e"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: LCjEagYOxjr_F3bAAKKVZX3nMMTrpkI5VDUrLnP627xQD0N96sNOrg==

GET
H2 200 runtime~adManager.6e7b0661e07fb46fb1ed.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 6 KB
2 KB 134ms
0ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.6e7b0661e07fb46fb1ed.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50fb88bf39eeeb9f634529a2cdd9c1ac3482fc90766bdf0ec07729d70ebf2fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: M88C9CG0QNMRPDQH
age: 143483
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1685
x-amz-id-2: bhAE25yzi9RHB2Nj4pWj/DQTJeWcdasDn4cPeVhXLTpGsuR87kET73Xsh3FT5234JfROsqVImK0=
x-served-by: cache-fra-eddf8230021-FRA, cache-fra-eddf8230068-FRA
last-modified: Tue, 14 Nov 2023 21:17:45 GMT
server: AmazonS3
x-timer: S1700140350.092177,VS0,VE0
etag: "7fa2b5118fb904666cb8f8ce0bdb41f4"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 2

GET
H2 200 adManager.e00b2db43998ca17d8f6.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 29 KB
9 KB 140ms
0ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adManager.e00b2db43998ca17d8f6.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7f78bb25ad15d8e54034a36056e2f330b6854b4c07b05d1293102e015d8254a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 8ZPCJ911WK909SQN
age: 144839
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 8565
x-amz-id-2: Tuu2xHnkY+F5A5/CauKupH8bW+UHqI4ThQptTdY4/zsnBV15hUZ8rLlAGpA1Zg+2b3PKk37GydfGL8YZZCX5Qw==
x-served-by: cache-fra-eddf8230087-FRA, cache-fra-eddf8230068-FRA
last-modified: Tue, 14 Nov 2023 20:51:41 GMT
server: AmazonS3
x-timer: S1700140350.092174,VS0,VE0
etag: "a22c63f43ae065816189e315d06b0043"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 2

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
703 B 140ms
0ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Thu, 16 Nov 2023 13:12:30 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 11087
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230127-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1700140350.113300,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 69
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 8965

GET
H2 200 ad-units-default.069cb4d1a47e47ec8043.js Show response
x.kinja-static.com/assets/new-client/ 13 KB
3 KB 26ms
7ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/ad-units-default.069cb4d1a47e47ec8043.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.6e7b0661e07fb46fb1ed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d0bc8048cf8ec561646aad9775824f4405cd5677e19058042bbf3cbbe4421835

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 26FZYM2G807GBGV4
age: 73
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2681
x-amz-id-2: HNIqKWo4+VtVucof0qxXOw1FVz8VZJcaMeVToG/6O5VJf9BwAavQPEGJstdkIOL6CvHMf1+RS+8=
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Tue, 14 Nov 2023 21:17:41 GMT
server: AmazonS3
x-timer: S1700140350.237714,VS0,VE0
etag: "cae88d5837f00fd963c31298aaa2babb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 display-theonion-desktop-config.c3ea742a568e1952e8fd.js Show response
x.kinja-static.com/assets/new-client/ 11 KB
1 KB 47ms
0ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/display-theonion-desktop-config.c3ea742a568e1952e8fd.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.6e7b0661e07fb46fb1ed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

622fb51880ca649d2bec903515a6ce45ceb17a8b146b38f1909f08cc96874c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 8042YBS8SRDG4RF2
age: 65
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 919
x-amz-id-2: n+vTD9gNv41pJfb63bFuFqmEOezr3b6N/9fa1mpfhBIiWmoV1dx3j/tj/EHWTwFsRgEoUQxAfr9MfaCooXidk7MoRdMF7kxgVp1YQYp00lg=
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Mon, 06 Nov 2023 21:13:08 GMT
server: AmazonS3
x-timer: S1700140350.237291,VS0,VE1
etag: "9468c3e024d25849ffa665f5a086c9cb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 758ms
13ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/adManager.e00b2db43998ca17d8f6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 12:43:20 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront), 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1751
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: eEa3-cWnts8JxrgpdTYH6Bri1fl7Ml_Js0F9zRLAlqoJDMpO3HXQiw==

GET
H2 200 prebid-js-prod.a8306d741abb4944d94e.js Show response
x.kinja-static.com/assets/new-client/ 464 KB
117 KB 200ms
31ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/runtime~adManager.6e7b0661e07fb46fb1ed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3158a62a353701d639f6613783a002ad5d51429634080717bf973e887b8685ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: PQ48QZ6EQAX48EP6
age: 52
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 119075
x-amz-id-2: JsuznhqhlVFCL4+tkSPbyfBqsnHksajeGRWOeGJ2zttI8XWEUJqYh47ub8CeN4NMr6PMwa551p8=
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Mon, 13 Nov 2023 21:57:51 GMT
server: AmazonS3
x-timer: S1700140350.426539,VS0,VE0
etag: "59d007537119dd0df497d743b1a2ab0f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 b-bf5d88b-e39b48ad.js Show response
tagan.adlightning.com/gomedia/ 79 KB
30 KB 78ms
75ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 097e3794f40de018fe07cdfcb077b0ca460a0a21cb5e7f2bf01c3140cd44626f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 17:51:06 GMT
content-encoding: gzip
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-version-id: 7TdMa5ZTrejk0RTm9Hmgf19U7DPsSxmr
x-amz-cf-pop: FRA60-P4
age: 4735285
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29744
x-amz-meta-git_commit: bf5d88b
last-modified: Fri, 22 Sep 2023 17:50:53 GMT
server: AmazonS3
etag: "bfac72eb6cd68b280a12244a077daf10"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: _oTxi17kLFlT2JQBvXFichONw3jlC8srMcTJJkzsbW6eSVFoJMiduA==

GET
H2 200 bl-34df212-4fcdddb2.js Show response
tagan.adlightning.com/gomedia/ 69 KB
29 KB 97ms
95ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/bl-34df212-4fcdddb2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8104f30d932e381ae5a16a326a7afe2d3cb49b1f3b03be393d93df224ccd38c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 04:41:47 GMT
content-encoding: gzip
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-version-id: _NdE3At_BMfDRP85KvRnRCDtXLN8MCBA
x-amz-cf-pop: FRA60-P4
age: 30644
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29463
x-amz-meta-git_commit: 34df212
last-modified: Thu, 16 Nov 2023 04:04:18 GMT
server: AmazonS3
etag: "dc2722acf9804e9890ea2842c98bed3c"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: jvCrvc4i-d871wLZP2U8Gwk0mZOnBv5lVjCCf-sb1C2Hhv-ilBDlgw==

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DCEA 46 KB
13 KB 80ms
73ms Script
text/html 88.221.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 16f6a89c89e20586fdb7ed77f218f6af5442e80c8c3116deb2ab0cdd5aae2001

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 13:12:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Nov 2023 12:56:28 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=85403
Connection: keep-alive
Content-Length: 13230
Expires: Fri, 17 Nov 2023 12:55:53 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3A1B 70 B
148 B 106ms
89ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:30 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 3A1B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc?gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-9Z5_ZN1E2oRJ1VXuVjjj7YXZUjZNXqTz1mQJUA--~A

0
373 B

861ms
269ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-9Z5_ZN1E2oRJ1VXuVjjj7YXZUjZNXqTz1mQJUA--~A
Requested by: Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8434

Redirect headers

date: Thu, 16 Nov 2023 13:12:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 2
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-9Z5_ZN1E2oRJ1VXuVjjj7YXZUjZNXqTz1mQJUA--~A
content-length: 0

GET
H2

200

sync
x.bidswitch.net/ Frame 3A1B
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=taboola&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b

43 B
145 B

52ms
27ms

Image
image/gif

18.197.176.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=taboola&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b
Requested by: Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 18.197.176.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-176-130.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=taboola&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b
date: Thu, 16 Nov 2023 13:12:33 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame C67A
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=taboola
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZVYVQMCo5tAAAJUkazQAAAAA

0
373 B

146ms
44ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZVYVQMCo5tAAAJUkazQAAAAA
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9170

Redirect headers

X-SO-Cluster-ID: 0
Date: Thu, 16 Nov 2023 13:12:33 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZVYVQMCo5tAAAJUkazQAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad186"}
X-SO-Key: ZVYVQMCo5tAAAJUkazQAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad186
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZVYVQMCo5tAAAJUkazQAAAAA
Cache-Control: private
X-SO-HostName: m-ad186.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 729
Content-Length: 0
X-SO-LB-Hostname: a-tgng40012.dc2p.scaleout.jp
X-SO-IP: 176.115.237.162

GET
H2

204

/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame C67A
Redirect Chain

https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=eb6ce8df617742e792...
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=eb6ce8df617742e792ffb5396b9fa0e9

0
364 B

27ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=eb6ce8df617742e792ffb5396b9fa0e9
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9512

Redirect headers

location: https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=eb6ce8df617742e792ffb5396b9fa0e9
date: Thu, 16 Nov 2023 13:12:32 GMT
content-length: 0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame C67A 0
45 B 1823ms
271ms Image
text/plain 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame C67A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=16698
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LP17O3LC-1B-9P8J

0
373 B

143ms
31ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LP17O3LC-1B-9P8J
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9957

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LP17O3LC-1B-9P8J
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2

200

/
sync.taboola.com/sg/baidurtb-network/1/rtb-h/ Frame C67A
Redirect Chain

https://trace.mediago.io/ju/cs/taboola
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=1b7de7e8f53990c82jxzz700lp17o3mw

0
373 B

116ms
35ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=1b7de7e8f53990c82jxzz700lp17o3mw
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9957

Redirect headers

date: Thu, 16 Nov 2023 13:12:32 GMT
via: 1.1 google
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
location: https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=1b7de7e8f53990c82jxzz700lp17o3mw
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

/
sync.taboola.com/sg/google-network/1/rtb-h/ Frame C67A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGdn_wv008ArrZN2lRXsjxw&google_cver=1

0
373 B

28ms
18ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGdn_wv008ArrZN2lRXsjxw&google_cver=1
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9512

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGdn_wv008ArrZN2lRXsjxw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 101956
jadserve.postrelease.com/dmp/ Frame C67A 43 B
534 B 1819ms
274ms Image
image/gif 54.154.9.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/dmp/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.9.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-9-19.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:32 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame C67A 42 B
245 B 1760ms
216ms Image
image/gif 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc:$UID
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 16 Nov 2023 13:12:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C67A
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc

170 B
243 B

152ms
40ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc
date: Thu, 16 Nov 2023 13:12:32 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8434

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame C67A 70 B
148 B 476ms
242ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:30 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame C67A 49 B
692 B 1429ms
206ms Image
image/gif 208.93.169.131
WEBMD-IDC1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-DE
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6b57df6cd5-6m2rs
expires: -1

GET
H2

200

rtb-h
sync.taboola.com/sg/storygize-network/1/ Frame C67A
Redirect Chain

https://sid.storygize.net/ccm/8a5f7a0b-b1ad-46dc-a085-63906ab7b98c
https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
373 B

146ms
43ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9170

Redirect headers

location: https://sync.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
date: Thu, 16 Nov 2023 13:12:32 GMT
content-length: 0

GET
H2 200 9.gif
id5-sync.com/s/464/ Frame C67A 43 B
921 B 278ms
28ms Image
image/gif 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/464/9.gif?puid=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 16 Nov 2023 13:12:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

sync
x.bidswitch.net/ Frame C67A
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=taboola&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b

43 B
145 B

43ms
21ms

Image
image/gif

18.197.176.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=taboola&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 18.197.176.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-176-130.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=taboola&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b
date: Thu, 16 Nov 2023 13:12:33 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame C67A
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=39726b6b-5c4c-4c3f-a18e-4bfb403f6035
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=39726b6b-5c4c-4c3f-a18e-4bfb403f6035&tbid=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&query=taboola_hm%3D39726b6b-5c4c-...

0
96 B

202ms
198ms

Image
text/plain

151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=39726b6b-5c4c-4c3f-a18e-4bfb403f6035&tbid=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&query=taboola_hm%3D39726b6b-5c4c-4c3f-a18e-4bfb403f6035&isDirect=0
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 16 Nov 2023 13:12:34 GMT
via: 1.1 varnish
server: nginx
x-timer: S1700140354.306311,VS0,VE188
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra-eddf8230127-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=39726b6b-5c4c-4c3f-a18e-4bfb403f6035&tbid=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&query=taboola_hm%3D39726b6b-5c4c-4c3f-a18e-4bfb403f6035&isDirect=0
date: Thu, 16 Nov 2023 13:12:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8754

GET
H2

200

xuid
eb2.3lift.com/ Frame C67A
Redirect Chain

https://eb2.3lift.com/xuid?mid=7772&xuid=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy=
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

27ms
17ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 16 Nov 2023 13:12:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7772&xuid=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date: Thu, 16 Nov 2023 13:12:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame C67A
Redirect Chain

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F...
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=05b467a8-d07a-00b1-2c9f-6a68f0dc7ade

0
373 B

109ms
32ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=05b467a8-d07a-00b1-2c9f-6a68f0dc7ade
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8659

Redirect headers

date: Thu, 16 Nov 2023 13:12:33 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=05b467a8-d07a-00b1-2c9f-6a68f0dc7ade
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 218ms
0ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Thu, 16 Nov 2023 13:12:30 GMT
x-amz-request-id: 9T8G4R1J257WC6ZV
age: 1308
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by: cache-fra-eddf8230127-FRA
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1700140351.958582,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 14
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 8910

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 217ms
0ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Thu, 16 Nov 2023 13:12:30 GMT
x-amz-request-id: AXB48TVMJDNAM2N4
age: 15618
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by: cache-fra-eddf8230127-FRA
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1700140351.959685,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 40
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 24683

GET
H2 200 fraud-detect.js Show response
cdn.taboola.com/scripts/ 121 B
450 B 216ms
0ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/fraud-detect.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding: gzip
via: 1.1 varnish
date: Thu, 16 Nov 2023 13:12:30 GMT
x-amz-request-id: M4SP5ZB80QM7DHQP
age: 3505
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 125
x-amz-id-2: 27s1ZzL8grOAJHrzyGAagzwa4QLcFiyx8paeutTC1SOQfkmrt1WACjA/9B+yApzfDtcrskytcvQ=
x-served-by: cache-fra-eddf8230127-FRA
last-modified: Thu, 15 Dec 2022 16:50:08 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1700140351.959638,VS0,VE0
etag: "f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary: Accept-Encoding
content-type: application/javascript
abp: 83
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 8353

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame DCEA 7 B
810 B 611ms
28ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 402fba8a82f093def2459220061c8d31
Expires: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
45 KB 423ms
33ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bc387e4d17ba1af7f28eb7e3560636f10fab9efe18c694798dcf6d5546a1165f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45385
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Nov 2023 13:12:33 GMT

GET
H2 200 183957-47751755686051.js Show response
js-sec.indexww.com/ht/p/ 42 KB
14 KB 225ms
27ms Script
text/javascript 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4300454348aab742b1eff507c0bc32134b45a5d6aca003be799d9ff24af4a10d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Nov 2023 13:05:53 GMT
server: cloudflare
age: 206
etag: W/"7632a2-a904-60a44adfd6d35"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 826ffc76dc6d9b5d-FRA
expires: Thu, 16 Nov 2023 17:12:33 GMT

GET
H2 200 runtime~trackers.cab236ddab54d9b50be3.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 2 KB
2 KB 464ms
366ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/runtime~trackers.cab236ddab54d9b50be3.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

684b4de220f2acb97bbd72a8d06ad77da72693f611a47ada428892ba3018c9d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-amz-request-id: GYJ67CBZNKFRB7MT
age: 2012114
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1237
x-amz-id-2: KkpRPhQ7kRI0dV251eTdWANRK9085HjN7KrbjsctbWrj4gAzD6KkMvmdgD5/q8EX1PLOvOGLkKa6l/eg2grpdwU4ZDLF/Bl0yfu0fkEyT6M=
x-served-by: cache-fra-eddf8230088-FRA, cache-fra-eddf8230068-FRA
last-modified: Mon, 25 Sep 2023 20:30:02 GMT
server: AmazonS3
x-timer: S1700140352.306115,VS0,VE0
etag: "3aaaeafd41360ff85f54800f5cea93b0"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 0, 2

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~4ea66be1.bc22efab6ca478cb569c.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 38 KB
14 KB 465ms
367ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~4ea66be1.bc22efab6ca478cb569c.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1ace9e08da91ddfaadf070b93307666c4bbdbe83b14c975d703bbe884ae90926

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id: 9KQBEPX34XBVDH7Y
age: 2009452
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 13985
x-amz-id-2: N8szGttdUsSH9medzmrH0PD+YhSH+E4Fxz7ETCRPibWLWp119Ed4NEAkcIuxWYUWPqRsCvGmGO2d31eW85pJ9fkpGmT0JikC
x-served-by: cache-fra-eddf8230096-FRA, cache-fra-eddf8230068-FRA
last-modified: Wed, 11 Oct 2023 12:58:54 GMT
server: AmazonS3
x-timer: S1700140352.305898,VS0,VE0
etag: "ff823184fadd2ca25405cfb78d0f2ac4"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 0, 0, 2

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~3b8fb7c5.0ef97014e63785d98dba.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 179 KB
59 KB 464ms
366ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~3b8fb7c5.0ef97014e63785d98dba.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

21a51bfa6dcd95b688f195e3290e70e30ab422101b86b5194143fb1aa364068e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id: YR5KN49QF5WWYZ6N
age: 1889437
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 59787
x-amz-id-2: srCHg6KFjDyDGPzI3vXT77450m/eWj9kMvatjbEd4nCuHUqHt/hXs8hIEZxIUQeh38wh23TeGfI=
x-served-by: cache-fra-eddf8230080-FRA, cache-fra-eddf8230068-FRA
last-modified: Wed, 25 Oct 2023 16:18:36 GMT
server: AmazonS3
x-timer: S1700140352.305918,VS0,VE0
etag: "911ceb18d4676a1604e6484a620d751d"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 0, 2

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~5dd230b7.946a9e54a94b06c2c450.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 5 KB
2 KB 409ms
318ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~5dd230b7.946a9e54a94b06c2c450.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f1e50535cd96094998245d0149c8eaf14e51fcd01a9b1286936ef2754b282823

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-amz-request-id: YR5X805QK5GQQHVP
age: 1889437
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 2137
x-amz-id-2: iafEta59asYAHr7FQU7bkEDc3K2MvHnQmvYs6Yn8vbQAk6IDgvU45mf5bb7vyq9v/dHbh1VN1Pg=
x-served-by: cache-fra-etou8220111-FRA, cache-fra-eddf8230068-FRA
last-modified: Wed, 25 Oct 2023 16:18:36 GMT
server: AmazonS3
x-timer: S1700140352.305482,VS0,VE0
etag: "6c3566c414014aae4aca5802ccbc5d8a"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 0, 2

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~a57849c3.0b4e19480a094968d8c7.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 5 KB
2 KB 503ms
412ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~a57849c3.0b4e19480a094968d8c7.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b58135e4d0d328264b9783a8dc11b875c3f2204279c44c9b6d2bf3d7b967e198

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-amz-request-id: YR5W443JQKMCP8PE
age: 1889437
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 1789
x-amz-id-2: KyGzOgy39NhH3mN3s+iVNbDFlTl8yqFZnEs+OCYkWpTiIjtjoTmEsSqeXnwy3yEoB1RibYGsaWE=
x-served-by: cache-fra-eddf8230116-FRA, cache-fra-eddf8230068-FRA
last-modified: Wed, 25 Oct 2023 16:18:36 GMT
server: AmazonS3
x-timer: S1700140352.306424,VS0,VE0
etag: "c788288d8ffee112e8c430c797871785"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 0, 2

GET
H2 200 vendor~biztools~capPage~capRoundupPage~commerceDashboardClient~featureSwitchPageClient~renderThumbsM~fa7c618c.5bf9370c17b74188ad99.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 22 KB
7 KB 507ms
417ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~biztools~capPage~capRoundupPage~commerceDashboardClient~featureSwitchPageClient~renderThumbsM~fa7c618c.5bf9370c17b74188ad99.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3808183c4e2a5463ca4622d4802e1c5ff8d668870a096ac90f281b886d6e0111

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-amz-request-id: AHVYZRQBTY7YT2YD
age: 1204227
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 6984
x-amz-id-2: +aBcXAZS4sxduaiUn7PexxfFjz/8wkQwjVZQEiB7ZythuoYMwEiZWLQatd7REs2+71M6OP34kvk=
x-served-by: cache-fra-eddf8230089-FRA, cache-fra-eddf8230068-FRA
last-modified: Thu, 02 Nov 2023 14:39:05 GMT
server: AmazonS3
x-timer: S1700140352.306353,VS0,VE0
etag: "7e1214c8d3f1f5c83f28d8a7cc74ef0e"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 0, 2

GET
H2 200 vendor~trackers.3c1df5cad1584161e519.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 111 KB
35 KB 252ms
163ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.3c1df5cad1584161e519.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2dc9ce6ff07aa809dfdfad4e380d74ba7df1bcace68085a8ef1ac8b4ee785bae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 24893FQFNCN9YMWX
age: 144855
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 35688
x-amz-id-2: 0dem3l3Ef5rDZ+z1vqTLMP/bPIGX8SCVhzENTOQiiYK5lFuR94BTP4lBvaLjDe/vKT+Yw0y0I8A=
x-served-by: cache-fra-etou8220056-FRA, cache-fra-eddf8230068-FRA
last-modified: Tue, 14 Nov 2023 20:51:47 GMT
server: AmazonS3
x-timer: S1700140352.305432,VS0,VE0
etag: "b838b0611ef716ba82e1c0c4a8fcbc37"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 2

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~a02a33a9.ab29d9fdb8f487663b18.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 15 KB
4 KB 406ms
317ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~a02a33a9.ab29d9fdb8f487663b18.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f9e0a4ba13158c2f5bacf1f81aa478111a3212159d1f42f7a1d514228babbde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: SYBJCNRCTZ8QKY6Y
age: 209244
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 3984
x-amz-id-2: gSG6ugYdYHEhCAhxmetcpdMrZXdVcv0qlkWPWuFp+czxoQ7p3Qef2GCDUgfCuzPR6DEp3g2wir59cPk8MrG3Ww==
x-served-by: cache-fra-eddf8230094-FRA, cache-fra-eddf8230068-FRA
last-modified: Tue, 07 Nov 2023 04:28:12 GMT
server: AmazonS3
x-timer: S1700140352.305429,VS0,VE0
etag: "247a3e30f50ed28758ae35d6f6cee77e"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 2

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~fb1edace.48bfda91c7e94a9aa92b.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 53 KB
13 KB 250ms
162ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~fb1edace.48bfda91c7e94a9aa92b.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2aafc3889b2ed0cdca5c90cd5369370bae84a7ca777e96fd082c7d4e9fc27ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: SYBNZAJMRVDSJK2N
age: 206769
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 12637
x-amz-id-2: ndtNsFmg1+9+gP/4kJjBQQboC/IsBRO5d7CYKj4n6SwnnYApl+Aif/OVv7S8M1Y1QWa5OjwRxws=
x-served-by: cache-fra-eddf8230102-FRA, cache-fra-eddf8230068-FRA
last-modified: Tue, 07 Nov 2023 04:28:12 GMT
server: AmazonS3
x-timer: S1700140352.305388,VS0,VE0
etag: "ff57b9bf3a9c53a1063e45658c1e1ec3"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 2

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~1e1f3b70.9da663e583a6a7ac7059.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 78 KB
9 KB 250ms
163ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~1e1f3b70.9da663e583a6a7ac7059.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

51d62eb6d89c9f6ed16b87ce68a3a41e613f5972048674b41a5441032a5596e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: KJ5CSAHKKWXJCF2K
age: 295276
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 8464
x-amz-id-2: iPAI6upvjFK+iGN2gPdbDJjBsWmnn+mo2ZUS3dqGR85x2PJ78TxM//OkOnB1xG8B21MboZw0h4M=
x-served-by: cache-fra-etou8220043-FRA, cache-fra-eddf8230068-FRA
last-modified: Mon, 13 Nov 2023 03:04:38 GMT
server: AmazonS3
x-timer: S1700140352.305361,VS0,VE0
etag: "32f4e8cfdc72be3128a72cad4c069e52"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 2

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~a0b3c1e7.7e1c6981498bf701520d.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 118 KB
28 KB 553ms
473ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~editorPage~error~a0b3c1e7.7e1c6981498bf701520d.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f07902c3a474186fdbc1bcbd9b23b8497011342cfd05f43ff203e26fbeb9b503

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: DATC70B6NE10E1KW
age: 15985
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 28368
x-amz-id-2: 1WKSfbW45kJLEqlXuagO+jBX5nGtrje9BU2TQhPD41QQDN6xYMjfekLanE1iSQpcMwV0kmWSzCk=
x-served-by: cache-fra-etou8220065-FRA, cache-fra-eddf8230068-FRA
last-modified: Thu, 16 Nov 2023 08:39:39 GMT
server: AmazonS3
x-timer: S1700140352.318213,VS0,VE0
etag: "7b0e5692ef6c5b9f4fa7378ad1e04601"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 2

GET
H2 200 carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.430e633af3bf2dcd42d5.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 12 KB
4 KB 566ms
492ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/carGalleryPage~second-scroll~slideshowPermalinkPage~trackers.430e633af3bf2dcd42d5.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4331bac2193cbde53c6e8bcd7f79ec503a4aec25a9eae47b557e4f118f5d2a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: V560839SJ26A26JN
age: 133335
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 3979
x-amz-id-2: h/cVHwyZRuvneUirvKpvM4ETYZ8IeBktWgWo7U8TSN6UjP60cNO4MQLyFtDsp9WQ7CJVNrYWccalL5XmFacdkQ==
x-served-by: cache-fra-eddf8230086-FRA, cache-fra-eddf8230068-FRA
last-modified: Tue, 07 Nov 2023 06:10:37 GMT
server: AmazonS3
x-timer: S1700140352.318213,VS0,VE0
etag: "4a907d32b257b9799ec37089e833b1f4"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 2

GET
H2 200 trackers.af8f3686a8725dbbb836.js Show response
www.theonion.com/x-kinja-static/assets/new-client/ 14 KB
4 KB 546ms
472ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/x-kinja-static/assets/new-client/trackers.af8f3686a8725dbbb836.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8b2942c6c4f2ae52ec074001795df39daacbc0df87093ceaf10b02b4428b2dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: VCYJCP37CGZA6PM0
age: 144848
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 3982
x-amz-id-2: Sv9jbf1AmkoxTYZ/iQLS1L878wwHbJkOQIU2i5I2EUWv3TeiMB2OuXoYKttlrkhCThhKtHgeAVi+6TSLPgf3qQ==
x-served-by: cache-fra-eddf8230133-FRA, cache-fra-eddf8230068-FRA
last-modified: Tue, 14 Nov 2023 20:51:46 GMT
server: AmazonS3
x-timer: S1700140352.318374,VS0,VE0
etag: "6d09e7aad439d1a98668c86c0c24d487"
vary: Accept-Encoding, Authorization
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-kinja-country: US
x-cache-hits: 1, 2

GET
H2 200 runtime~curatedHomepage.c5a9aa0386e0c22ca929.js Show response
x.kinja-static.com/assets/new-client/ 27 KB
5 KB 601ms
527ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/runtime~curatedHomepage.c5a9aa0386e0c22ca929.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

02f266117bb7fc42f1f5db53cd58316c2956613144e209d3130dcfedf7a54047

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: BGAVGMJ0DQ9M6PSZ
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 5170
x-amz-id-2: Revqsd7Tq3tBl+peYeU1GLN5iByCWSwM0VLWVWLWx7FGRZH4s3fFp6Hbh1lOxoEZJZpInHOQq0cxEzhRqE7/Xw==
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Thu, 16 Nov 2023 08:39:43 GMT
server: AmazonS3
x-timer: S1700140352.317962,VS0,VE1
etag: "be16dd492504e93c51760b11277b3057"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~capRoundupPage~celebrityPage~channelSectionPage~commerceDashboa~327be206.8d0a91348f459e7eea5f.js Show response
x.kinja-static.com/assets/new-client/ 119 KB
33 KB 544ms
471ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~celebrityPage~channelSectionPage~commerceDashboa~327be206.8d0a91348f459e7eea5f.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2f38447328a8094410e2b95ff57fdc7c7305a13603e8a97d4720418acd96f9f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: QQQ6YACB0GHHWCHS
age: 55
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 33739
x-amz-id-2: Pq1slmVWoYaDumzLoE/Hig/fC4jLyjk+yzphb343ZZBvg9pgEelTCqIVWbJnWf4MWmfYn2g1Hgc=
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Tue, 07 Nov 2023 22:13:08 GMT
server: AmazonS3
x-timer: S1700140352.317931,VS0,VE0
etag: "671019a0421e74236530403f0fb0e6db"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~58afd02a.d643cf95185d98203e93.js Show response
x.kinja-static.com/assets/new-client/ 3 KB
1 KB 526ms
453ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~adEditor~biztoolsPage~capPage~capRoundupPage~carGalleryPage~carSpecsPage~celebrityPage~channe~58afd02a.d643cf95185d98203e93.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

83992d5da583494b56f97997360b7299e8d666022125e0910d44fb765a7a227b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: DP3R8367Z74WZ089
age: 104
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1036
x-amz-id-2: Py1PNyBLV/zr1akYYo+le+G2pWroHlBGsFy5rdqUVlVC6t08yhFVTQshCAui6X2AAZPcdFcgukg=
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Tue, 07 Nov 2023 22:13:08 GMT
server: AmazonS3
x-timer: S1700140352.317866,VS0,VE0
etag: "c3d4ecea770493510b5c0015e06f6d85"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 vendor~celebrityPage~channelSectionPage~curatedHomepage~frontPage~hamburger-menu-variant2~moviePage~~64e5e735.f0ea05c77411b4550591.js Show response
x.kinja-static.com/assets/new-client/ 3 KB
1 KB 544ms
472ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~celebrityPage~channelSectionPage~curatedHomepage~frontPage~hamburger-menu-variant2~moviePage~~64e5e735.f0ea05c77411b4550591.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

272d51a5f8de11a570e199ce60cc669482b766095d12ade9ebec880230e836f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: G3A5P6K36B6R7RNZ
age: 35
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1211
x-amz-id-2: IeY/QzWxi6DVQ4huqNShJwxP9HwHVubCuvHUK1K8Qf6gTzQL/viHzotWzK6LW8OSMTZqthU/v9Q=
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Mon, 13 Nov 2023 03:04:44 GMT
server: AmazonS3
x-timer: S1700140352.317866,VS0,VE0
etag: "343c1192ee08435ec4ead21807def48d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 vendor~curatedHomepage~frontPage~modify-commerce-links~renderSlideshowBlockNode~searchPage~send-to-e~ecb5f117.72ef3192a5c3b1a8c2d5.js Show response
x.kinja-static.com/assets/new-client/ 9 KB
4 KB 629ms
571ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/vendor~curatedHomepage~frontPage~modify-commerce-links~renderSlideshowBlockNode~searchPage~send-to-e~ecb5f117.72ef3192a5c3b1a8c2d5.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7b739323f788f43777d94f5a11b01dfde61f9ff8233fd0ce5d9d50b36875c75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: J7ZQQWD4EGVBRA4Z
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3321
x-amz-id-2: GGtsCiYEwRfqODdWK31WODsIxoetLcqTJVSAiOVEFzMd5wjviw0LG12HISsR2erd+nuhpczjunac7zwOX8nD7A==
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Tue, 14 Nov 2023 22:46:46 GMT
server: AmazonS3
x-timer: S1700140352.317655,VS0,VE197
etag: "5dc888ab900f57f077dacfb914ed5222"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 PlaylistCarousels~YMALModule~biztools~car-comparator~car-selector~car-shopping-widget~commerceDashbo~094abaa1.68f0462e5f02e66608d6.js Show response
x.kinja-static.com/assets/new-client/ 12 KB
3 KB 585ms
528ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/PlaylistCarousels~YMALModule~biztools~car-comparator~car-selector~car-shopping-widget~commerceDashbo~094abaa1.68f0462e5f02e66608d6.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

444557d72b614ed516e8efb7b96e17d9ae74e2a366bf21175a2921d6fd1e47c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: M01A6NV671T0ZPWE
age: 19
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3017
x-amz-id-2: U3IIzSvHcw4hVsmFzxZ1qkqHBIrVGWHCzAVwTzxeLGwNPxYphRhQ8D5mdQqwk45oWlqpKEUjL2k=
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Mon, 13 Nov 2023 21:57:47 GMT
server: AmazonS3
x-timer: S1700140352.317639,VS0,VE1
etag: "b0564264a72679f83e83649751411da0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~01efa28b.960d49be6904641cc1e5.js Show response
x.kinja-static.com/assets/new-client/ 7 KB
2 KB 506ms
454ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/adEditor~biztoolsPage~carGalleryPage~carSpecsPage~commerceDashboard~curatedHomepage~curatedPostsPage~01efa28b.960d49be6904641cc1e5.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4e26deffb409d54bad3ee0136cb720a41853e80674879efe763d44a80e079c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 5WW9NHWXFG9B1AFA
age: 79
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2112
x-amz-id-2: hlkgHQl+3lS2PDS/B0uuvdLEc0HzBwIcReHCrQrRrlQal+so2oJ6Ad7bxqhKOTqHFDmhX9EXruVsz2/6sB6uJw==
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Mon, 30 Oct 2023 16:07:25 GMT
server: AmazonS3
x-timer: S1700140352.317628,VS0,VE0
etag: "317d47a6a0a62e3cd959c3c6019d9ea9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 YMALModule~biztools~car-comparator~car-selector~car-shopping-widget~curatedHomepage~exit-intent-form~ec235e7e.f400df718d8cb76258d2.js Show response
x.kinja-static.com/assets/new-client/ 31 KB
7 KB 619ms
567ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/YMALModule~biztools~car-comparator~car-selector~car-shopping-widget~curatedHomepage~exit-intent-form~ec235e7e.f400df718d8cb76258d2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

297ff74e9b9268345a74529a1c7c2b6bc85bb6953b7dcf3f274fdbb9f6a84de1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: YCSKMA97XD152A90
age: 9
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 6751
x-amz-id-2: 71VZjXnLo4MAB99xapxnJBmR0HdnZjFG8fI3yTzxMAx+MrKqUEhr/GlUPYiMKxj+iphJ5vZFdno=
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Thu, 16 Nov 2023 08:39:39 GMT
server: AmazonS3
x-timer: S1700140352.317755,VS0,VE2
etag: "7b9fce0b83cdc8c3802bbae3e0e20b3d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 curatedHomepage.278c284808c24c7269dc.js Show response
x.kinja-static.com/assets/new-client/ 104 KB
21 KB 570ms
527ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/curatedHomepage.278c284808c24c7269dc.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

895ce7d39d73eb7ece8504ac560470699340a209d2e2a3a89ad21ee174e3b676

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:32 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: BGAJF8SN1QG7PHBM
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 21298
x-amz-id-2: HEAxvssNW78dmgiC86gMAB5pKZJQDYSCL3YJLJMtwTy4TNuzss23TuAnucH9jMjApp3iaPqpX4g=
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Thu, 16 Nov 2023 08:39:40 GMT
server: AmazonS3
x-timer: S1700140352.317597,VS0,VE1
etag: "06724c38b2d3d76d79354b143a571eb2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 429 KB
135 KB 169ms
161ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 10:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8306
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 15 Nov 2024 10:54:06 GMT

GET
H2

200

/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame DCEA
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LP17O3VF-1J-M0NM
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---

0
373 B

146ms
45ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9170

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 7d24643e640b7b50906469aa87bfb2ce
Expires: 0

GET
H2 200 / Show response
pips.taboola.com/ 4 B
142 B 130ms
22ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230107-FRA
date: Thu, 16 Nov 2023 13:12:32 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.theonion.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 200 3076 Show response
config.aps.amazon-adsystem.com/configs/ 505 B
770 B 214ms
5ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3076
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1d923186391290904b3f4eb0006cdbca944b9c5d94a1917794012d9a4c1a0949

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 12:45:22 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1631
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 505
x-amz-cf-id: nTfp93hzBQtbQ5hHZuc8h0INCwjpCfdplYr6PltEp_1tn95BeQANWA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
2 KB 51ms
21ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3076&u=https%3A%2F%2Fwww.theonion.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 964b51f0f69e81873789b020fabe29658d43bb3cd3d3568196b6a48e177b8ae3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 08:41:24 GMT
via: 1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 16268
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1259
x-amz-cf-id: boQeY5pQNUKYPN4UKo-1slndOt-Mzyc7I_oThzqcBTDDd-jDK59EPA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 86ms
14ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 04:10:05 GMT
x-amz-cf-pop: FRA56-P6
age: 32671
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: ht8URE3eBFcP5IJPFm0miUs7yMZQQqDYxiXD-hBlznZLOykEXqJvuQ==

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame DCEA
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OMwXW114SGmuVrKr7g-dMQ&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OMwXW114SGmuVrKr7g-dMQ&gdpr=0

43 B
479 B

44ms
39ms

Image
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OMwXW114SGmuVrKr7g-dMQ&gdpr=0

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

HTTP/1.1

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 13:12:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VM3NJGX2J896J4M9WGTS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OMwXW114SGmuVrKr7g-dMQ&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DCEA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEB7kAOFRvt6-0PELB3T0h9k&google_cver=1

42 B
723 B

290ms
29ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEB7kAOFRvt6-0PELB3T0h9k&google_cver=1
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEB7kAOFRvt6-0PELB3T0h9k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame DCEA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&us_privacy=1---
https://s.amazon-adsystem.com/ecm3?id=LP17O3VF-1J-M0NM&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---

43 B
479 B

355ms
105ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LP17O3VF-1J-M0NM&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 13:12:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9J9CJTWC5QD6SBNWNWR4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LP17O3VF-1J-M0NM&ex=d-rubiconproject.com&status=ok&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame DCEA 70 B
148 B 118ms
41ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:33 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame DCEA
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZIKz3LBJSli4IPprnbz1Kw&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZIKz3LBJSli4IPprnbz1Kw&gdpr=0

43 B
479 B

129ms
126ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZIKz3LBJSli4IPprnbz1Kw&gdpr=0

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 13:12:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J8Y9QA6BQ9FF17P8YPEX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZIKz3LBJSli4IPprnbz1Kw&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DCEA
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjVmMzE1NzFlMDQ5NjMyMDA1ZWJkZTc3M2Q1OThjZTBkNTBkOWQyZg&gdpr=0&us_privacy=1---

170 B
232 B

134ms
133ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjVmMzE1NzFlMDQ5NjMyMDA1ZWJkZTc3M2Q1OThjZTBkNTBkOWQyZg&gdpr=0&us_privacy=1---

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjVmMzE1NzFlMDQ5NjMyMDA1ZWJkZTc3M2Q1OThjZTBkNTBkOWQyZg&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 402fba8a82f093def2459220061c8d31
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DCEA
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFAxN08zVkYtMUotTTBOTQ==&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEPhG0QOpyCTk8r6TxQY2V2Y&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxN08zVkYtMUotTTBOTQ==&google_push=&gdpr=0

170 B
232 B

44ms
37ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxN08zVkYtMUotTTBOTQ==&google_push=&gdpr=0

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxN08zVkYtMUotTTBOTQ==&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DCEA
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/3X2aWnNj6rRucwJj7ctVTMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.l.5XSJE2oI0coNGaxetDYcyEi0SEs7TsEycqw--~A

42 B
723 B

53ms
17ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.l.5XSJE2oI0coNGaxetDYcyEi0SEs7TsEycqw--~A
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 16 Nov 2023 13:12:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.l.5XSJE2oI0coNGaxetDYcyEi0SEs7TsEycqw--~A
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame DCEA
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---

0
727 B

694ms
191ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:34 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 4AA7E4E6181649129DEECF765D01119F Ref B: FRAEDGE2005 Ref C: 2023-11-16T13:12:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYKRMXnKftJazasaqfttg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 402fba8a82f093def2459220061c8d31
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DCEA
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFoiU7KrCsAABWTdfAMtw&expires=30&gdpr=0

42 B
723 B

45ms
40ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFoiU7KrCsAABWTdfAMtw&expires=30&gdpr=0
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAFoiU7KrCsAABWTdfAMtw&expires=30&gdpr=0
Date: Thu, 16 Nov 2023 13:12:34 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame DCEA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&us_privacy=1---
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---

43 B
943 B

150ms
40ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:34 GMT
an-x-request-uuid: a84bf7db-8034-4ef1-a742-e859a0e9b2cb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 176.115.237.162; 176.115.237.162; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame DCEA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&us_privacy=1---
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---

0
524 B

534ms
38ms

Image
text/html

13.32.99.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 13.32.99.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-20.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:34 GMT
content-encoding: gzip
via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: B577-n5anAwXwPuAG9EHiLzvi5ahUATOfav5TskYucoswzF-y0M_Sg==

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H2

200

cksync
hb.yahoo.net/ Frame DCEA
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1---
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP17O3VF-1J-M0NM&redir=true&gdpr=0&us_privacy=1---
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP17O3VF-1J-M0NM&gdpr=0&redir=true&us_privacy=1---
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1IejBWRV85RTJ1SE5iTXY2bzg2M01vclVDbjdqQVRkMH5B&gdpr=0&ovsid=LP17O3VF-1J-M0NM&dpid=58160&us_privacy=1---

52 B
315 B

209ms
73ms

Image
image/gif

23.48.23.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1IejBWRV85RTJ1SE5iTXY2bzg2M01vclVDbjdqQVRkMH5B&gdpr=0&ovsid=LP17O3VF-1J-M0NM&dpid=58160&us_privacy=1---

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Server

23.48.23.64 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-64.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Thu, 16 Nov 2023 13:12:34 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 52
x-mnet-hl2: E
expires: Thu, 16 Nov 2023 13:12:34 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1IejBWRV85RTJ1SE5iTXY2bzg2M01vclVDbjdqQVRkMH5B&gdpr=0&ovsid=LP17O3VF-1J-M0NM&dpid=58160&us_privacy=1---
date: Thu, 16 Nov 2023 13:12:34 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

v1
match.sharethrough.com/sync/ Frame DCEA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&us_privacy=1---
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---

0
35 B

233ms
24ms

Image
text/plain

52.58.37.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 52.58.37.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-37-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:34 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP17O3VF-1J-M0NM&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DCEA
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=157191fd-9286-4e11-8dbe-9589f34f6587&expires=30&gdpr=0&us_privacy=1---

42 B
723 B

25ms
24ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=157191fd-9286-4e11-8dbe-9589f34f6587&expires=30&gdpr=0&us_privacy=1---
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=157191fd-9286-4e11-8dbe-9589f34f6587&expires=30&gdpr=0&us_privacy=1---
Date: Thu, 16 Nov 2023 13:12:34 GMT
Connection: keep-alive
X-CI-RTID: 0daaf0f6-69a6-4d38-844a-1dccfa6f4fb8
Content-Length: 175
Content-Type: text/html; charset=utf-8

GET
H2

200

pixel
capi.connatix.com/us/ Frame DCEA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0&us_privacy=1---
https://capi.connatix.com/us/pixel?puid=LP17O3VF-1J-M0NM&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---

82 B
82 B

332ms
125ms

Image
image/gif

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=LP17O3VF-1J-M0NM&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 826ffc7fa9e037cb-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://capi.connatix.com/us/pixel?puid=LP17O3VF-1J-M0NM&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 110 KB
37 KB 163ms
19ms Script
text/javascript 18.239.50.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-115.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: x5VtTe.o38AhKNl9GXJ.IeIaII4uy0GZ
content-encoding: gzip
via: 1.1 5090b605a7b968781de55827dd170bf2.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 06:32:08 GMT
last-modified: Thu, 19 Oct 2023 08:25:12 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 24027
x-amz-server-side-encryption: AES256
etag: W/"b248cc9d0fdeb36bdeb7efabad1132ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 7hhu9ejg2bYBkUJZToMZo3T1TVKP-yapeNPc850mEFAjJvo_o_2FMw==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 612ms
189ms Script
application/javascript 2.23.78.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-78-67.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:33 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Thu, 16 Nov 2023 13:27:33 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 389ms
94ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 13:12:33 GMT
cache-control: no-store
server: nginx

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 24ms
18ms XHR
text/plain 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=630657696&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aODACEABFAAAACAAI~&jid=637657921&gjid=122118410&cid=1205822449.1700140353&tid=UA-223393-1&_gid=767182962.1700140353&_r=1&_slc=1&cd34=none&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=frontpage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=frontpage&cd132=undefined&cd134=1&z=490501182

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 35ms
34ms XHR
text/plain 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=630657696&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aODACEABFAAAACAAI~&jid=1842334589&gjid=33576504&cid=1205822449.1700140353&tid=UA-142218-33&_gid=767182962.1700140353&_r=1&_slc=1&cd34=none&cd35=none&cd36=none&cd38=computer&cd42=none&cd43=none&cd48=none&cd50=other&cd51=none&cd52=none&cd53=none&cd58=adblock%20off&cd60=production%3Amagma&cd70=&cd75=Logged%20out&cd76=none&cd78=standard&cd80=none&cd82=none&cd83=frontpage&cd94=none&cd97=none&cd99=none&cd100=none&cd101=theonion&cd103=&cd105=The%20Onion&cd108=adblock%20off&cd109=website&cd110=1364%2B&cd111=0&cd115=none&cd117=none&cd123=none&cd124=none&cd126=adblock%20off&cd130=none&cd131=frontpage&cd132=undefined&cd134=1&z=608309563

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pid Show response
www.theonion.com/api/magma/veritas/ 40 B
877 B 272ms
190ms Fetch
text/html 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/magma/veritas/pid?cb=1700140353681

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.3c1df5cad1584161e519.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

9614887737ce8a4a73a6ef73965fbc8c19b36635b8e1b0aafb3d5893016d563a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-kinja-server: kinja-magma-kube02-7499f88c69-vspbf
content-security-policy: frame-ancestors 'self'; upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 13:12:33 GMT
via: 1.1 varnish, 1.1 varnish
x-kinja-build: 4584
x-powered-by: Express
x-cache: MISS, MISS
x-ua-device: desktop
x-kinja-superheroloaded: true
x-kinja: kinja-magma-kube02-7499f88c69-vspbf #4584
x-cdn-fetch: mantle-nocache
content-length: 40
x-xss-protection: 1; mode=block
x-exp-variant: NotInTest
x-served-by: cache-iad-kcgs7200047-IAD, cache-fra-eddf8230068-FRA
x-googlenews-bot: false
x-exp-id: NotInTest
x-timer: S1700140354.870750,VS0,VE95
etag: W/"28-iodOkOz19/yi/4AO0CYrtAtc42s"
vary: Accept-Encoding, X-Feature-Hash, X-Forwarded-Proto, X-Valid-Scroll-User, X-GoogleNews-Bot, X-Kinja-LoggedIn, X-Kinja-Req-Origin-US, X-Kinja-SuperHeroLoaded, X-QZ-User-Role, X-UA-Device, X-Kinja-Location
content-type: text/html; charset=utf-8
cache-control: private, no-store, no-cache
accept-ranges: bytes
x-kinja-country: US
x-robots-tag: noindex, nofollow
x-kinja-revision: c37399aea4c7ca3f931356c4405a21c67225b26a
x-cache-hits: 0, 0

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://kinja-com.videoplayerhub.com/gallery.js
https://btloader.com/tag?h=kinja-com&upapi=true

52 KB
18 KB

451ms
48ms

Script
application/javascript

172.67.41.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=kinja-com&upapi=true
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1af3778495daf4eddf2e91ade1d6f305e7d9be4e58a6ed5c97040e01b4b3dcb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:36 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 16 Nov 2023 12:28:45 GMT
server: cloudflare
age: 2629
etag: "e0dcdfb9dd2d189ea4fc2889a270cb0d"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 826ffc891ba4bbf8-FRA
content-length: 18110

Redirect headers

date: Thu, 16 Nov 2023 13:12:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuCBrbpElC46kdS96xyq1t9sNHvf4xUmPsW0wKqOXPgiKjBX7JUODLIxMqLhYkvOF616yMwZO%2BvnhJyu%2Bu%2Bp6BEq%2BV6IM7aTCssVl5rMZpqjTkFaV17C84eFpLVGjrSmPNbcGpMflaOhdm7iR6c%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=kinja-com&upapi=true
cache-control: max-age=3600
cf-ray: 826ffc7db84b2c75-FRA
expires: Thu, 16 Nov 2023 14:12:34 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 491ms
33ms Script
application/x-javascript 18.245.64.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.64.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-64-124.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 12:00:10 GMT
content-encoding: gzip
via: 1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 01:59:58 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 4344
etag: W/"6555779e-94a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: wHcE_HZ7j2escJS1Sh6sQE9uS8lf9E5xWKpEKc3Ftg_D_aSXrG2pTg==
expires: Thu, 16 Nov 2023 14:00:10 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
148 B 371ms
47ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=5zq9nmk&ct=0:ngtk7da&fmt=3
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:34 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 roboto_condensed_ext_reg-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 22 KB
22 KB 91ms
0ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_reg-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cf63e82bd1a86cf85c62989cc15541677669740180c62e7855e00a967f18ba06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:34 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: E29DMFM09CRHSR8J
age: 48
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 22464
x-amz-id-2: mQ3EcOT9AgDlC3EiJuJe6gDaI3Z4JJxBI1T31kwN5fGqx82mWiFQaO+zJmVh6hTSaz0x2NZBi3U=
x-served-by: cache-fra-eddf8230058-FRA
last-modified: Thu, 10 Aug 2023 17:07:53 GMT
server: AmazonS3
x-timer: S1700140354.062102,VS0,VE0
etag: "07a9822d47ff9a6f495d0f1c04d185c8"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 roboto_condensed_ext_bold-webfont.woff2
f.kinja-static.com/assets/fonts/roboto-ext/ 22 KB
22 KB 107ms
0ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/roboto-ext/roboto_condensed_ext_bold-webfont.woff2?11012022

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

aa4a10fb18a7cf972ee266856700400200e09d0557441a4aed5adf6f1d4a94a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:34 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: 8H3693CZ3V6HZKB2
age: 92
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 22308
x-amz-id-2: 2pc6FAbZMyuCaK0sYZQymQZMEnSakNqjNTPb+SN38SUj1d4fA831/Ox+RFGNhBPrjkSoo3zPVPw=
x-served-by: cache-fra-eddf8230058-FRA
last-modified: Thu, 10 Aug 2023 17:07:51 GMT
server: AmazonS3
x-timer: S1700140354.065332,VS0,VE0
etag: "5b89baa90ed9f475cc75193a4873c51a"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 libre-baskerville-bold.woff2
f.kinja-static.com/assets/fonts/libre-baskerville/ 18 KB
18 KB 77ms
14ms Font
binary/octet-stream 151.101.66.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://f.kinja-static.com/assets/fonts/libre-baskerville/libre-baskerville-bold.woff2

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:34 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-amz-request-id: BJ233AP0Q6SFTDH9
age: 117
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17984
x-amz-id-2: XR/HBk2AMr0uyJHAuo+rmRUU5pEpASyeEk4Lqo9gn/v4OPoAGyvDrBmdazfl78O2tpxz+cCkZ1ce0BkGqgb76kiX+bqDOAYj
x-served-by: cache-fra-eddf8230058-FRA
last-modified: Wed, 15 Nov 2023 21:53:04 GMT
server: AmazonS3
x-timer: S1700140354.114437,VS0,VE0
etag: "0518781cd45a71291d17ea1febfcc5fe"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 iframe-communication.d153faead67976190b53.js Show response
x.kinja-static.com/assets/new-client/ 3 KB
1 KB 53ms
53ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/iframe-communication.d153faead67976190b53.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9a4a675c58ebdb96761ce6492beb887ce9cc56ad902827c7dca796681647add7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:34 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 557BA0AJMSGFSMER
age: 10
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 1136
x-amz-id-2: nYnjtL3qhLfWzdEFCqoRiS4gBL9io3d7QEE0VqysNlRjH1f437tLFmKLpCY9T8+APVL3SPqq1OQ=
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Wed, 15 Nov 2023 21:52:54 GMT
server: AmazonS3
x-timer: S1700140354.240534,VS0,VE1
etag: "8dc26d93f148352c24e486a521cb6dcb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 next-video-loader.8a22cb6e301f78d7fe09.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
888 B 59ms
59ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/next-video-loader.8a22cb6e301f78d7fe09.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1baccffab1dae5da4fccd3ccafb523b84920e32bf6997653188b940850822746

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:34 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: M010T5SD8MXB9A9A
age: 21
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 690
x-amz-id-2: U9eHAil23o/LHUX4viPYbnaMH8JkSuVOemGQD/+suFaMpOL4slGJ9g/qWoCu6TvRmEEVcDVagV8=
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Mon, 13 Nov 2023 21:57:50 GMT
server: AmazonS3
x-timer: S1700140354.253392,VS0,VE1
etag: "512cb9ed1508f6619899ead1467ffbd8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 adEditorComponent~api-video-meta~curatedPageEditor~getShowBrowserData~in-article-selector~renderRela~7a3e1c31.142c3c06ee76db1d247f.js Show response
x.kinja-static.com/assets/new-client/ 11 KB
3 KB 56ms
55ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/adEditorComponent~api-video-meta~curatedPageEditor~getShowBrowserData~in-article-selector~renderRela~7a3e1c31.142c3c06ee76db1d247f.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c847622dcd394c52fb223db6d11fa9a27587295977083c7062fec6546d2dfd57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:34 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: KJ58QZJ2Y2QRDH01
age: 119
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2413
x-amz-id-2: e192BSV27gIC/Lu/07zOe7rtIsQ1W28U06zKVG7aO9QEDjJneRqqJJxReu2XGCs/rfKZjPXXOeU=
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Mon, 13 Nov 2023 03:04:38 GMT
server: AmazonS3
x-timer: S1700140354.253407,VS0,VE0
etag: "b16f28fc4bffa5c3e5a600f402727582"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_5_8/assets/css/ 60 KB
8 KB 50ms
5ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_5_8/assets/css/cmOsUnit.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-mtime: 1700031478
date: Thu, 16 Nov 2023 13:12:34 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 01ZE3T7XP57151WV
age: 108812
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1700031478
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: k9gB+Y29FuCyJHskv/394eW+LOyrVO+qIGhB9T9SBj9XBZsWz0mtij14fjN8fn2goV1aIx2T/Zg=
x-served-by: cache-fra-eddf8230127-FRA
last-modified: Wed, 15 Nov 2023 06:57:59 GMT
server: AmazonS3-br
x-timer: S1700140355.927831,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 142653

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_5_8/infra/ 604 KB
121 KB 52ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: b87f3aad27cbbca4f420872f410bde6254aa7235d6db390730f1d9f46511dd97

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-mtime: 1700031467
date: Thu, 16 Nov 2023 13:12:34 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 01Z2TXEZZ8JF4AVH
age: 108813
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1700031468
x-amz-meta-mode: 33188
content-length: 123398
x-amz-id-2: NS2Ow4as7ytlYWEYMfJ1Q7B4SNOr19XVQQpMwKelifcyO9+4eIHJ+x74kkTTgqn0EVOjr+aQJUc=
x-served-by: cache-fra-eddf8230107-FRA
last-modified: Wed, 15 Nov 2023 06:57:49 GMT
server: AmazonS3-br
x-timer: S1700140355.927731,VS0,VE0
etag: "e8023cd27890386539e680dcc790152c"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 103841

GET
H2 200 ad-manager-bulbs.c463ea05828bf41db59b.js Show response
x.kinja-static.com/assets/new-client/ 2 KB
1 KB 23ms
22ms Script
application/javascript 151.101.130.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://x.kinja-static.com/assets/new-client/ad-manager-bulbs.c463ea05828bf41db59b.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5e7e337e9b90ce3eae8fb267bbc624428a3d3e24b01f093176ad8790727e9e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:34 GMT
content-encoding: br
x-content-type-options: nosniff
via: 1.1 varnish
x-amz-request-id: 2KMENMTTYTMV974G
age: 98
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 887
x-amz-id-2: Y+xYGdf1sJhjf4fdw4AbziDdxfOmXb+co0UjkyZXeBpFEhFY0AfBgsgSWivHuB/3bUfJvSVD8HA=
x-served-by: cache-fra-eddf8230068-FRA
last-modified: Tue, 24 Oct 2023 22:18:52 GMT
server: AmazonS3
x-timer: S1700140355.948688,VS0,VE0
etag: "32650a844aaef4cb5374896e9bb83f0d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 448ms
57ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=H0irl9fqodTTC&cb=0&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_top-banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:35 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: VXAA72THPKGS44DV9CEQ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: p2dIt6cdz2ouF9eURagy3HG7P-t3mWvJslUcjhintJ-bxITVA4PkAA==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 437 B
672 B 581ms
201ms Fetch
application/json 50.17.157.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-1,ss:%5B970.250,970.90,728.90,1600.350%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.157.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-157-125.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5057e7c6437b7fd8a479a6a5f8204432ce1d61492f7d545881b64eb226733ecb

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 16 Nov 2023 13:12:35 GMT
server: nginx
x-server-name: app07.va.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 429ms
34ms XHR
text/plain 64.233.166.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-223393-1&cid=1205822449.1700140353&jid=637657921&gjid=122118410&_gid=767182962.1700140353&_u=aODACEAAFAAAACAAI~&z=661009164

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.166.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wm-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 16 Nov 2023 13:12:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 429ms
36ms XHR
text/plain 64.233.166.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-142218-33&cid=1205822449.1700140353&jid=1842334589&gjid=33576504&_gid=767182962.1700140353&_u=aODACEABFAAAACAAI~&z=1576389476

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.166.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wm-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 16 Nov 2023 13:12:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 any Show response
idx.liadm.com/idex/ie/ 0
372 B 341ms
109ms XHR
text/plain 3.223.198.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/ie/any

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.223.198.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-223-198-8.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 13:12:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 2
access-control-allow-origin: https://www.theonion.com
cache-control: max-age=3599, private
access-control-allow-credentials: true
trace-id: 73a81a0a3446dab5
expires: Thu, 16 Nov 2023 14:12:35 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
361 B 118ms
27ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 13:12:35 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
422 B 39ms
38ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183957&gdpr=0
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: b5296fef68d7a4342d6de7c3fa0147a5dacfeaf8bdd4bc96a1a780c97bc2a256

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 13:12:35 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sat, 16 Dec 2023 13:12:35 GMT

GET
H2 403 / Show response
id.sv.rkdms.com/identity/ 72 B
232 B 432ms
145ms XHR
application/json 44.214.217.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=GOMEDIA&sv_domain=www.theonion.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183957-47751755686051.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.214.217.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-214-217-0.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 6851edc0fca6eb99fa5fa083c37055fb96b62567bcd4730305e755e4cc0ab82a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 16 Nov 2023 13:12:36 GMT
access-control-allow-credentials: true
server: awselb/2.0
content-length: 72
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 23 B
366 B 310ms
105ms Fetch
application/json 52.29.125.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.125.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-125-157.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9b84462b4c239492c262b25bab26160ec4b36c0619c262d2afb4c3f0920bd399

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 16 Nov 2023 13:12:36 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 48

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 213ms
55ms Fetch
application/json 52.223.6.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.223.6.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8c33d2b6751b365d.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 16 Nov 2023 13:12:35 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 392 B
602 B 570ms
135ms Fetch
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=392270&zone_id=2189722&size_id=2&alt_size_ids=55%2C57&p_pos=atf&us_privacy=1YNY&eid_pubcid.org=29e20573-7e25-4750-a07d-e27a6caf2cc6%5E1&rf=https%3A%2F%2Fwww.theonion.com%2F&kw=TheOnion&tg_v.iab_segments=1-4&tg_i.domain=theonion.com&tg_i.page=https%3A%2F%2Fwww.theonion.com%2F&tg_i.mobile=1&tg_i.pbadslot=%2F4246%2Ffmg.onion%2Ffrontpage%2F1%2Ftop&tk_flint=pbjs_lite_v8.14.0&x_source.tid=07f25b6f-1938-421e-8b71-306b96cfad1b&l_pb_bid_id=6e4a07910e99cd&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=0ad97ec0-656a-40b5-8dc2-0c97261fe725&rp_hard_floor=0.65&rp_maxbids=1&p_gpid=%2F4246%2Ffmg.onion%2Ffrontpage%2F1%2Ftop&slots=1&rand=0.2949763476876468
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0767c37fa8c45e280d450cc458ac003da6fbe2af0cc285bf9037e64072d0a77b

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:36 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 392
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 160ms
26ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 16 Nov 2023 13:12:36 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
195 B 428ms
40ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.14.0&cb=28645074121&lsavail=1

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 16 Nov 2023 13:12:35 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
759 B 206ms
49ms Fetch
application/json 3.67.103.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.14.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500&us_privacy=1YNY

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.67.103.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-67-103-10.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:36 GMT
accept-ch: user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr
x-auction-status: 29
content-type: application/json; charset=utf-8
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 144 B
965 B 179ms
161ms Fetch
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

9e65646a3c13ec6435b0b3d08f6e2e450397131ae37581edbad56ee8df54f898

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:36 GMT
an-x-request-uuid: 56ec9580-af6f-4b3c-9908-8089b036d3bc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.115.237.162; 176.115.237.162; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 144
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 84 B
431 B 239ms
96ms Fetch
application/json 54.171.212.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.171.212.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-212-190.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: a09a1edd2ab15651801f42b35bfbfbdb386346fb5d27b23bf0bd83350a60ed62

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 16 Nov 2023 13:12:36 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84

POST
H2 200 prebid Show response
krk2.kargo.com/api/v1/ 2 B
467 B 214ms
153ms Fetch
application/json 3.64.21.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk2.kargo.com/api/v1/prebid
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.21.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-21-219.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:36 GMT
content-encoding: gzip
x-accel-expires: 0
nbr: 510
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 26
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
545 B 245ms
146ms Fetch
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=727144
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da43b695a27e1338f4afab2f14bb625b2073f9f953b120d20bc85d1d208493c4

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDEVzS1TbhDEZg6Ry9HoYOVHk51Bkd74LpBha64JTKkXhQVPa6mTzi7ydh9KY6%2BahGbkQFyRZZqT072nFYiclAN8JZ5CT6hQqZTvG0JZOCt8mULSe4AlJOALWtq91sWt24YxqAep"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 826ffc8a3d9d048b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
607 B 100ms
10ms Fetch
application/json 13.32.99.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-59.fra60.r.cloudfront.net
Software: /
Resource Hash: a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 17:34:23 GMT
via: 1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront), 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 70693
x-amzn-requestid: 134bb565-b3e2-4f64-922e-c02ee6936041
x-amzn-trace-id: Root=1-6555011f-2e4ce1d03609dbfb5f278b71;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: Oc0c5EDoDoEEhQg=
content-length: 30
x-amz-cf-id: irTmIfLqcUask5nKvN9pSFFQ62aDYs1yknd6Sh0WpR0x9Etacn8b0g==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 467ms
38ms Image
image/gif 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-142218-33&cid=1205822449.1700140353&jid=1842334589&_u=aODACEABFAAAACAAI~&z=345319319

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 468ms
39ms Image
image/gif 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-142218-33&cid=1205822449.1700140353&jid=1842334589&_u=aODACEABFAAAACAAI~&z=345319319

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 216 KB
71 KB 30ms
29ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T73GPNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2811661dd19026ddb374675e0440f67f8d78cf01baaf930bc7e1975fbd88334e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72260
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Nov 2023 13:12:36 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 386ms
118ms Image
image/gif 34.193.198.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=theonion.com&p=%2F&u=D6AJiiCWVk0XDKzjOi&d=theonion.com&g=3012&g0=www.theonion.com&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=7064&o=4000&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.theonion.com%2F&b=9609&t=DoSG4b8MIeKCGCf4jik5XKCTtzKK&V=141&i=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&tz=-60&sn=1&sv=3EJKJBkmhCIxURg8Ct9tn7BESJh5&sd=1&im=067b2ff3&_
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.198.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-198-225.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 16 Nov 2023 13:12:37 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
12 KB 661ms
661ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1927740857388465&correlator=3807926411146239&eid=31079660%2C31079666%2C44807410%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90%7C1600x350&ifi=1&didk=1378598719&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700140356964&lmt=1700140356&adxs=1515&adys=334&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theonion.com%2F&vis=1&psz=4000x351&msz=4000x351&fws=1028&ohw=4000&ga_vid=1205822449.1700140353&ga_sid=1700140357&ga_hid=630657696&ga_fc=true&dlt=1700140347398&idt=7498&ppid=29e20573-7e25-4750-a07d-e27a6caf2cc6&prev_scp=article_position%3Dnone%26pos%3Dtop%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dtop-01%26amznbid%3D2%26amznp%3D2&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage%26amznbid%3D0%26amznp%3D0&adks=180257879&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8985f63e122285e2fb6f390c5b726adbb99a2bcc238f41208d6e7fcd88d3b493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11906
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5f02800fe5536f1d34b9fa042638b4e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 03E3 6 KB
3 KB 498ms
56ms Document
text/html 142.250.185.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5f02800fe5536f1d34b9fa042638b4e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 13:12:37 GMT
expires: Fri, 15 Nov 2024 13:12:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/ 427 KB
80 KB 24ms
23ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f173ffc3d40264f06e43fcda7beece82038701518b76317b5a3e94ccb6f1a19d

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-mtime: 1700123877
date: Thu, 16 Nov 2023 13:12:37 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: TM6A5JR15KMRX4A9
age: 16441
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1700123890
x-amz-meta-mode: 33188
content-length: 81612
x-amz-id-2: WWxa5Yx6lYIC1hyCK1wBgSijKv3fJvw5DqBFGdy/3sBBnytkWsmbSBGlIc9sKVFHPXnxfssdpCw=
x-served-by: cache-fra-eddf8230107-FRA
last-modified: Thu, 16 Nov 2023 08:38:11 GMT
server: AmazonS3-br
x-timer: S1700140357.454023,VS0,VE0
etag: "3d881848170c7ab7d2916771d7b9012f"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 25622

GET
H2 200 sync Show response
ch-match.taboola.com/ Frame F5BC 439 B
524 B 432ms
416ms Document
text/html 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-match.taboola.com/sync?dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 9cd629e5aee4b3629b21ff07f3db2039eb4463f13b80517447e0c36b628c39e9

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 16 Nov 2023 13:12:37 GMT
machineid: 3802
server: nginx

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 1069ms
348ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 13:12:38 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
904 B 756ms
37ms Image
image/gif 104.26.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 541905
x-guploader-uploadid: ABPtcPqwrJ3LrgosBKTU_79B4X4Z_eWS1OiZqQ84AfRpoEA-rd5sICvevPFHFqhQumd6-MtpuPJbZbbfpw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5ywLQbdtSSN7ahIARXL7tc0I4Upnn12UIz6WR99oSUrt5ty9btbVwbPD1r4ONznjCC6nR%2B9Luhgh%2BWs7ZBALOvNsWzfcprinuFkPWnPyX2V838J2V3l4KgG8y1BQgYAKg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 826ffc97c87171d0-FRA
expires: Fri, 10 Nov 2023 07:38:02 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 953ms
235ms Image
image/x-icon 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 19:27:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 Nov 2023 19:27:28 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
327 B 755ms
38ms Image
image/gif 104.26.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.13346050522926278
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 541905
x-guploader-uploadid: ABPtcPqwrJ3LrgosBKTU_79B4X4Z_eWS1OiZqQ84AfRpoEA-rd5sICvevPFHFqhQumd6-MtpuPJbZbbfpw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cr3fRAE%2FVsMH68lpSoPPPv93m2czxTIxhVhy5LgKbpxOTfMEEa%2B3f%2BWjrMY9DHox1QqusFCnWLiCAIY6a7T2LmdQYhdoHdYBG0%2BbL3WbV1%2FQBUdHD9j2vcdfzW9TisMpFA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 826ffc97c87271d0-FRA
expires: Fri, 10 Nov 2023 07:38:02 GMT

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 283ms
279ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.theonion.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Thu, 16 Nov 2023 13:12:37 GMT
via: 1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: WAW51-P3
age: 4591703
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230127-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1700140358.958923,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits: 720557

GET
H2 200 timeout
krk2.kargo.com/api/v1/event/ 0
170 B 245ms
243ms Image
text/plain 3.64.21.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://krk2.kargo.com/api/v1/event/timeout?aid=07f25b6f-1938-421e-8b71-306b96cfad1b&ato=1500
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.21.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-21-219.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:37 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-accel-expires: 0
content-length: 0
vary: Origin
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 629ms
32ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Nov 2023 13:12:38 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 193ms
193ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=H0irl9fqodTTC&cb=1&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-6%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:37 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: T2DPVJQVEEVM09E3RD7K
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 8-n4QcltCnvWg7psAHajRex3r3t5cbdgJN8q7f3Ik9gLYi8tExPaxQ==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 437 B
671 B 441ms
440ms Fetch
application/json 50.17.157.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-6,ss:%5B970.250,728.90,1600.350%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.157.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-157-125.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4f64e0003a14ce8f0964bb33696df67b38153ceb33e2011be12bc89ff5690c8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 16 Nov 2023 13:12:38 GMT
server: nginx
x-server-name: app12.va.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 164ms
163ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=H0irl9fqodTTC&cb=2&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-8%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:37 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: WTG75173HBEQT03W3GAV
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: qJXnaF4aWUf173-XhvZwpa6G-QW87XFzHr2Ry7MO1CQjk24xdKxcFw==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 437 B
671 B 236ms
236ms Fetch
application/json 50.17.157.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-8,ss:%5B970.250,728.90,1600.350%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.157.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-157-125.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e91bb497b2ffb2dfef22a7f3e1da4899128a4774c387e4025d3a9a32b7ab2682

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 16 Nov 2023 13:12:38 GMT
server: nginx
x-server-name: app25.va.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 125ms
124ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=H0irl9fqodTTC&cb=3&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-11%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_mid_banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:37 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: DK4DNEG2YH1A0NJF4YXR
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: _cP68bxnyDoaYMayz91mmc2TES_JqCduGffzBrk-PXkl5zPAafcx9Q==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 438 B
672 B 182ms
182ms Fetch
application/json 50.17.157.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-11,ss:%5B970.250,728.90,1600.350%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.157.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-157-125.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ff5c92f877a800990a3cd2e72a24258df2a78fc25677e49e54044066478f6a36

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 16 Nov 2023 13:12:38 GMT
server: nginx
x-server-name: app16.va.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

POST hb-multi
hb.yellowblue.io/ 0
0

POST prebid
krk2.kargo.com/api/v1/ 0
0

POST auction
tlx.3lift.com/header/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

POST cdb
bidder.criteo.com/ 0
0

POST gomedia
direct.adsrvr.org/bid/bidder/ 0
0

POST hbjson
grid.bidswitch.net/ 0
0

POST translator
hbopenbid.pubmatic.com/ 0
0

POST hbjson
grid.bidswitch.net/ 0
0

POST cdb
bidder.criteo.com/ 0
0

POST gomedia
direct.adsrvr.org/bid/bidder/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

POST auction
tlx.3lift.com/header/ 0
0

POST hb-multi
hb.yellowblue.io/ 0
0

POST
H2 200 prebid
krk2.kargo.com/api/v1/ 0
0 185ms
118ms Fetch
application/json 3.64.21.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk2.kargo.com/api/v1/prebid
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.21.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-21-219.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:38 GMT
content-encoding: gzip
x-accel-expires: 0
nbr: 510
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 26
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 82ms
16ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 16 Nov 2023 13:12:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 149ms
51ms Fetch
application/json 52.223.6.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.223.6.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8c33d2b6751b365d.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 16 Nov 2023 13:12:38 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

POST
H2 200 hb-multi
hb.yellowblue.io/ 0
0 142ms
106ms Fetch
application/json 54.171.212.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.171.212.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-212-190.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 16 Nov 2023 13:12:38 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 39
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84

POST
H2 200 prebid
krk2.kargo.com/api/v1/ 0
0 129ms
111ms Fetch
application/json 3.64.21.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk2.kargo.com/api/v1/prebid
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.21.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-21-219.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:38 GMT
content-encoding: gzip
x-accel-expires: 0
nbr: 510
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 26
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 prebid
ib.adnxs.com/ut/v3/ 0
0 393ms
376ms Fetch
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:38 GMT
an-x-request-uuid: c7a88b8c-1e9c-4603-88c1-190a30fe2b13
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.115.237.162; 176.115.237.162; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 144
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 48ms
34ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 16 Nov 2023 13:12:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction
tlx.3lift.com/header/ 0
0 44ms
34ms Fetch
application/json 3.67.103.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.14.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500&us_privacy=1YNY

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.67.103.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-67-103-10.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:38 GMT
accept-ch: sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
x-auction-status: 29
content-type: application/json; charset=utf-8
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 51ms
47ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.14.0&cb=40503568737&lsavail=1

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 16 Nov 2023 13:12:38 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK hbjson
grid.bidswitch.net/ 0
0 167ms
102ms Fetch
application/json 52.29.125.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.125.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-125-157.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 16 Nov 2023 13:12:38 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

GET
H2 200 b-bf5d88b-e39b48ad.js Show response
tagan.adlightning.com/gomedia/ Frame 418C 79 KB
30 KB 76ms
69ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 097e3794f40de018fe07cdfcb077b0ca460a0a21cb5e7f2bf01c3140cd44626f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 17:51:06 GMT
content-encoding: gzip
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-version-id: 7TdMa5ZTrejk0RTm9Hmgf19U7DPsSxmr
x-amz-cf-pop: FRA60-P4
age: 4735294
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29744
x-amz-meta-git_commit: bf5d88b
last-modified: Fri, 22 Sep 2023 17:50:53 GMT
server: AmazonS3
etag: "bfac72eb6cd68b280a12244a077daf10"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: qGGnoUifHPHENL3TQeYni9ObfT-_PTkDx7jhrcpbWFCRqxXRZTXeTw==

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F5BC 70 B
148 B 52ms
51ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:40 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame F5BC
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc?gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-9Z5_ZN1E2oRJ1VXuVjjj7YXZUjZNXqTz1mQJUA--~A

0
373 B

86ms
82ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-9Z5_ZN1E2oRJ1VXuVjjj7YXZUjZNXqTz1mQJUA--~A
Requested by: Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:40 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8602

Redirect headers

date: Thu, 16 Nov 2023 13:12:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-9Z5_ZN1E2oRJ1VXuVjjj7YXZUjZNXqTz1mQJUA--~A
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame F5BC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-_DGpPgBE2uEHqj92bfOd2xFUvYjHFhjP~A&gdpr_in_effect=0

0
373 B

65ms
45ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-_DGpPgBE2uEHqj92bfOd2xFUvYjHFhjP~A&gdpr_in_effect=0
Requested by: Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:40 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8556

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-_DGpPgBE2uEHqj92bfOd2xFUvYjHFhjP~A&gdpr_in_effect=0
date: Thu, 16 Nov 2023 13:12:40 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H2 204 perf Show response
ch-trc-events.taboola.com/gomedia1-theonion/log/3/ 0
523 B 141ms
125ms XHR
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-trc-events.taboola.com/gomedia1-theonion/log/3/perf?tvi48=10637&tvi50=12261&route=US%3ACH%3AV&lti=test_impl_blocked_send_event_var
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.theonion.com
pragma: no-cache
date: Thu, 16 Nov 2023 13:12:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 country Show response
api.btloader.com/ 16 B
141 B 167ms
161ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:40 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
18 KB 290ms
289ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1927740857388465&correlator=3807926411146239&eid=31079660%2C31079666%2C44807410%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x350&ifi=2&didk=1378598708&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D22a8d5721722f8f4%3AT%3D1700140356%3ART%3D1700140356%3AS%3DALNI_MZBvwtlRPp6UswWjdbwacIq0nxy3Q&gpic=UID%3D00000cc9e99cd105%3AT%3D1700140356%3ART%3D1700140356%3AS%3DALNI_MY5UN5vXexrioTprAWBozezYt56dw&abxe=1&dt=1700140360175&lmt=1700140360&adxs=1200&adys=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theonion.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=1028&ohw=4000&ga_vid=1205822449.1700140353&ga_sid=1700140357&ga_hid=630657696&ga_fc=true&dlt=1700140347398&idt=7498&ppid=29e20573-7e25-4750-a07d-e27a6caf2cc6&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-01%26amznbid%3D2%26amznp%3D2&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&adks=1031481273&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c2fb0e601bf0c51f72e1b9d6391da1b4490e833fb162ab7a938957a73c0be34b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18480
x-xss-protection: 0
google-lineitem-id: 6376910866
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138446248708
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 381 B
220 B 276ms
213ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1927740857388465&correlator=3807926411146239&eid=31079660%2C31079666%2C44807410%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x350&ifi=3&didk=1378598710&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D22a8d5721722f8f4%3AT%3D1700140356%3ART%3D1700140356%3AS%3DALNI_MZBvwtlRPp6UswWjdbwacIq0nxy3Q&gpic=UID%3D00000cc9e99cd105%3AT%3D1700140356%3ART%3D1700140356%3AS%3DALNI_MY5UN5vXexrioTprAWBozezYt56dw&abxe=1&dt=1700140360289&lmt=1700140360&adxs=1200&adys=2019&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theonion.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=1028&ohw=4000&ga_vid=1205822449.1700140353&ga_sid=1700140357&ga_hid=630657696&ga_fc=true&dlt=1700140347398&idt=7498&ppid=29e20573-7e25-4750-a07d-e27a6caf2cc6&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-02%26amznbid%3D2%26amznp%3D2&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&adks=868566020&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0c9a48f3f7c6647aa1c21b22a132021bb73de219dc64ddbcb631f83b121f9597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 381 B
208 B 334ms
323ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1927740857388465&correlator=3807926411146239&eid=31079660%2C31079666%2C44807410%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C1600x350&ifi=4&didk=136931551&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D22a8d5721722f8f4%3AT%3D1700140356%3ART%3D1700140356%3AS%3DALNI_MZBvwtlRPp6UswWjdbwacIq0nxy3Q&gpic=UID%3D00000cc9e99cd105%3AT%3D1700140356%3ART%3D1700140356%3AS%3DALNI_MY5UN5vXexrioTprAWBozezYt56dw&abxe=1&dt=1700140360395&lmt=1700140360&adxs=1200&adys=2909&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theonion.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=1028&ohw=4000&ga_vid=1205822449.1700140353&ga_sid=1700140357&ga_hid=630657696&ga_fc=true&dlt=1700140347398&idt=7498&ppid=29e20573-7e25-4750-a07d-e27a6caf2cc6&prev_scp=article_position%3Dnone%26pos%3Dmid_banner%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dmid_banner-03%26amznbid%3D2%26amznp%3D2&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&adks=4125576778&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8ffd927e988041d296f69063e17c3011b78514e2878734034ad818bbe9c7b323

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 timeout
krk2.kargo.com/api/v1/event/ 0
170 B 45ms
36ms Image
text/plain 3.64.21.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://krk2.kargo.com/api/v1/event/timeout?aid=04917104-767b-42de-9075-6f1dd897bde6&ato=1500
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.21.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-21-219.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:40 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-accel-expires: 0
content-length: 0
vary: Origin
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 timeout
krk2.kargo.com/api/v1/event/ 0
170 B 25ms
14ms Image
text/plain 3.64.21.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://krk2.kargo.com/api/v1/event/timeout?aid=b5ed9c37-b6b7-4944-baed-7f20943cc24c&ato=1500
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.21.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-21-219.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:40 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-accel-expires: 0
content-length: 0
vary: Origin
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 54ms
32ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDJDW37&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8939dd29d4e1758e442e3e23027074185e2dd96639102dda62ac1546a172ac18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78862
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 13:12:40 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
10 KB 72ms
11ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1610
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 556b62129d954b0d5b92c4f286ec0234774ac6d41353a3c84f8349fa94d88cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 12:53:16 GMT
via: 1.1 google
content-encoding: br
age: 1164
x-guploader-uploadid: ABPtcPr4dpeCbgiIf5pJQnhsV6I6_Qob84n8289tmWV4nQgrYusqlzyNQ4BTlTQeWfCs_sojXirRnWEHOzbNKcZUGoxsdouoj-mX
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10209
last-modified: Fri, 12 May 2023 18:40:12 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1683916812364920
x-goog-hash: crc32c=mZ+Z9w==, md5=kd+C792N6TsjSfrrJlopCg==
content-type: application/javascript
cache-id: FRA-1209ea83
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: bytes

GET
H2 200 gomedia_015a5_the_onion.js Show response
cdn-magiclinks.trackonomics.net/client/static/v2/ 95 KB
28 KB 431ms
40ms Script
text/javascript 18.239.18.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-69.ams58.r.cloudfront.net
Software: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash: 5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 22:44:32 GMT
content-encoding: gzip
via: 1.1 41fcd719412f2befdcf66654c7db4572.cloudfront.net (CloudFront)
last-modified: Thu, 23 Jun 2022 11:07:33 GMT
server: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
x-amz-cf-pop: AMS58-P6
age: 52202
etag: W/"17c61-5e21b75e9e639"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-id: DeVJx4_qj-ksBJXWcf9PGvK60Hubh7kDD6sNEP0IPoneUq2B3UUAEw==

GET
H2 200 timeout
krk2.kargo.com/api/v1/event/ 0
170 B 12ms
12ms Image
text/plain 3.64.21.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://krk2.kargo.com/api/v1/event/timeout?aid=9d3da787-fdcf-4013-bddc-0aed03abe78d&ato=1500
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.21.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-21-219.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:40 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
x-accel-expires: 0
content-length: 0
vary: Origin
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 125ms
124ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=lBdq9UfLnI&w=5197056576585728&o=5726495427264512&cv=2.1.23-7-g7ca04d5&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.theonion.com%2F&sid=zwpFpD36al&pm=true&upapi=true
Requested by: Host: kinja-com.videoplayerhub.com
URL: https://kinja-com.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 13:12:40 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

POST
H2 200 place
gomedia-tagan.adlightning.com/ Frame 418C 0
446 B 127ms
25ms Ping
image/gif 13.227.219.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gomedia-tagan.adlightning.com/place?p=0&d=eyJzaXRlSWQiOiJnb21lZGlhIiwidXJsIjoiaHR0cHM6Ly93d3cudGhlb25pb24uY29tLyIsImFkVW5pdCI6Ii80MjQ2L2ZtZy5vbmlvbi9mcm9udHBhZ2VfMCIsImFkU2VydmVyRGV0YWlscyI6eyJhZHZlcnRpc2VySWQiOiIxMzYzOTg5OCIsImNhbXBhaWduSWQiOiIyMjA0OTcyNTIzIiwiY3JlYXRpdmVJZCI6IjEzODIyMDA1MjQ5NCIsImxpbmVpdGVtSWQiOiI0NTE5NDk1NjU3IiwiYWRTZXJ2ZXIiOiJkZnAiLCJ5aWVsZEdyb3VwSWRzIjpbNzMxMTJdfSwid2lkdGgiOjE2MDAsImhlaWdodCI6MzUwLCJ3diI6IjEuMC4wK2JmNWQ4OGIiLCJidiI6ImJsLTM0ZGYyMTItNGZjZGRkYjI7Yi1iZjVkODhiLWUzOWI0OGFkIiwibWV0YSI6eyJibG9ja2VkSW5mbyI6eyJyZWZyZXNoZWRDb3VudCI6MCwiYmxvY2tlZENvdW50IjowLCJoZWF2eUFkQmxvY2tlZENvdW50IjowLCJoZWF2eUFkUmVmcmVzaGVkQ291bnQiOjB9LCJwbFJhdGlvIjowLjAxfSwidGFnTWFya3VwIjoiPGh0bWwgYW1wNGFkcz1cIlwiIGNsYXNzPVwiaS1hbXBodG1sLWluYWJveFwiIGktYW1waHRtbC1sYXlvdXQ9XCJcIiBpLWFtcGh0bWwtbm8tYm9pbGVycGxhdGU9XCJcIj48aGVhZD48c2NyaXB0IHNyYz1cImh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL2dvbWVkaWEvYi1iZjVkODhiLWUzOWI0OGFkLmpzXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PjxzY3JpcHQ%2Bd2luZG93W1wiNDQ4NDA3ODVfZ29tZWRpYVwiXSA9IHdpbmRvd1tcIjQ0ODQwNzg1X2dvbWVkaWFcIl0gfHwge307d2luZG93W1wiNDQ4NDA3ODVfZ29tZWRpYVwiXS50YWdEZXRhaWxzID0gd2luZG93W1wiNDQ4NDA3ODVfZ29tZWRpYVwiXS50YWdEZXRhaWxzIHx8IHtcInNpdGVJZFwiOlwiZ29tZWRpYVwiLFwid3ZcIjpcIjEuMC4wK2JmNWQ4OGJcIixcImJsdlwiOlwiYmwtMzRkZjIxMi00ZmNkZGRiMlwiLFwiYnZcIjpcImItYmY1ZDg4Yi1lMzliNDhhZFwiLFwidG9wRG9tYWluXCI6XCJodHRwczovL3d3dy50aGVvbmlvbi5jb20vXCIsXCJjdXJyZW50VGFnSWRcIjpcImFkbHRhZ19scDE3bzhmdF9LTUI2ZXRQMzE5QVwiLFwiYXVcIjpcIi80MjQ2L2ZtZy5vbmlvbi9mcm9udHBhZ2VfMFwiLFwic2xvdEVsZW1lbnRJZFwiOlwiZGZwLWFkLTFcIixcInJlZnJlc2hlc1JlbWFpbmluZ1wiOjIsXCJibG9ja2VkQ291bnRcIjowLFwiaGVhdnlBZFJlZnJlc2hlc1JlbWFpbmluZ1wiOjIsXCJoZWF2eUFkQmxvY2tlZENvdW50XCI6MCxcImFkU2VydmVyRGV0YWlsc1wiOntcImFkdmVydGlzZXJJZFwiOlwiMTM2Mzk4OThcIixcImNhbXBhaWduSWRcIjpcIjIyMDQ5NzI1MjNcIixcImNyZWF0aXZlSWRcIjpcIjEzODIyMDA1MjQ5NFwiLFwibGluZWl0ZW1JZFwiOlwiNDUxOTQ5NTY1N1wiLFwiYWRTZXJ2ZXJcIjpcImRmcFwiLFwieWllbGRHcm91cElkc1wiOls3MzExMl19LFwid1wiOjE2MDAsXCJoXCI6MzUwLFwiYWRTbG90U2l6ZVwiOntcIndpZHRoXCI6NDAwMCxcImhlaWdodFwiOjM1MX0sXCJhZFVuaXRTaXplXCI6e1wid2lkdGhcIjo5NzAsXCJoZWlnaHRcIjoyNTB9LFwiYWRJZnJhbWVTaXplXCI6e1wid2lkdGhcIjo5NzAsXCJoZWlnaHRcIjoyNTB9fTt3aW5kb3cuYmxvY2tlciAmJiBibG9ja2VyKFwiNDQ4NDA3ODVfZ29tZWRpYVwiLCBcIjwhLS1BRExfV1JBUFBFRC0tPlwiLCBmYWxzZSwgd2luZG93LCB7fSk7PC9zY3JpcHQ%2BPC9oZWFkPjwvaHRtbD48IS0tIElGUkFNRSBJTk5FUiBDT05URU5UIC0tPiJ9&i=1-1&t=adltag_lp17o8ft_KMB6etP319A&r=b5dcad22f662e26a81f8710a690f0be&c=gomedia&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-26.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: JMp5ooK.bLI0bHKiicbtT15yvD3ZR5I9
date: Thu, 16 Nov 2023 08:11:41 GMT
via: 1.1 76fb21fcb70866221c67558e2f776540.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 24497
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Fri, 28 Oct 2022 01:30:44 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: p-5M9w0q41iqEbqPI_C6rAHrB09XeRZ1O2F84PhbYwMrJNEEpPaFwA==

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 418C 196 KB
56 KB 440ms
70ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 Nov 2023 02:37:57 GMT
age: 556484
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Nov 2024 02:37:57 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 418C 15 KB
5 KB 522ms
155ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 14 Nov 2023 05:14:53 GMT
age: 201468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 13 Nov 2024 05:14:53 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 418C 95 KB
29 KB 514ms
150ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 Nov 2023 03:53:12 GMT
age: 551969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Nov 2024 03:53:12 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 418C 5 KB
2 KB 505ms
142ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 Nov 2023 01:14:32 GMT
age: 561489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Nov 2024 01:14:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 418C 40 KB
13 KB 473ms
114ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Nov 2023 14:54:32 GMT
age: 598689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 08 Nov 2024 14:54:32 GMT

GET
H2 200 15960124689414866797
tpc.googlesyndication.com/simgad/ Frame 418C 47 KB
48 KB 444ms
76ms Image
image/jpeg 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15960124689414866797?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlCoX1kGrzfnp-hgP7G7v3vpEa7WA

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

86c953ac4bc245c7f8e03237042119422ccc6d9351bdcda4dcbbea3f6157612e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:16:14 GMT
x-content-type-options: nosniff
age: 579387
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48571
x-xss-protection: 0
last-modified: Thu, 12 Sep 2019 09:34:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Nov 2024 20:16:14 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 418C 2 KB
3 KB 429ms
63ms Image
image/png 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 17:17:56 GMT
x-content-type-options: nosniff
server: cafe
age: 71685
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 16 Nov 2023 17:17:56 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 418C 295 B
665 B 427ms
62ms Image
image/png 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:36:38 GMT
x-content-type-options: nosniff
server: cafe
age: 56163
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 16 Nov 2023 21:36:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 418C 0
0 34ms
25ms Image
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRdpQ8pjjZo5OWCLduC14Mcq0mo6d8GIv1nnSfpLmHOQYau9Ghdxd6Bn_mt74UFXD6AtfBhuAJTwDbs302o1BwSf5MUXg
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra02s19-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 418C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d437f811b0185365b6edf389f26a5540edab57d9190a7ca55a1c42375bd30a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 563ms
0ms XHR
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Nov 2023 13:12:42 GMT

GET
H2 200 sync
eb2.3lift.com/ 37 B
139 B 16ms
15ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sync?px=1&src=prebid&us_privacy=1YNY&
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 usersync
match.adsrvr.org/track/ 70 B
148 B 40ms
39ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/usersync?us_privacy=1YNY&gdpr=0&gdpr_consent=undefined&ust=image
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:41 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=161204&us_privacy=1YNY
https://image8.pubmatic.com/AdServer/ImgSync?p=161204&us_privacy=1YNY&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTVGQTAzQjQtOTEyRS00MUE3LUJFQkEtODA0MjA4MTBCQjc2&gdpr=-1&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

0
216 B

15ms
14ms

Image
text/plain

198.47.127.18
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date: Thu, 16 Nov 2023 13:12:40 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

ZVYVSTnFo10yixbuc6ABogAADOwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=1YNY
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=727144&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=1YNY&C=1
https://pr-bh.ybp.yahoo.com/sync/casale/ZVYVSTnFo10yixbuc6ABogAADOwAAAAB?gdpr_consent=&us_privacy=1YNY&gdpr=&gpp=&gpp_sid=

43 B
603 B

50ms
41ms

Image
image/gif

63.35.77.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZVYVSTnFo10yixbuc6ABogAADOwAAAAB?gdpr_consent=&us_privacy=1YNY&gdpr=&gpp=&gpp_sid=

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Server

63.35.77.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-77-76.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:42 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYC2EuqdPPOmlQsxdxgOvs40QZ3ZtrcHEZ4unDIWD2xanR8pCHr1LMlZO4Daj7IA9yhUvjP6M39%2F5xYvFOV5HIzO%2Bq8sKt8c7rx0fhyCv0NtEvpq96JQ%2BW%2BVWzoGSM7HnPMMoO63"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://pr-bh.ybp.yahoo.com/sync/casale/ZVYVSTnFo10yixbuc6ABogAADOwAAAAB?gdpr_consent=&us_privacy=1YNY&gdpr=&gpp=&gpp_sid=
cache-control: no-cache
cf-ray: 826ffcafbe52048b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3C8E 0
0 106ms
50ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCo3QDHB8K1_e8vJ9qCx3TqsWBHhHzNQvxIlWB7Rw3UmiSOhe0L8_mWGnsCQvt2AAFeO_FKRUtrWuPal9XChG7P6mvOTQUm5a8cqUn4SWSqcSFaRVoI5P6G7DhLZzr1-a2vFltVVw88PnALqXbBWWEe6OaJUQtgBzuci-7V7CRDD4bAUcgk7upE55KxZY0KGfSUEWoZXRNoVLD8fgEIvcM8pVKYWOUwXOkIIsXFW8laG5yU7pWtDJwmyZ5OOLMrHwY07sUhtCyElrhzAK8G6hEfr0jXihU2AcrVbJnyHqA6sPA-yvUcmqdU0oD5qyMjlUnzo-14evNtGZjdUy-QlHBqlrZHGVCkmcTQRpULkqF87_0&sai=AMfl-YT93Nyvsj5bFr8VyZxHuvoTqC_6YfqD9HHOcKHIJB8EAt2chuuKCvMqU0jHvWMJrl0Ltejz8p8ieKBCyyMAxc4rW5i6r-DBsYd0M8eShEx37DCgGDO_1YEnTto0z-6vW8IokHGQGmZUxm6wGgHqbA&sig=Cg0ArKJSzHG_4SQz85mAEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 b-bf5d88b-e39b48ad.js Show response
tagan.adlightning.com/gomedia/ Frame 3C8E 79 KB
30 KB 68ms
4ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 097e3794f40de018fe07cdfcb077b0ca460a0a21cb5e7f2bf01c3140cd44626f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 17:51:06 GMT
content-encoding: gzip
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-version-id: 7TdMa5ZTrejk0RTm9Hmgf19U7DPsSxmr
x-amz-cf-pop: FRA60-P4
age: 4735297
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29744
x-amz-meta-git_commit: bf5d88b
last-modified: Fri, 22 Sep 2023 17:50:53 GMT
server: AmazonS3
etag: "bfac72eb6cd68b280a12244a077daf10"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: UaCNocMHehLTvdEDO3Ca8b_UIZG48bQT0auwFPPlaNFIwUL0gYPuUw==

GET
H2 200 css2
fonts.googleapis.com/ Frame 3C8E 4 KB
1 KB 2681ms
35ms Stylesheet
text/css 172.217.23.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre+Baskerville:wght@400;700&family=Roboto+Condensed&display=swap

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f10.1e100.net

Software

ESF /

Resource Hash

7ebb7985c2f23fdcbe1fad1337acf9194a8ead73b69664fd5e2a54346f8d30ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 13:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 13:12:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 13:12:44 GMT

GET
H2 200 kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcC-wLOj.woff2
fonts.gstatic.com/s/librebaskerville/v14/ Frame 3C8E 18 KB
18 KB 434ms
21ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcC-wLOj.woff2

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

546db554b9a7c8dab36a67ca582d98882c575957bd515a4bc1e00563bc0b46d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:31:31 GMT
x-content-type-options: nosniff
age: 45671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17920
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:47:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 00:31:31 GMT

GET
H2 200 kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxMaC82U.woff2
fonts.gstatic.com/s/librebaskerville/v14/ Frame 3C8E 17 KB
18 KB 426ms
13ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxMaC82U.woff2

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

dbcc0e48671e24477635ad90429f23e1dc948d3726b0a9487e79ce8e1a9112d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:50:35 GMT
x-content-type-options: nosniff
age: 584527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17404
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:09:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 18:50:35 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 3C8E 11 KB
11 KB 430ms
17ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

8c40f530a22a982117388d12fd3d0cd3ef96762aed2cde710b086d6c34e7912d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 07:55:48 GMT
x-content-type-options: nosniff
age: 451014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10988
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 07:55:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C8E 203 KB
64 KB 2681ms
36ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 13:12:44 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 3C8E 9 KB
4 KB 2681ms
37ms Script
application/javascript 2.16.238.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&seltag=1&sadv=4920965234&ord=3248573455&litm=6376910866&scrt=138446248708&unit=1600x350&splc=152253218&adu=22405397127&adsrv=104&btreg=6376910866138446248708&btadsrv=6376910866138446248708&cb=2039925071&region=70dvtagver=6.1.src
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-14.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 8ab43ef523c52e830a7706ae32581ae882ebe14920d3e88ee191ac6aea78c401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 13:12:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:21:20 GMT
Server: UploadServer
ETag: "4fd30d56128c4e7705e200cd98cfb057"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3639
Expires: Thu, 16 Nov 2023 13:27:44 GMT

POST
H2 200 place
gomedia-tagan.adlightning.com/ Frame 418C 0
446 B 22ms
19ms Ping
image/gif 13.227.219.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gomedia-tagan.adlightning.com/place?p=1&d=eyJzaXRlSWQiOiJnb21lZGlhIiwidXJsIjoiaHR0cHM6Ly93d3cudGhlb25pb24uY29tLyIsImFkVW5pdCI6Ii80MjQ2L2ZtZy5vbmlvbi9mcm9udHBhZ2VfMCIsImFkU2VydmVyRGV0YWlscyI6eyJhZHZlcnRpc2VySWQiOiIxMzYzOTg5OCIsImNhbXBhaWduSWQiOiIyMjA0OTcyNTIzIiwiY3JlYXRpdmVJZCI6IjEzODIyMDA1MjQ5NCIsImxpbmVpdGVtSWQiOiI0NTE5NDk1NjU3IiwiYWRTZXJ2ZXIiOiJkZnAiLCJ5aWVsZEdyb3VwSWRzIjpbNzMxMTJdfSwid2lkdGgiOjE2MDAsImhlaWdodCI6MzUwLCJ3diI6IjEuMC4wK2JmNWQ4OGIiLCJidiI6ImJsLTM0ZGYyMTItNGZjZGRkYjI7Yi1iZjVkODhiLWUzOWI0OGFkIiwibWV0YSI6eyJibG9ja2VkSW5mbyI6eyJyZWZyZXNoZWRDb3VudCI6MCwiYmxvY2tlZENvdW50IjowLCJoZWF2eUFkQmxvY2tlZENvdW50IjowLCJoZWF2eUFkUmVmcmVzaGVkQ291bnQiOjB9LCJhZFJlc291cmNlcyI6eyJhZEltYWdlcyI6WyI8aW1nIGFsdD1cIlwiIGNsYXNzPVwiaS1hbXBodG1sLWZpbGwtY29udGVudCBpLWFtcGh0bWwtcmVwbGFjZWQtY29udGVudFwiIGRlY29kaW5nPVwiYXN5bmNcIiBzcmM9XCJodHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vc2ltZ2FkLzE1OTYwMTI0Njg5NDE0ODY2Nzk3P3NxcD00c3FQeVFRN1Fqa3FOeEFCSFFBQXRFSWdBU2dCTUFrNEEwRHdrd2xZQVdCZmNBS0FBUUdJQVFHZEFRQUFnRC1vQVFHd0FZQ3Q0Z1M0QVZfRkFTMnluVDQmYW1wO3JzPUFPZ2E0cWxDb1gxa0dyemZucC1oZ1A3Rzd2M3ZwRWE3V0FcIj4iLCI8aW1nIGNsYXNzPVwiaS1hbXBodG1sLWZpbGwtY29udGVudCBpLWFtcGh0bWwtcmVwbGFjZWQtY29udGVudFwiIGRlY29kaW5nPVwiYXN5bmNcIiBzcmM9XCJodHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2ltYWdlcy9hZGNob2ljZXMvZW4ucG5nXCI%2BIiwiPGltZyBjbGFzcz1cImktYW1waHRtbC1maWxsLWNvbnRlbnQgaS1hbXBodG1sLXJlcGxhY2VkLWNvbnRlbnRcIiBkZWNvZGluZz1cImFzeW5jXCIgc3JjPVwiaHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9pbWFnZXMvYWRjaG9pY2VzL2ljb24ucG5nXCI%2BIiwiPGltZyBzcmM9XCIvL3d3dy5nb29nbGUuY29tL2Fkcy9tZWFzdXJlbWVudC9sP2ViY2lkPUFMaDdDYVJkcFE4cGpqWm81T1dDTGR1QzE0TWNxMG1vNmQ4R0l2MW5uU2ZwTG1IT1FZYXU5R2hkeGQ2Qm5fbXQ3NFVGWEQ2QXRmQmh1QUpUd0RiczMwMm8xQndTZjVNVVhnXCI%2BIl19LCJwbFJhdGlvIjowLjAxfSwidGFnTWFya3VwIjoiPGh0bWwgYW1wNGFkcz1cIlwiIGNsYXNzPVwiaS1hbXBodG1sLWluYWJveFwiIGktYW1waHRtbC1sYXlvdXQ9XCJcIiBpLWFtcGh0bWwtbm8tYm9pbGVycGxhdGU9XCJcIj48aGVhZD48c2NyaXB0IHNyYz1cImh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL2dvbWVkaWEvYi1iZjVkODhiLWUzOWI0OGFkLmpzXCIgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPjwvc2NyaXB0PjxzY3JpcHQ%2Bd2luZG93W1wiNDQ4NDA3ODVfZ29tZWRpYVwiXSA9IHdpbmRvd1tcIjQ0ODQwNzg1X2dvbWVkaWFcIl0gfHwge307d2luZG93W1wiNDQ4NDA3ODVfZ29tZWRpYVwiXS50YWdEZXRhaWxzID0gd2luZG93W1wiNDQ4NDA3ODVfZ29tZWRpYVwiXS50YWdEZXRhaWxzIHx8IHtcInNpdGVJZFwiOlwiZ29tZWRpYVwiLFwid3ZcIjpcIjEuMC4wK2JmNWQ4OGJcIixcImJsdlwiOlwiYmwtMzRkZjIxMi00ZmNkZGRiMlwiLFwiYnZcIjpcImItYmY1ZDg4Yi1lMzliNDhhZFwiLFwidG9wRG9tYWluXCI6XCJodHRwczovL3d3dy50aGVvbmlvbi5jb20vXCIsXCJjdXJyZW50VGFnSWRcIjpcImFkbHRhZ19scDE3bzhmdF9LTUI2ZXRQMzE5QVwiLFwiYXVcIjpcIi80MjQ2L2ZtZy5vbmlvbi9mcm9udHBhZ2VfMFwiLFwic2xvdEVsZW1lbnRJZFwiOlwiZGZwLWFkLTFcIixcInJlZnJlc2hlc1JlbWFpbmluZ1wiOjIsXCJibG9ja2VkQ291bnRcIjowLFwiaGVhdnlBZFJlZnJlc2hlc1JlbWFpbmluZ1wiOjIsXCJoZWF2eUFkQmxvY2tlZENvdW50XCI6MCxcImFkU2VydmVyRGV0YWlsc1wiOntcImFkdmVydGlzZXJJZFwiOlwiMTM2Mzk4OThcIixcImNhbXBhaWduSWRcIjpcIjIyMDQ5NzI1MjNcIixcImNyZWF0aXZlSWRcIjpcIjEzODIyMDA1MjQ5NFwiLFwibGluZWl0ZW1JZFwiOlwiNDUxOTQ5NTY1N1wiLFwiYWRTZXJ2ZXJcIjpcImRmcFwiLFwieWllbGRHcm91cElkc1wiOls3MzExMl19LFwid1wiOjE2MDAsXCJoXCI6MzUwLFwiYWRTbG90U2l6ZVwiOntcIndpZHRoXCI6NDAwMCxcImhlaWdodFwiOjM1MX0sXCJhZFVuaXRTaXplXCI6e1wid2lkdGhcIjo5NzAsXCJoZWlnaHRcIjoyNTB9LFwiYWRJZnJhbWVTaXplXCI6e1wid2lkdGhcIjo5NzAsXCJoZWlnaHRcIjoyNTB9fTt3aW5kb3cuYmxvY2tlciAmJiBibG9ja2VyKFwiNDQ4NDA3ODVfZ29tZWRpYVwiLCBcIjwhLS1BRExfV1JBUFBFRC0tPlwiLCBmYWxzZSwgd2luZG93LCB7fSk7PC9zY3JpcHQ%2BPG1ldGEgbmFtZT1cInJlZmVycmVyXCIgY29udGVudD1cIm9yaWdpblwiPjxtZXRhIGh0dHAtZXF1aXY9XCJDb250ZW50LVNlY3VyaXR5LVBvbGljeVwiIGNvbnRlbnQ9XCJzY3JpcHQtc3JjIGh0dHBzOi8vY2RuLmFtcHByb2plY3Qub3JnLztvYmplY3Qtc3JjICdub25lJztjaGlsZC1zcmMgYmxvYjo7ZnJhbWUtc3JjICdub25lJ1wiPjxtZXRhIGNoYXJzZXQ9XCJ1dGYtOFwiPjxtZXRhIGNvbnRlbnQ9XCJ3aWR0aD1kZXZpY2Utd2lkdGgsbWluaW11bS1zY2FsZT0xLGluaXRpYWwtc2NhbGU9MVwiIG5hbWU9XCJ2aWV3cG9ydFwiPjxzdHlsZSBhbXAtcnVudGltZT1cIlwiIGktYW1waHRtbC12ZXJzaW9uPVwiMDEyMzEwMzAxNDU2MDAwXCI%2BaHRtbHtvdmVyZmxvdy14OmhpZGRlbiFpbXBvcnRhbnR9aHRtbC5pLWFtcGh0bWwtZmlle2hlaWdodDoxMDAlIWltcG9ydGFudDt3aWR0aDoxMDAlIWltcG9ydGFudH1odG1sOm5vdChbYW1wNGFkc10pLGh0bWw6bm90KFthbXA0YWRzXSkgYm9keXtoZWlnaHQ6YXV0byFpbXBvcnRhbnR9aHRtbDpub3QoW2FtcDRhZHNdKSBib2R5e21hcmdpbjowIWltcG9ydGFudH1ib2R5ey13ZWJraXQtdGV4dC1zaXplLWFkanVzdDoxMDAlOy1tb3otdGV4dC1zaXplLWFkanVzdDoxMDAlOy1tcy10ZXh0LXNpemUtYWRqdXN0OjEwMCU7dGV4dC1zaXplLWFkanVzdDoxMDAlfWh0bWwuaS1hbXBodG1sLXNpbmdsZWRvYy5pLWFtcGh0bWwtZW1iZWRkZWR7LW1zLXRvdWNoLWFjdGlvbjpwYW4teSBwaW5jaC16b29tO3RvdWNoLWFjdGlvbjpwYW4teSBwaW5jaC16b29tfWh0bWwuaS1hbXBodG1sLWZpZT5ib2R5LGh0bWwuaS1hbXBodG1sLXNpbmdsZWRvYz5ib2R5e292ZXJmbG93OnZpc2libGUhaW1wb3J0YW50fWh0bWwuaS1hbXBodG1sLWZpZTpub3QoLmktYW1waHRtbC1pbmFib3gpPmJvZHksaHRtbC5pLWFtcGh0bWwtc2luZ2xlZG9jOm5vdCguaS1hbXBodG1sLWluYWJveCk%2BYm9keXtwb3NpdGlvbjpyZWxhdGl2ZSFpbXBvcnRhbnR9aHRtbC5pLWFtcGh0bWwtaW9zLWVtYmVkLWxlZ2FjeT5ib2R5e292ZXJmbG93LXg6aGlkZGVuIWltcG9ydGFudDtvdmVyZmxvdy15OmF1dG8haW1wb3J0YW50O3Bvc2l0aW9uOmFic29sdXRlIWltcG9ydGFudH1odG1sLmktYW1waHRtbC1pb3MtZW1iZWR7b3ZlcmZsb3cteTphdXRvIWltcG9ydGFudDtwb3NpdGlvbjpzdGF0aWN9I2ktYW1waHRtbC13cmFwcGVye292ZXJmbG93LXg6aGlkZGVuIWltcG9ydGFudDtvdmVyZmxvdy15OmF1dG8haW1wb3J0YW50O3Bvc2l0aW9uOmFic29sdXRlIWltcG9ydGFudDt0b3A6MCFpbXBvcnRhbnQ7bGVmdDowIWltcG9ydGFudDtyaWdodDowIWltcG9ydGFudDtib3R0b206MCFpbXBvcnRhbnQ7bWFyZ2luOjAhaW1wb3J0YW50O2Rpc3BsYXk6YmxvY2shaW1wb3J0YW50fWh0bWwuaS1hbXBodG1sLWlvcy1lbWJlZC5pLWFtcGh0bWwtaW9zLW92ZXJzY3JvbGwsaHRtbC5pLWFtcGh0bWwtaW9zLWVtYmVkLmktYW1waHRtbC1pb3Mtb3ZlcnNjcm9sbD4jaS1hbXBodG1sLXdyYXBwZXJ7LXdlYmtpdC1vdmVyZmxvdy1zY3JvbGxpbmc6dG91Y2ghaW1wb3J0YW50fSNpLWFtcGh0bWwtd3JhcHBlcj5ib2R5e3Bvc2l0aW9uOnJlbGF0aXZlIWltcG9ydGFudDtib3JkZXItdG9wOjFweCBzb2xpZCB0cmFuc3BhcmVudCFpbXBvcnRhbnR9I2ktYW1waHRtbC13cmFwcGVyK2JvZHl7dmlzaWJpbGl0eTp2aXNpYmxlfSNpLWFtcGh0bWwtd3JhcHBlcitib2R5IC5pLWFtcGh0bWwtbGlnaHRib3gtZWxlbWVudCwjaS1hbXBodG1sLXdyYXBwZXIrYm9keVtpLWFtcGh0bWwtbGlnaHRib3hde3Zpc2liaWxpdHk6aGlkZGVufSNpLWFtcGh0bWwtd3JhcHBlcitib2R5W2ktYW1waHRtbC1saWdodGJveF0gLmktYW1waHRtbC1saWdodGJveC1lbGVtZW50e3Zpc2liaWxpdHk6dmlzaWJsZX0jaS1hbXBodG1sLXdyYXBwZXIuaS1hbXBodG1sLXNjcm9sbC1kaXNhYmxlZCwuaS1hbXBodG1sLXNjcm9sbC1kaXNhYmxlZHtvdmVyZmxvdy14OmhpZGRlbiFpbXBvcnRhbnQ7b3ZlcmZsb3cteTpoaWRkZW4haW1wb3J0YW50fWFtcC1pbnN0YWdyYW17cGFkZGluZzo1NHB4IDBweCAwcHghaW1wb3J0YW50O2JhY2tncm91bmQtY29sb3I6I2ZmZn1hbXAtaWZyYW1lIGlmcmFtZXtib3gtc2l6aW5nOmJvcmRlci1ib3ghaW1wb3J0YW50fVthbXAtYWNjZXNzXVthbXAtYWNjZXNzLWhpZGVde2Rpc3BsYXk6bm9uZX1bc3Vic2NyaXB0aW9ucy1kaWFsb2ddLGJvZHk6bm90KC5pLWFtcGh0bWwtc3Vicy1yZWFkeSkgW3N1YnNjcmlwdGlvbnMtYWN0aW9uXSxib2R5Om5vdCguaS1hbXBodG1sLXN1YnMtcmVhZHkpIFtzdWJzY3JpcHRpb25zLXNlY3Rpb25de2Rpc3BsYXk6bm9uZSFpbXBvcnRhbnR9YW1wLWV4cGVyaW1lbnQsYW1wLWxpdmUtbGlzdD5bdXBkYXRlXXtkaXNwbGF5Om5vbmV9YW1wLWxpc3RbcmVzaXphYmxlLWNoaWxkcmVuXT4uaS1hbXBodG1sLWxvYWRpbmctY29udGFpbmVyLmFtcC1oaWRkZW57ZGlzcGxheTpub25lIWltcG9ydGFudH1hbXAtbGlzdCBbZmV0Y2gtZXJyb3JdLGFtcC1saXN0W2xvYWQtbW9yZV0gW2xvYWQtbW9yZS1idXR0b25dLGFtcC1saXN0W2xvYWQtbW9yZV0gW2xvYWQtbW9yZS1lbmRdLGFtcC1saXN0W2xvYWQtbW9yZV0gW2xvYWQtbW9yZS1mYWlsZWRdLGFtcC1saXN0W2xvYWQtbW9yZV0gW2xvYWQtbW9yZS1sb2FkaW5nXXtkaXNwbGF5Om5vbmV9YW1wLWxpc3RbZGlmZmFibGVdIGRpdltyb2xlPWxpc3Rde2Rpc3BsYXk6YmxvY2t9YW1wLXN0b3J5LXBhZ2UsYW1wLXN0b3J5W3N0YW5kYWxvbmVde21pbi1oZWlnaHQ6MXB4IWltcG9ydGFudDtkaXNwbGF5OmJsb2NrIWltcG9ydGFudDtoZWlnaHQ6MTAwJSFpbXBvcnRhbnQ7bWFyZ2luOjAhaW1wb3J0YW50O3BhZGRpbmc6MCFpbXBvcnRhbnQ7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudDt3aWR0aDoxMDAlIWltcG9ydGFudH1hbXAtc3Rvcnlbc3RhbmRhbG9uZV17YmFja2dyb3VuZC1jb2xvcjojMDAwIWltcG9ydGFudDtwb3NpdGlvbjpyZWxhdGl2ZSFpbXBvcnRhbnR9YW1wLXN0b3J5LXBhZ2V7YmFja2dyb3VuZC1jb2xvcjojNzU3NTc1fWFtcC1zdG9yeSAuYW1wLWFjdGl2ZT5kaXYsYW1wLXN0b3J5IC5pLWFtcGh0bWwtbG9hZGVyLWJhY2tncm91bmR7ZGlzcGxheTpub25lIWltcG9ydGFudH1hbXAtc3RvcnktcGFnZTpub3QoOmZpcnN0LW9mLXR5cGUpOm5vdChbZGlzdGFuY2VdKTpub3QoW2FjdGl2ZV0pe3RyYW5zZm9ybTp0cmFuc2xhdGVZKDEwMDB2aCkhaW1wb3J0YW50fWFtcC1hdXRvY29tcGxldGV7cG9zaXRpb246cmVsYXRpdmUhaW1wb3J0YW50O2Rpc3BsYXk6aW5saW5lLWJsb2NrIWltcG9ydGFudH1hbXAtYXV0b2NvbXBsZXRlPmlucHV0LGFtcC1hdXRvY29tcGxldGU%2BdGV4dGFyZWF7cGFkZGluZzowLjVyZW07Ym9yZGVyOjFweCBzb2xpZCByZ2JhKDAsMCwwLDAuMzMpfS5pLWFtcGh0bWwtYXV0b2NvbXBsZXRlLXJlc3VsdHMsYW1wLWF1dG9jb21wbGV0ZT5pbnB1dCxhbXAtYXV0b2NvbXBsZXRlPnRleHRh&i=1-9&t=adltag_lp17o8ft_KMB6etP319A&r=5dab7f594fc7dc490754ca8e05fa4c6&c=gomedia&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-26.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: JMp5ooK.bLI0bHKiicbtT15yvD3ZR5I9
date: Thu, 16 Nov 2023 08:11:41 GMT
via: 1.1 76fb21fcb70866221c67558e2f776540.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 24500
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Fri, 28 Oct 2022 01:30:44 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: Em3bKKJpzjzKOBFK406IOzE4-ALjCi13ZPESJ8Iv2xIs3cNAJCPe4w==

POST
H2 200 place
gomedia-tagan.adlightning.com/ Frame 418C 0
446 B 23ms
20ms Ping
image/gif 13.227.219.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gomedia-tagan.adlightning.com/place?p=1&d=cmVhe2ZvbnQtc2l6ZToxcmVtO2xpbmUtaGVpZ2h0OjEuNXJlbX1bYW1wLWZ4Xj1mbHktaW5de3Zpc2liaWxpdHk6aGlkZGVufWFtcC1zY3JpcHRbbm9kb21dLGFtcC1zY3JpcHRbc2FuZGJveGVkXXtwb3NpdGlvbjpmaXhlZCFpbXBvcnRhbnQ7dG9wOjAhaW1wb3J0YW50O3dpZHRoOjFweCFpbXBvcnRhbnQ7aGVpZ2h0OjFweCFpbXBvcnRhbnQ7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudDt2aXNpYmlsaXR5OmhpZGRlbn1cbi8qIyBzb3VyY2VVUkw9L2Nzcy9hbXBkb2MuY3NzKi9baGlkZGVuXXtkaXNwbGF5Om5vbmUhaW1wb3J0YW50fS5pLWFtcGh0bWwtZWxlbWVudHtkaXNwbGF5OmlubGluZS1ibG9ja30uaS1hbXBodG1sLWJsdXJyeS1wbGFjZWhvbGRlcnt0cmFuc2l0aW9uOm9wYWNpdHkgMC4zcyBjdWJpYy1iZXppZXIoMC4wLDAuMCwwLjIsMSkhaW1wb3J0YW50O3BvaW50ZXItZXZlbnRzOm5vbmV9W2xheW91dD1ub2Rpc3BsYXldOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpe2Rpc3BsYXk6bm9uZSFpbXBvcnRhbnR9LmktYW1waHRtbC1sYXlvdXQtZml4ZWQsW2xheW91dD1maXhlZF1bd2lkdGhdW2hlaWdodF06bm90KC5pLWFtcGh0bWwtbGF5b3V0LWZpeGVkKXtkaXNwbGF5OmlubGluZS1ibG9jaztwb3NpdGlvbjpyZWxhdGl2ZX0uaS1hbXBodG1sLWxheW91dC1yZXNwb25zaXZlLFtsYXlvdXQ9cmVzcG9uc2l2ZV1bd2lkdGhdW2hlaWdodF06bm90KC5pLWFtcGh0bWwtbGF5b3V0LXJlc3BvbnNpdmUpLFt3aWR0aF1baGVpZ2h0XVtoZWlnaHRzXTpub3QoW2xheW91dF0pOm5vdCguaS1hbXBodG1sLWxheW91dC1yZXNwb25zaXZlKSxbd2lkdGhdW2hlaWdodF1bc2l6ZXNdOm5vdChpbWcpOm5vdChbbGF5b3V0XSk6bm90KC5pLWFtcGh0bWwtbGF5b3V0LXJlc3BvbnNpdmUpe2Rpc3BsYXk6YmxvY2s7cG9zaXRpb246cmVsYXRpdmV9LmktYW1waHRtbC1sYXlvdXQtaW50cmluc2ljLFtsYXlvdXQ9aW50cmluc2ljXVt3aWR0aF1baGVpZ2h0XTpub3QoLmktYW1waHRtbC1sYXlvdXQtaW50cmluc2ljKXtkaXNwbGF5OmlubGluZS1ibG9jaztwb3NpdGlvbjpyZWxhdGl2ZTttYXgtd2lkdGg6MTAwJX0uaS1hbXBodG1sLWxheW91dC1pbnRyaW5zaWMgLmktYW1waHRtbC1zaXplcnttYXgtd2lkdGg6MTAwJX0uaS1hbXBodG1sLWludHJpbnNpYy1zaXplcnttYXgtd2lkdGg6MTAwJTtkaXNwbGF5OmJsb2NrIWltcG9ydGFudH0uaS1hbXBodG1sLWxheW91dC1jb250YWluZXIsLmktYW1waHRtbC1sYXlvdXQtZml4ZWQtaGVpZ2h0LFtsYXlvdXQ9Y29udGFpbmVyXSxbbGF5b3V0PWZpeGVkLWhlaWdodF1baGVpZ2h0XTpub3QoLmktYW1waHRtbC1sYXlvdXQtZml4ZWQtaGVpZ2h0KXtkaXNwbGF5OmJsb2NrO3Bvc2l0aW9uOnJlbGF0aXZlfS5pLWFtcGh0bWwtbGF5b3V0LWZpbGwsLmktYW1waHRtbC1sYXlvdXQtZmlsbC5pLWFtcGh0bWwtbm90YnVpbHQsW2xheW91dD1maWxsXTpub3QoLmktYW1waHRtbC1sYXlvdXQtZmlsbCksYm9keSBub3NjcmlwdD4qe2Rpc3BsYXk6YmxvY2s7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudDtwb3NpdGlvbjphYnNvbHV0ZTt0b3A6MDtsZWZ0OjA7Ym90dG9tOjA7cmlnaHQ6MH1ib2R5IG5vc2NyaXB0Pip7cG9zaXRpb246YWJzb2x1dGUhaW1wb3J0YW50O3dpZHRoOjEwMCU7aGVpZ2h0OjEwMCU7ei1pbmRleDoyfWJvZHkgbm9zY3JpcHR7ZGlzcGxheTppbmxpbmUhaW1wb3J0YW50fS5pLWFtcGh0bWwtbGF5b3V0LWZsZXgtaXRlbSxbbGF5b3V0PWZsZXgtaXRlbV06bm90KC5pLWFtcGh0bWwtbGF5b3V0LWZsZXgtaXRlbSl7ZGlzcGxheTpibG9jaztwb3NpdGlvbjpyZWxhdGl2ZTstbXMtZmxleDoxIDEgYXV0bztmbGV4OjEgMSBhdXRvfS5pLWFtcGh0bWwtbGF5b3V0LWZsdWlke3Bvc2l0aW9uOnJlbGF0aXZlfS5pLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZHtvdmVyZmxvdzpoaWRkZW4haW1wb3J0YW50fS5pLWFtcGh0bWwtbGF5b3V0LWF3YWl0aW5nLXNpemV7cG9zaXRpb246YWJzb2x1dGUhaW1wb3J0YW50O3RvcDphdXRvIWltcG9ydGFudDtib3R0b206YXV0byFpbXBvcnRhbnR9aS1hbXBodG1sLXNpemVye2Rpc3BsYXk6YmxvY2shaW1wb3J0YW50fUBzdXBwb3J0cyAoYXNwZWN0LXJhdGlvOjEvMSl7aS1hbXBodG1sLXNpemVyLmktYW1waHRtbC1kaXNhYmxlLWFye2Rpc3BsYXk6bm9uZSFpbXBvcnRhbnR9fS5pLWFtcGh0bWwtYmx1cnJ5LXBsYWNlaG9sZGVyLC5pLWFtcGh0bWwtZmlsbC1jb250ZW50e2Rpc3BsYXk6YmxvY2s7aGVpZ2h0OjA7bWF4LWhlaWdodDoxMDAlO21heC13aWR0aDoxMDAlO21pbi1oZWlnaHQ6MTAwJTttaW4td2lkdGg6MTAwJTt3aWR0aDowO21hcmdpbjphdXRvfS5pLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZCAuaS1hbXBodG1sLWZpbGwtY29udGVudHtwb3NpdGlvbjphYnNvbHV0ZTt0b3A6MDtsZWZ0OjA7Ym90dG9tOjA7cmlnaHQ6MH0uaS1hbXBodG1sLXJlcGxhY2VkLWNvbnRlbnQsLmktYW1waHRtbC1zY3JlZW4tcmVhZGVye3BhZGRpbmc6MCFpbXBvcnRhbnQ7Ym9yZGVyOm5vbmUhaW1wb3J0YW50fS5pLWFtcGh0bWwtc2NyZWVuLXJlYWRlcntwb3NpdGlvbjpmaXhlZCFpbXBvcnRhbnQ7dG9wOjBweCFpbXBvcnRhbnQ7bGVmdDowcHghaW1wb3J0YW50O3dpZHRoOjRweCFpbXBvcnRhbnQ7aGVpZ2h0OjRweCFpbXBvcnRhbnQ7b3BhY2l0eTowIWltcG9ydGFudDtvdmVyZmxvdzpoaWRkZW4haW1wb3J0YW50O21hcmdpbjowIWltcG9ydGFudDtkaXNwbGF5OmJsb2NrIWltcG9ydGFudDt2aXNpYmlsaXR5OnZpc2libGUhaW1wb3J0YW50fS5pLWFtcGh0bWwtc2NyZWVuLXJlYWRlcn4uaS1hbXBodG1sLXNjcmVlbi1yZWFkZXJ7bGVmdDo4cHghaW1wb3J0YW50fS5pLWFtcGh0bWwtc2NyZWVuLXJlYWRlcn4uaS1hbXBodG1sLXNjcmVlbi1yZWFkZXJ%2BLmktYW1waHRtbC1zY3JlZW4tcmVhZGVye2xlZnQ6MTJweCFpbXBvcnRhbnR9LmktYW1waHRtbC1zY3JlZW4tcmVhZGVyfi5pLWFtcGh0bWwtc2NyZWVuLXJlYWRlcn4uaS1hbXBodG1sLXNjcmVlbi1yZWFkZXJ%2BLmktYW1waHRtbC1zY3JlZW4tcmVhZGVye2xlZnQ6MTZweCFpbXBvcnRhbnR9LmktYW1waHRtbC11bnJlc29sdmVke3Bvc2l0aW9uOnJlbGF0aXZlO292ZXJmbG93OmhpZGRlbiFpbXBvcnRhbnR9LmktYW1waHRtbC1zZWxlY3QtZGlzYWJsZWR7LXdlYmtpdC11c2VyLXNlbGVjdDpub25lIWltcG9ydGFudDstbXMtdXNlci1zZWxlY3Q6bm9uZSFpbXBvcnRhbnQ7dXNlci1zZWxlY3Q6bm9uZSFpbXBvcnRhbnR9LmktYW1waHRtbC1ub3RidWlsdCxbbGF5b3V0XTpub3QoLmktYW1waHRtbC1lbGVtZW50KSxbd2lkdGhdW2hlaWdodF1baGVpZ2h0c106bm90KFtsYXlvdXRdKTpub3QoLmktYW1waHRtbC1lbGVtZW50KSxbd2lkdGhdW2hlaWdodF1bc2l6ZXNdOm5vdChpbWcpOm5vdChbbGF5b3V0XSk6bm90KC5pLWFtcGh0bWwtZWxlbWVudCl7cG9zaXRpb246cmVsYXRpdmU7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudDtjb2xvcjp0cmFuc3BhcmVudCFpbXBvcnRhbnR9LmktYW1waHRtbC1ub3RidWlsdDpub3QoLmktYW1waHRtbC1sYXlvdXQtY29udGFpbmVyKT4qLFtsYXlvdXRdOm5vdChbbGF5b3V0PWNvbnRhaW5lcl0pOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpPiosW3dpZHRoXVtoZWlnaHRdW2hlaWdodHNdOm5vdChbbGF5b3V0XSk6bm90KC5pLWFtcGh0bWwtZWxlbWVudCk%2BKixbd2lkdGhdW2hlaWdodF1bc2l6ZXNdOm5vdChbbGF5b3V0XSk6bm90KC5pLWFtcGh0bWwtZWxlbWVudCk%2BKntkaXNwbGF5Om5vbmV9YW1wLWltZzpub3QoLmktYW1waHRtbC1lbGVtZW50KVtpLWFtcGh0bWwtc3NyXT5pbWcuaS1hbXBodG1sLWZpbGwtY29udGVudHtkaXNwbGF5OmJsb2NrfS5pLWFtcGh0bWwtbm90YnVpbHQ6bm90KC5pLWFtcGh0bWwtbGF5b3V0LWNvbnRhaW5lciksW2xheW91dF06bm90KFtsYXlvdXQ9Y29udGFpbmVyXSk6bm90KC5pLWFtcGh0bWwtZWxlbWVudCksW3dpZHRoXVtoZWlnaHRdW2hlaWdodHNdOm5vdChbbGF5b3V0XSk6bm90KC5pLWFtcGh0bWwtZWxlbWVudCksW3dpZHRoXVtoZWlnaHRdW3NpemVzXTpub3QoaW1nKTpub3QoW2xheW91dF0pOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpe2NvbG9yOnRyYW5zcGFyZW50IWltcG9ydGFudDtsaW5lLWhlaWdodDowIWltcG9ydGFudH0uaS1hbXBodG1sLWdob3N0e3Zpc2liaWxpdHk6aGlkZGVuIWltcG9ydGFudH0uaS1hbXBodG1sLWVsZW1lbnQ%2BW3BsYWNlaG9sZGVyXSxbbGF5b3V0XTpub3QoLmktYW1waHRtbC1lbGVtZW50KT5bcGxhY2Vob2xkZXJdLFt3aWR0aF1baGVpZ2h0XVtoZWlnaHRzXTpub3QoW2xheW91dF0pOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpPltwbGFjZWhvbGRlcl0sW3dpZHRoXVtoZWlnaHRdW3NpemVzXTpub3QoW2xheW91dF0pOm5vdCguaS1hbXBodG1sLWVsZW1lbnQpPltwbGFjZWhvbGRlcl17ZGlzcGxheTpibG9jaztsaW5lLWhlaWdodDpub3JtYWx9LmktYW1waHRtbC1lbGVtZW50PltwbGFjZWhvbGRlcl0uYW1wLWhpZGRlbiwuaS1hbXBodG1sLWVsZW1lbnQ%2BW3BsYWNlaG9sZGVyXS5oaWRkZW57dmlzaWJpbGl0eTpoaWRkZW59LmktYW1waHRtbC1lbGVtZW50Om5vdCguYW1wLW5vdHN1cHBvcnRlZCk%2BW2ZhbGxiYWNrXSwuaS1hbXBodG1sLWxheW91dC1jb250YWluZXI%2BW3BsYWNlaG9sZGVyXS5hbXAtaGlkZGVuLC5pLWFtcGh0bWwtbGF5b3V0LWNvbnRhaW5lcj5bcGxhY2Vob2xkZXJdLmhpZGRlbntkaXNwbGF5Om5vbmV9LmktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkPltmYWxsYmFja10sLmktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkPltwbGFjZWhvbGRlcl17cG9zaXRpb246YWJzb2x1dGUhaW1wb3J0YW50O3RvcDowIWltcG9ydGFudDtsZWZ0OjAhaW1wb3J0YW50O3JpZ2h0OjAhaW1wb3J0YW50O2JvdHRvbTowIWltcG9ydGFudDt6LWluZGV4OjF9YW1wLWltZ1tpLWFtcGh0bWwtc3NyXTpub3QoLmktYW1waHRtbC1lbGVtZW50KT5bcGxhY2Vob2xkZXJde3otaW5kZXg6YXV0b30uaS1hbXBodG1sLW5vdGJ1aWx0PltwbGFjZWhvbGRlcl17ZGlzcGxheTpibG9jayFpbXBvcnRhbnR9LmktYW1waHRtbC1oaWRkZW4tYnktbWVkaWEtcXVlcnl7ZGlzcGxheTpub25lIWltcG9ydGFudH0uaS1hbXBodG1sLWVsZW1lbnQtZXJyb3J7YmFja2dyb3VuZDpyZWQhaW1wb3J0YW50O2NvbG9yOiNmZmYhaW1wb3J0YW50O3Bvc2l0aW9uOnJlbGF0aXZlIWltcG9ydGFudH0uaS1hbXBodG1sLWVsZW1lbnQtZXJyb3I6YmVmb3Jle2NvbnRlbnQ6YXR0cihlcnJvci1tZXNzYWdlKX1pLWFtcC1zY3JvbGwtY29udGFpbmVyLGktYW1waHRtbC1zY3JvbGwtY29udGFpbmVye3Bvc2l0aW9uOmFic29sdXRlO3RvcDowO2xlZnQ6MDtyaWdodDowO2JvdHRvbTowO2Rpc3BsYXk6YmxvY2t9aS1hbXAtc2Nyb2xsLWNvbnRhaW5lci5hbXAtYWN0aXZlLGktYW1waHRtbC1zY3JvbGwtY29udGFpbmVyLmFtcC1hY3RpdmV7b3ZlcmZsb3c6YXV0bzstd2Via2l0LW92ZXJmbG93LXNjcm9sbGluZzp0b3VjaH0uaS1hbXBodG1sLWxvYWRpbmctY29udGFpbmVye2Rpc3BsYXk6YmxvY2shaW1wb3J0YW50O3BvaW50ZXItZXZlbnRzOm5vbmU7ei1pbmRleDoxfS5pLWFtcGh0bWwtbm90YnVpbHQ%2BLmktYW1waHRtbC1sb2FkaW5nLWNvbnRhaW5lcntkaXNwbGF5OmJsb2NrIWltcG9ydGFudH0uaS1hbXBodG1sLWxvYWRpbmctY29udGFpbmVyLmFtcC1oaWRkZW57dmlzaWJpbGl0eTpoaWRkZW59LmktYW1waHRtbC1lbGVtZW50PltvdmVyZmxvd117Y3Vyc29yOnBvaW50ZXI7cG9zaXRpb246cmVsYXRpdmU7ei1pbmRleDoyO3Zpc2liaWxpdHk6aGlkZGVuO2Rpc3BsYXk6aW5pdGlhbDtsaW5lLWhlaWdodDpub3JtYWx9LmktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkPltvdmVyZmxvd117cG9zaXRpb246YWJzb2x1dGV9LmktYW1waHRtbC1lbGVtZW50PltvdmVyZmxvd10uYW1wLXZpc2libGV7dmlzaWJpbGl0eTp2aXNpYmxlfXRlbXBsYXRle2Rpc3BsYXk6bm9uZSFpbX&i=2-9&t=adltag_lp17o8ft_KMB6etP319A&r=5dab7f594fc7dc490754ca8e05fa4c6&c=gomedia&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-26.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: JMp5ooK.bLI0bHKiicbtT15yvD3ZR5I9
date: Thu, 16 Nov 2023 08:11:41 GMT
via: 1.1 76fb21fcb70866221c67558e2f776540.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 24500
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Fri, 28 Oct 2022 01:30:44 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: FGYUVBQnVa-9rVxH9W9acw1wmME-MdVZssB9YAgE8hfFMMRmD4JNyg==

POST
H2 200 place
gomedia-tagan.adlightning.com/ Frame 418C 0
444 B 27ms
25ms Ping
image/gif 13.227.219.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gomedia-tagan.adlightning.com/place?p=1&d=BvcnRhbnR9LmFtcC1ib3JkZXItYm94LC5hbXAtYm9yZGVyLWJveCAqLC5hbXAtYm9yZGVyLWJveCA6YWZ0ZXIsLmFtcC1ib3JkZXItYm94IDpiZWZvcmV7Ym94LXNpemluZzpib3JkZXItYm94fWFtcC1waXhlbHtkaXNwbGF5Om5vbmUhaW1wb3J0YW50fWFtcC1hbmFseXRpY3MsYW1wLWF1dG8tYWRzLGFtcC1zdG9yeS1hdXRvLWFkc3twb3NpdGlvbjpmaXhlZCFpbXBvcnRhbnQ7dG9wOjAhaW1wb3J0YW50O3dpZHRoOjFweCFpbXBvcnRhbnQ7aGVpZ2h0OjFweCFpbXBvcnRhbnQ7b3ZlcmZsb3c6aGlkZGVuIWltcG9ydGFudDt2aXNpYmlsaXR5OmhpZGRlbn1hbXAtc3Rvcnl7dmlzaWJpbGl0eTpoaWRkZW4haW1wb3J0YW50fWh0bWwuaS1hbXBodG1sLWZpZT5hbXAtYW5hbHl0aWNze3Bvc2l0aW9uOmluaXRpYWwhaW1wb3J0YW50fVt2aXNpYmxlLXdoZW4taW52YWxpZF06bm90KC52aXNpYmxlKSxmb3JtIFtzdWJtaXQtZXJyb3JdLGZvcm0gW3N1Ym1pdC1zdWNjZXNzXSxmb3JtIFtzdWJtaXR0aW5nXXtkaXNwbGF5Om5vbmV9YW1wLWFjY29yZGlvbntkaXNwbGF5OmJsb2NrIWltcG9ydGFudH1AbWVkaWEgKG1pbi13aWR0aDoxcHgpezp3aGVyZShhbXAtYWNjb3JkaW9uPnNlY3Rpb24pPjpmaXJzdC1jaGlsZHttYXJnaW46MDtiYWNrZ3JvdW5kLWNvbG9yOiNlZmVmZWY7cGFkZGluZy1yaWdodDoyMHB4O2JvcmRlcjoxcHggc29saWQgI2RmZGZkZn06d2hlcmUoYW1wLWFjY29yZGlvbj5zZWN0aW9uKT46bGFzdC1jaGlsZHttYXJnaW46MH19YW1wLWFjY29yZGlvbj5zZWN0aW9ue2Zsb2F0Om5vbmUhaW1wb3J0YW50fWFtcC1hY2NvcmRpb24%2Bc2VjdGlvbj4qe2Zsb2F0Om5vbmUhaW1wb3J0YW50O2Rpc3BsYXk6YmxvY2shaW1wb3J0YW50O292ZXJmbG93OmhpZGRlbiFpbXBvcnRhbnQ7cG9zaXRpb246cmVsYXRpdmUhaW1wb3J0YW50fWFtcC1hY2NvcmRpb24sYW1wLWFjY29yZGlvbj5zZWN0aW9ue21hcmdpbjowfWFtcC1hY2NvcmRpb246bm90KC5pLWFtcGh0bWwtYnVpbHQpPnNlY3Rpb24%2BOmxhc3QtY2hpbGR7ZGlzcGxheTpub25lIWltcG9ydGFudH1hbXAtYWNjb3JkaW9uOm5vdCguaS1hbXBodG1sLWJ1aWx0KT5zZWN0aW9uW2V4cGFuZGVkXT46bGFzdC1jaGlsZHtkaXNwbGF5OmJsb2NrIWltcG9ydGFudH1cbi8qIyBzb3VyY2VVUkw9L2Nzcy9hbXBzaGFyZWQuY3NzKi9odG1sLmktYW1waHRtbC1pbmFib3h7d2lkdGg6MTAwJSFpbXBvcnRhbnQ7aGVpZ2h0OjEwMCUhaW1wb3J0YW50fWh0bWwuaS1hbXBodG1sLWluYWJveD5ib2R5e3Bvc2l0aW9uOmluaXRpYWwhaW1wb3J0YW50fTwvc3R5bGU%2BPG1ldGEgY29udGVudD1cInZlbmRvcj1kb3VibGVjbGljayx0eXBlPWltcHJlc3Npb24taWQsdmFsdWU9Q083SXNyRE15SUlERldTSmd3Y2RyeElIZXdcIiBuYW1lPVwiYW1wNGFkcy1pZFwiPjxtZXRhIGNvbnRlbnQ9XCJBdmg1TnkwWEVGQ3lRNytvTmllWHNrVXJxWThlZFV6TDUvWHJ3S2xHakFSUUhXNFRGUksralZkNUhuRElwWTIwbjVPTEhmZ1U0a3U3eDQ4TjN1aEcvQTBBQUFCeGV5SnZjbWxuYVc0aU9pSm9kSFJ3Y3pvdkwyUnZkV0pzWldOc2FXTnJMbTVsZERvME5ETWlMQ0ptWldGMGRYSmxJam9pVUhKcGRtRmplVk5oYm1SaWIzaEJaSE5CVUVseklpd2laWGh3YVhKNUlqb3hOamsxTVRZM09UazVMQ0pwYzFOMVltUnZiV0ZwYmlJNmRISjFaWDA9XCIgaHR0cC1lcXVpdj1cIm9yaWdpbi10cmlhbFwiPjxtZXRhIGNvbnRlbnQ9XCJBa0ZJdEptbzZiRjlUbkN5ZXg3azhyS1hLS0pCRkVybHJWdmNIaStESnVOUUNJZGNsQk1qY2ZHMWJ4b0QvSGVDSk5ycWRmczhiM3RHU1ZQUkVSVTJpZ3NBQUFCM2V5SnZjbWxuYVc0aU9pSm9kSFJ3Y3pvdkwyZHZiMmRzWlhONWJtUnBZMkYwYVc5dUxtTnZiVG8wTkRNaUxDSm1aV0YwZFhKbElqb2lVSEpwZG1GamVWTmhibVJpYjNoQlpITkJVRWx6SWl3aVpYaHdhWEo1SWpveE5qazFNVFkzT1RrNUxDSnBjMU4xWW1SdmJXRnBiaUk2ZEhKMVpYMD1cIiBodHRwLWVxdWl2PVwib3JpZ2luLXRyaWFsXCI%2BPGxpbmsgYXM9XCJzY3JpcHRcIiBocmVmPVwiaHR0cHM6Ly9jZG4uYW1wcHJvamVjdC5vcmcvcnR2LzAxMjMxMDMwMTQ1NjAwMC9hbXA0YWRzLXYwLm1qc1wiIHJlbD1cInByZWxvYWRcIj48c2NyaXB0IGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly9jZG4uYW1wcHJvamVjdC5vcmcvcnR2LzAxMjMxMDMwMTQ1NjAwMC9hbXA0YWRzLXYwLm1qc1wiPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmM9XCJcIiBjdXN0b20tZWxlbWVudD1cImFtcC1hZC1leGl0XCIgc3JjPVwiaHR0cHM6Ly9jZG4uYW1wcHJvamVjdC5vcmcvcnR2LzAxMjMxMDMwMTQ1NjAwMC92MC9hbXAtYWQtZXhpdC0wLjEubWpzXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCBhc3luYz1cIlwiIGN1c3RvbS1lbGVtZW50PVwiYW1wLWFuYWx5dGljc1wiIHNyYz1cImh0dHBzOi8vY2RuLmFtcHByb2plY3Qub3JnL3J0di8wMTIzMTAzMDE0NTYwMDAvdjAvYW1wLWFuYWx5dGljcy0wLjEubWpzXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCBhc3luYz1cIlwiIGN1c3RvbS1lbGVtZW50PVwiYW1wLWZpdC10ZXh0XCIgc3JjPVwiaHR0cHM6Ly9jZG4uYW1wcHJvamVjdC5vcmcvcnR2LzAxMjMxMDMwMTQ1NjAwMC92MC9hbXAtZml0LXRleHQtMC4xLm1qc1wiPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmM9XCJcIiBjdXN0b20tZWxlbWVudD1cImFtcC1mb3JtXCIgc3JjPVwiaHR0cHM6Ly9jZG4uYW1wcHJvamVjdC5vcmcvcnR2LzAxMjMxMDMwMTQ1NjAwMC92MC9hbXAtZm9ybS0wLjEubWpzXCI%2BPC9zY3JpcHQ%2BPHN0eWxlIGFtcC1jdXN0b209XCJcIj5hIHsgY29sb3I6ICMwMDAwMDAgfWJvZHkgeyBtYXJnaW46IDA7IGJhY2tncm91bmQ6IHRyYW5zcGFyZW50OyB9I2dvb2dsZV9pbWFnZV9kaXYge2hlaWdodDogMjUwcHg7d2lkdGg6IDk3MHB4O292ZXJmbG93OmhpZGRlbjtwb3NpdGlvbjpyZWxhdGl2ZX1odG1sLCBib2R5IHt3aWR0aDoxMDAlO2hlaWdodDoxMDAlO31ib2R5IHtkaXNwbGF5OnRhYmxlO3RleHQtYWxpZ246Y2VudGVyO30jZ29vZ2xlX2NlbnRlcl9kaXYge2Rpc3BsYXk6dGFibGUtY2VsbDt2ZXJ0aWNhbC1hbGlnbjptaWRkbGU7fSNnb29nbGVfaW1hZ2VfZGl2IHtkaXNwbGF5OmlubGluZS1ibG9jazt9LmFiZ2Mge3Bvc2l0aW9uOmFic29sdXRlO3otaW5kZXg6MjE0NzQ4MzY0NjtyaWdodDowO3RvcDowO30uYWJnYyBhbXAtaW1nLCAuYWJnYyBpbWcge2Rpc3BsYXk6YmxvY2s7fS5hYmdzIHtwb3NpdGlvbjphYnNvbHV0ZTstd2Via2l0LXRyYW5zZm9ybTp0cmFuc2xhdGVYKDkycHgpO3RyYW5zZm9ybTp0cmFuc2xhdGVYKDkycHgpO3JpZ2h0OjE3cHg7dG9wOjFweDt9LmFiZ2NwIHtwb3NpdGlvbjphYnNvbHV0ZTtyaWdodDowO3RvcDowO3dpZHRoOjMycHg7aGVpZ2h0OjE1cHg7cGFkZGluZy1sZWZ0OjEwcHg7cGFkZGluZy1ib3R0b206MTBweDt9LmFiZ2Ige3Bvc2l0aW9uOnJlbGF0aXZlO21hcmdpbi1yaWdodDoxN3B4O3RvcDoxcHg7fS5hYmdjOmhvdmVyIC5hYmdzIHstd2Via2l0LXRyYW5zZm9ybTpub25lO3RyYW5zZm9ybTpub25lO30uY2Jie2Rpc3BsYXk6YmxvY2s7cG9zaXRpb246YWJzb2x1dGU7cmlnaHQ6MXB4O3RvcDoxcHg7Y3Vyc29yOnBvaW50ZXI7aGVpZ2h0OjE1cHg7d2lkdGg6MTVweDt6LWluZGV4OjkwMjA7cGFkZGluZy1sZWZ0OjE2cHg7fUBtZWRpYSAobWF4LXdpZHRoOjM3NXB4KSBhbmQgKG1pbi1oZWlnaHQ6MTAwcHgpey5idG57ZGlzcGxheTpibG9jazt3aWR0aDo5MCU7bWF4LXdpZHRoOjI0MHB4O21hcmdpbi1sZWZ0OmF1dG87bWFyZ2luLXJpZ2h0OmF1dG99fSNzcHYxIGFtcC1maXQtdGV4dD5kaXZ7LXdlYmtpdC1qdXN0aWZ5LWNvbnRlbnQ6ZmxleC1zdGFydDtqdXN0aWZ5LWNvbnRlbnQ6ZmxleC1zdGFydH0uam0uc2ggI3NwdjEgYW1wLWZpdC10ZXh0PmRpdnstd2Via2l0LWp1c3RpZnktY29udGVudDpjZW50ZXI7anVzdGlmeS1jb250ZW50OmNlbnRlcn0uanQgLnBuIGFtcC1maXQtdGV4dD5kaXZ7LXdlYmtpdC1qdXN0aWZ5LWNvbnRlbnQ6ZmxleC1zdGFydDtqdXN0aWZ5LWNvbnRlbnQ6ZmxleC1zdGFydH0jc2J0bjpob3Zlciwjc2J0bjphY3RpdmV7YmFja2dyb3VuZC1jb2xvcjojZjVmNWY1fSNyYnRuOmhvdmVyLCNyYnRuOmFjdGl2ZXtiYWNrZ3JvdW5kLWNvbG9yOiMzMjc1ZTV9I210YXtsZWZ0OjA7fSNtdGEgaW5wdXRbdHlwZT1cInJhZGlvXCJde2Rpc3BsYXk6bm9uZX0jbXRhIC5wbntyaWdodDotOTcwcHg7dG9wOi0yNTBweDt3aWR0aDo5NzBweDtoZWlnaHQ6MjUwcHg7fS5zaCAjc3B2Mnstd2Via2l0LWZsZXgtZGlyZWN0aW9uOnJvdztmbGV4LWRpcmVjdGlvbjpyb3c7LXdlYmtpdC1qdXN0aWZ5LWNvbnRlbnQ6Y2VudGVyO2p1c3RpZnktY29udGVudDpjZW50ZXJ9LnNoLnNyICNzcHYyey13ZWJraXQtanVzdGlmeS1jb250ZW50OmZsZXgtc3RhcnQ7anVzdGlmeS1jb250ZW50OmZsZXgtc3RhcnR9Lmp0LnN2ICNzcHYyey13ZWJraXQtanVzdGlmeS1jb250ZW50OmZsZXgtc3RhcnQ7anVzdGlmeS1jb250ZW50OmZsZXgtc3RhcnQ7LXdlYmtpdC1hbGlnbi1pdGVtczpjZW50ZXI7YWxpZ24taXRlbXM6Y2VudGVyfSNzcHYyICp7LW1vei1ib3gtc2l6aW5nOmJvcmRlci1ib3g7LXdlYmtpdC1ib3gtc2l6aW5nOmJvcmRlci1ib3g7Ym94LXNpemluZzpib3JkZXItYm94fSNzcHIxOmNoZWNrZWQgfiAjY2JiLCNzcHIyOmNoZWNrZWQgfiAjY2JiLCNzcHIzOmNoZWNrZWQgfiAjY2Jie2Rpc3BsYXk6bm9uZX0uYW1wLWFuaW1hdGUgI3NwdjR7b3BhY2l0eTowO3RyYW5zaXRpb246b3BhY2l0eSAuNXMgbGluZWFyIDIuNXN9LmFtcC1hbmltYXRlICAjc3B2MyBhbXAtZml0LXRleHR7b3BhY2l0eToxO3RyYW5zaXRpb246b3BhY2l0eSAuNXMgbGluZWFyIDJzfSNzcHIzOmNoZWNrZWQgfiAjc3B2MyBhbXAtZml0LXRleHR7b3BhY2l0eTowfSNzcHIzOmNoZWNrZWQgfiAjc3B2NHtvcGFjaXR5OjF9I3NwcjE6Y2hlY2tlZCB%2BICNzcHYxLCNzcHIyOmNoZWNrZWQgfiAjc3B2Miwjc3ByMzpjaGVja2VkIH4gI3NwdjMsI3NwcjM6Y2hlY2tlZCB%2BICNzcHY0e3JpZ2h0OjBweDt0b3A6MHB4fVtkaXI9XCJydGxcIl0gLmNsb3Nle3RyYW5zZm9ybTpzY2FsZVgoLTEpfS5jdCBzdmd7Ym9yZGVyOjA7bWFyZ2luOjAgMCAtLjQ1ZW0gMDtkaXNwbGF5OmlubGluZS1ibG9jaztoZWlnaHQ6MS4zOGVtO29wYWNpdHk6LjR9I3Rpe3dpZHRoOjk3MHB4fSNidG5ze3dpZHRoOjk3MHB4fS5mbHt3aWR0aDo5NzBweDtoZWlnaHQ6MjUwcHg7fS5zYntoZWlnaHQ6NTBweH0uc297d2lkdGg6OTZweDtoZWlnaHQ6NTBweDt9LnNvOmhvdmVyLC5zbzphY3RpdmV7YmFja2dyb3VuZC1jb2xvcjojZjVmNWY1fUBtZWRpYSAobWluLWhlaWdodDo1NHB4KXsuc2guc3MgLnNvLC5zdiAuc297Ym94LXNoYWRvdzowcHggMHB4IDJweCByZ2JhKDAsMCwwLC4xMiksIDBweCAxcHggM3B4IHJnYmEoMCwwLDAsLjI2KTtib3JkZXI6bm9uZX19LnNoIC5zb3ttYXJnaW4tbGVmdDotMXB4O2JveC1zaGFkb3c6bm9uZX0uc2ggLnNvOmZpcnN0LWNoaWxke21hcmdpbi1sZWZ0OjB9LnNoLnNzIC5zb3ttYXJnaW4tbGVmdDo4cHh9LnNoLnNzIC5zbzpmaXJzdC1jaGlsZHttYXJnaW4tbGVmdDowfS5zaC5qdCAuc2J7bWFyZ2luLXRvcDo4cHh9LnN2IC5zbywuc2guc3MgLnNve2JvcmRlci1yYWRpdXM6MnB4fTwvc3R5bGU%2BPC9oZWFkPjxib2R5IGNsYXNzPVwiYW1wLWFuaW1hdGVcIiBtYXJnaW53aWR0aD1cIjBcIiBtYXJnaW5oZWlnaHQ9XCIwXCI%2BPGRpdiBpZD1cImdvb2dsZV9jZW50ZXJfZGl2XCI%2BPGRpdiBpZD1cImdvb2dsZV9pbWFnZV9kaXZcIj48YSBhdHRyaWJ1dGlvbmRlc3RpbmF0aW9uPVwiXCIgYXR0cmlidXRpb25leHBpcnk9XCJcIiBhdHRyaWJ1dGlvbnJlcG9ydHRvPVwiXCIgYXR0cmlidXRpb25zb3VyY2VldmVudGlkPVwiXCIgaHJlZj1cImh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L2FjbGs%2Fc2E9bCZhbXA7YWk9QzQ0WW9SUlZXWmE2U0F1U1NqdXdQcjZXYzJBZkZnNF&i=3-9&t=adltag_lp17o8ft_KMB6etP319A&r=5dab7f594fc7dc490754ca8e05fa4c6&c=gomedia&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-26.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: JMp5ooK.bLI0bHKiicbtT15yvD3ZR5I9
date: Thu, 16 Nov 2023 08:11:41 GMT
via: 1.1 76fb21fcb70866221c67558e2f776540.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 24500
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Fri, 28 Oct 2022 01:30:44 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: tWLEeKrrpxr9rHjVosHNMNbt7hlwApfJmzC1pSjg0w6N6KGfBu7cYg==

POST
H2 200 place
gomedia-tagan.adlightning.com/ Frame 418C 0
444 B 28ms
25ms Ping
image/gif 13.227.219.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gomedia-tagan.adlightning.com/place?p=1&d=dlZFAyQzRwLUlDbVFRQVNDSXpZNGVZSlVDb0FIejVadlRBOGdCQXFrQ0tUZjVoY292c2o3Z0FnQ29Bd0hJQXdpcUJLd0NUOUMyMm5QRmVCR2JsVkotTzZHaTRxMHZvXzA2VU53ZFByRUFpelBYSGR4T3ZxdUZIRTFsNGVrN2loLUdXMVVzZ0NyUmRMb3llWDZVU2stSE52Z09GSm1qLVItQ2JUcFdtMVhuZER1TjJkbnlpUmpGcWh6TkFHenA2UU1ZelFvMF9mdEpCTF9lS3p2d0dfUHllNU95bE1oQ2ZZcWdzemFIcDFla3pKVndHSlo0alVvY2xZTU16blZqai1fQ2hTX0d6cmRrSEhlMDdKNHk2UTEzb3BuSUtRNk9tbkI4T2VfLXhrd200MUVwbmhBdFJmV1lwUUZWQVlwMzFSSzhPbmNvU0M1MzZUbDEzWTU3eWpLcm10MTMwdEZXOHlkUWtqbjc3NVhnRVNtRUc4ZDBMUEpBRDVWYk43OHUybWFoM09uYTl5b1BoRDFNSG9ITUVtU2h0VTU3eE1ZV1VYSkFOb1BMcFhpTHJWOHprYjBDRndZLWV5SkdIOUdXRXV5LVR4b3ZSQm5fOGllYmJDaUVDaDlxd0FUMnZZRENuZ0xnQkFHSUJjREMwNXNZb0FZQ2dBZkh6S2FPQWFnSDJiYXhBcWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I5WEpHNmdIcHI0YnFBZWFCcWdIODlFYnFBZVcyQnVvQjZxYnNRS29CNE90c1FLb0JfLWVzUUtvQjktZnNRS29COHFwc1FLb0ItdWxzUUxZQndIU0NCWUlnT0dBRUJBQkdCMHlBcW9DT2dLQVFFaTlfY0U2c1Ftb0NMYVJCTjlOVTRBS0E1Z0xBY2dMQWFJTUdDb1dDaFRrdExFQzdyV3hBclc0c1FMa3RMRUM3cld4QXRvTUVRb0xFTUNvNjhpMGw3UzNzQUVTQWdFRHFnMENSRVhJRFFIaURSTUlqSTZ4c016SWdnTVZaSW1EQngydkVnZDcyQk1PMEJVQi1CWUJnQmNCJmFtcDthZT0xJmFtcDthc2U9MiZhbXA7Z2NsaWQ9RUFJYUlRb2JDaE1JN3NpeXNNeklnZ01WWkltREJ4MnZFZ2Q3RUFFWUFTQUFFZ0lJVF9EX0J3RSZhbXA7bnVtPTEmYW1wO2NpZD1DQVFTVFFESUNhYU5ER0JCX3VyQ3NXMThOUmh3UDJJOFoyTUhrVWFGZG9LUVdIUGdZbmpoVnpSQ2FoSHQ3MVE1RzlBbXdIUnFvNWVGQW1xSFJqeDBwUThEbGlqcnVXaVVqR1MwdGVuRFJQeE1HQUUmYW1wO3NpZz1BT0Q2NF8zSHNOd2ZCWElHZnh0U2ExLVJNTmtiYk5kSjRnJmFtcDtjbGllbnQ9Y2EtcHViLTkyNjg0NDA4ODM0NDg5MjUmYW1wO3JmPTUmYW1wO254PUNMSUNLX1gmYW1wO255PUNMSUNLX1kmYW1wO3VhcD1VQUNIKHBsYXRmb3JtKSZhbXA7dWFwdj1VQUNIKHBsYXRmb3JtVmVyc2lvbikmYW1wO3VhYT1VQUNIKGFyY2hpdGVjdHVyZSkmYW1wO3VhbT1VQUNIKG1vZGVsKSZhbXA7dWFmdj1VQUNIKHVhRnVsbFZlcnNpb24pJmFtcDt1YWI9VUFDSChiaXRuZXNzKSZhbXA7dWF3PVVBQ0god293NjQpJmFtcDt1YWZ2bD1VQUNIKGZ1bGxWZXJzaW9uTGlzdCkmYW1wO25iPTImYW1wO2FkdXJsPWh0dHBzOi8vZGUuaWthcmlhbS5nYW1lZm9yZ2UuY29tL2xhbmRpbmc0LyUzRmtpZCUzRGEtMDM4MDYtMDIyMDYtMTkwOS1kNTgwNzAxOCUyNmdmc2lkJTNEcmVtYSUyNnV0bV9zb3VyY2UlM0Rnb29nbGUlMjZ1dG1fbWVkaXVtJTNEcGFpZCUyNnV0bV9jYW1wYWlnbiUzRGlrX2RlLWRlXzA5LTIwMTlfc3NfcmVtYSUyNnV0bV9jb250ZW50JTNEJTdCYmFubmVyJTI1MjBzaXplJTdEJTI2Z2NsaWQlM0RFQUlhSVFvYkNoTUk3c2l5c016SWdnTVZaSW1EQngydkVnZDdFQUVZQVNBQUVnSUlUX0RfQndFXCIgaWQ9XCJhdzBcIiBvbj1cInRhcDpleGl0LWFwaS5leGl0KHRhcmdldD0nbGFuZGluZ1BhZ2UnLF9nb29nQ2xpY2tMb2NhdGlvbj0nMicpXCIgdGFyZ2V0PVwiX3RvcFwiPjxhbXAtaW1nIGFsdD1cIlwiIGNsYXNzPVwiaW1nX2FkIGktYW1waHRtbC1sYXlvdXQtZml4ZWQgaS1hbXBodG1sLWxheW91dC1zaXplLWRlZmluZWRcIiBoZWlnaHQ9XCIyNTBcIiBpLWFtcGh0bWwtbGF5b3V0PVwiZml4ZWRcIiBpLWFtcGh0bWwtc3NyPVwiXCIgc3JjPVwiaHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3NpbWdhZC8xNTk2MDEyNDY4OTQxNDg2Njc5Nz9zcXA9NHNxUHlRUTdRamtxTnhBQkhRQUF0RUlnQVNnQk1BazRBMER3a3dsWUFXQmZjQUtBQVFHSUFRR2RBUUFBZ0Qtb0FRR3dBWUN0NGdTNEFWX0ZBUzJ5blQ0JmFtcDtycz1BT2dhNHFsQ29YMWtHcnpmbnAtaGdQN0c3djN2cEVhN1dBXCIgc3R5bGU9XCJ3aWR0aDo5NzBweDtoZWlnaHQ6MjUwcHg7XCIgd2lkdGg9XCI5NzBcIj48aW1nIGFsdD1cIlwiIGNsYXNzPVwiaS1hbXBodG1sLWZpbGwtY29udGVudCBpLWFtcGh0bWwtcmVwbGFjZWQtY29udGVudFwiIGRlY29kaW5nPVwiYXN5bmNcIiBzcmM9XCJodHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vc2ltZ2FkLzE1OTYwMTI0Njg5NDE0ODY2Nzk3P3NxcD00c3FQeVFRN1Fqa3FOeEFCSFFBQXRFSWdBU2dCTUFrNEEwRHdrd2xZQVdCZmNBS0FBUUdJQVFHZEFRQUFnRC1vQVFHd0FZQ3Q0Z1M0QVZfRkFTMnluVDQmYW1wO3JzPUFPZ2E0cWxDb1gxa0dyemZucC1oZ1A3Rzd2M3ZwRWE3V0FcIj48L2FtcC1pbWc%2BPC9hPjxhbXAtcGl4ZWwgY2xhc3M9XCJpLWFtcGh0bWwtbGF5b3V0LWZpeGVkIGktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkXCIgaS1hbXBodG1sLWxheW91dD1cImZpeGVkXCIgcmVmZXJyZXJwb2xpY3k9XCJuby1yZWZlcnJlclwiIHNyYz1cIi8vd3d3Lmdvb2dsZS5jb20vcGFnZWFkL2RydC91aVwiIHN0eWxlPVwid2lkdGg6MXB4O2hlaWdodDoxcHg7XCI%2BPC9hbXAtcGl4ZWw%2BPGRpdiBhcmlhLWhpZGRlbj1cInRydWVcIiBjbGFzcz1cImFiZ2MgYWJnZiBwZW5cIiBkaXI9XCJsdHJcIiBpZD1cImFiZ2NcIj48ZGl2IGNsYXNzPVwiYWJnY3AgcGVhXCIgaWQ9XCJhYmdjcFwiPjxkaXYgY2xhc3M9XCJhYmdzXCIgaWQ9XCJhYmdzXCI%2BPGEgY2xhc3M9XCJhYmdsXCIgaHJlZj1cImh0dHBzOi8vYWRzc2V0dGluZ3MuZ29vZ2xlLmNvbS93aHl0aGlzYWQ%2Fc291cmNlPWRpc3BsYXkmYW1wO3JlYXNvbnM9QVFXRm5pdVNURHY3a1BUSUswVXlYUFJYekwzRlM2czZLUllPcVJSMnMwNXF2STVMbFFXX3ItZmZBMWlsYXB4LTdZak1hYk1mdEUtUXpiVjZaTG5Vc1g1X245N2FaOEl4THA1RW1Oc3VYOS1QdDFJa2pDR1RwaU1LTy1MQ1BmSG4teFE5eGlQczZlS1pUbnRTbjdCSmdnOUo4QXFYMTk5NjdRajhTZE9sdVZxZURJZzNJQ3JDLTI5WUFfd1FsU2V1elF5eHk2Qm0wOEdhLVExTG11WWNPZ2E5NmtGTnVKNldNR09iVWJxMjZNWTFGRnlsNkJZd3Z2OEZlZ1VrQWtaeldZZXhXNm9weVV5Tks2YXpDbXdKSkM4RkJZNWNLd1R5TTlvakZCdUJHZTFSUHA3Rl9ua2xPTFRxNlkwTlRjLU9DTHJraW9KVmNQeWtSQmdTSlYtYVJEU1Bqc2hCemEyX2RVdHM2aHc5cjZEM2lLOHNEWkVUcjFWM3FTUnRTU3Npbk1wX1ZZck1sZzI3N0duR25DdmJWOWRzTDV1RDlVRUZBdy0zM2phUUxTQS13VTd4b0hfTFlYQzE4Z01Hbl9mZlQ2WlpmRW0tY3EyQmRDX3ZVN280ZVpHbUZUNEw4ZU51MnBGOWl2ZmQwRWtudGZJajVWckRaLThsR09NSDM0RW85RWZwYzN0c3BKR3YyaTlWazVsM2szTzZja1ZLZ2YteU1uc1dNWTNBaG1IMFpkMGM1U0VwSHdCLUk5aEtvSTRMby1FRlg5d0lmYnk2bWxOUkhYNFMyOVhLY1JmNjQ2VDlpLXZySkdHUnJLUmpCeS00WWZzRUJLRUdaOF9lb1Y1T0Z2ZGJmOTJ3akJOb3dfMHY0YkNobV9vSFZMbG1XenE1S1gtc2MzaVg2RmMycHhHZGh6cDQtZEdzV1dRc05kaWtyTG4yeXlRYXQtQmt3dndTVUwyRWowbmVMX0JFQjZrNjhhbU1uRmR0LWQyTVo2eXdOVG9fQjF0NTBXMUNvSVdsWmNGNy1DakIyeW9wbUFOdks5b29Gb1BFbVBoTEJHdXlSbVNDV2FsUEM2RlQwTFVKSnNrejJhOERiMmxIWXhXX01CRjlDWWM1OHN2c3hQMkNScEkzN2FtTnFtVVhrX2xvZmVnWUE2UWNyXzRWNV85Z01pdm9HMEZ3bklLbUN4VnRpdVpFV2lwTk9ZUW56LVJTRGRJS1VBZEJ6RS1wRGVNUHlDRk9VWlhyTVBRSm82R3FsRk52NnM1MFRMaTc1SkdyeS1uZTczdFpmNktsZXpBZjBwa0pfX0NMQVk2N1BCNGJNZlRTcnNRbFY1X3owa2tmQkZUU1JWNjFiQ1dsUENFTkY4NUFMYzJ6cHJfazhMZDhHWmhYNU9WMzR1OWFKTEJ3bDVqT0hUaUVjdzlieEc4SGx6T212dWwyTDFDcHVwSW5BRHRrcG1yRmROb1hRd093RkxyeTVtZlJTNnZYcVJQT29nTjVVN0FVUG8wLXFGeWl6dUV3NFlRYmNmZ1JmbnoyT2pFbDRobUlld1VjajdpOW05VFFoNFNCMWM0RUtwNEh1bVp1eGRXSEJwcVdHUzJqTDZQZ25HLWJtbXFadW1qMTJhV1oyaVB5RE5fTFJiTkVmM3FSdjZsTVZob2tkZG45c1YwS1hpN1ItaU1fM2lHakxZUHZHbXpMdzQzUHg2a2dtR2MzODN6T1pBTmFVWFk2LVRJRFQ5Y0JScUR0N0FFcTR5SER5X09xQ3NzMU1Vbm9nNGZYcllnTFJDdk5GWkRyWEM0c1pjSEtQMWNVUG1wRE4wYnQwQUtCeWJzdDZSdWFZc1EtWmV4YmtSVndUSW02eGptTDRoT0g0MXY0OW5sM1ZTdl9OVW1oMnRBWnFLWk13MnF2TEdaMUFYLWVyb2pLbGVCV2xGQ2VFYThBU1NxbWlFM2NQTDdRc1ZEbXU2SGdFTEc0WGhlOUJiRlNMMlNYX3lPVkFQQ29ScHhhNkZTbE5ZMGRPOS16WGRveG1xZ21icE1TMnlHX1V5U29kcHZSLXVraWFadTZacEFMd2Z4SDFJMGd6RzByZXFOSGUyelpsMnJ5NFdNenNvcWc5dHpBRTBRcHFkUzdxb0lVRW9KcmxQM0JocDNLS3Q2TzRlc2h0SkVzQkJYWWlmeHlIaHZxSWRjNHB0c0xweGp2ME03YXd0TVRCamZQR3BTVlJpQk1wcGpWVEF4UE1iX1Jxd295cUJqMDJtRVcxTjdjc3lPYnpHeWs3WHlLcmdseE1VbXFkSnVERUhGNEk3YTU0LURtdk9JSWdpcW5wTU9WeXloTUtoNGs1dEJPanVhQWpTb3VjS1ltNG1JalBKU1RHR0paME5UNW92M3UwYlVMcWhYd1Y1Zll1NDdmY0lIUHlGODhrQ2M0X1NXT01Va1BodllXVERBWWlNdXMyaWhGR29ITE5maVVMR2FxWC1BQWMwWlAxcGExb3hEWGNmbTRKcWwwX2F5UUYzMHNpc3hCb2R0N3R5T2hXYkFkU19WTlFRR2JFYXNSNWgxUTg1V2F6N0dESURLVW5FM1RjM2RmeTdZVjFSSlBtX2dfdE1ROE91Rk9YXzVaSEg0WjVmM2RfdjFzUWpvMHh5RVpaelJkZm1ORjl0NG1ZTGE4dDVMOVhQVDctMDM2UE9UYllKRkg4YmJOeUlDZm5nXCIgaWQ9XCJhYmdsXCIgdGFyZ2V0PVwiX2JsYW5rXCI%2BPGFtcC1pbWcgY2xhc3M9XCJpLWFtcGh0bWwtbGF5b3V0LWZpeGVkIGktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkXCIgaGVpZ2h0PVwiMTVcIiBpLWFtcGh0bWwtbGF5b3V0PVwiZml4ZWRcIiBpLWFtcGh0bWwtc3NyPVwiXCIgc3JjPVwiaHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9pbWFnZXMvYWRjaG9pY2VzL2VuLnBuZ1wiIHN0eWxlPVwid2lkdGg6NzVweDtoZWlnaHQ6MTVweDtcIiB3aWR0aD1cIjc1XCI%2BPGltZyBjbGFzcz1cImktYW1waHRtbC1maWxsLWNvbnRlbnQgaS1hbXBodG1sLXJlcGxhY2VkLWNvbnRlbnRcIiBkZWNvZGluZz1cImFzeW5jXCIgc3JjPVwiaHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9pbWFnZXMvYWRjaG9pY2VzL2VuLnBuZ1wiPjwvYW1wLWltZz48L2E%2BPC9kaXY%2BPGRpdiBjbGFzcz1cImFiZ2JcIiBpZD1cImFiZ2JcIj48YSBocmVmPVwiaHR0cHM6Ly9hZHNzZXR0aW5ncy5nb29nbGUuY29tL3doeXRoaXNhZD9zb3VyY2U9ZGlzcGxheSZhbXA7cmVhc29ucz1BUVdGbml1U1REdjdrUFRJSzBVeVhQUlh6TDNGUzZzNktSWU9xUlIyczA1cXZJNUxsUVdfci1mZkExaWxhcHgtN1lqTWFiTWZ0RS1RemJWNlpMblVzWDVfbjk3YVo4SXhMcDVFbU5zdVg5LVB0MUlrakNHVHBpTUtPLUxDUGZIbi14UTl4aVBzNmVLWlRudFNuN0JKZ2c5SjhBcVgxOTk2N1FqOFNkT2x1VnFlRElnM0lDckMtMjlZQV93UWxTZXV6UXl4eTZCbTA4R2EtUTFMbXVZY09nYTk2a0ZOdUo2V01HT2JVYnEyNk1ZMUZGeWw2Qll3dnY4RmVnVWtBa1p6V1lleFc2b3B5VXlOSzZhekNtd0pKQzhGQlk1Y0t3VHlNOW9qRkJ1QkdlMVJQcDdGX25rbE9MVHE2WTBOVGMtT0NMcmtpb0pWY1B5a1JCZ1NKVi1hUkRTUGpzaEJ6YTJfZFV0czZodzlyNkQzaUs4c0RaRVRyMVYzcVNSdFNTc2luTXBfVllyTWxnMjc3R25HbkN2YlY5ZHNMNXVEOVVFRkF3LTMzamFRTFNBLXdVN3hvSF9MWVhDMThnTUduX2ZmVDZaWmZFbS1jcTJCZENfdlU3bzRlWkdtRlQ0TDhlTnUycEY5&i=4-9&t=adltag_lp17o8ft_KMB6etP319A&r=5dab7f594fc7dc490754ca8e05fa4c6&c=gomedia&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-26.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: JMp5ooK.bLI0bHKiicbtT15yvD3ZR5I9
date: Thu, 16 Nov 2023 08:11:41 GMT
via: 1.1 76fb21fcb70866221c67558e2f776540.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 24500
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Fri, 28 Oct 2022 01:30:44 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: yHhrl2VVAaHljKGeVVmGsOms6Gck0Fh6vDJsuOeQcPCEogmUr40Cqw==

POST
H2 200 place
gomedia-tagan.adlightning.com/ Frame 418C 0
445 B 28ms
26ms Ping
image/gif 13.227.219.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gomedia-tagan.adlightning.com/place?p=1&d=aXZmZDBFa250ZklqNVZyRFotOGxHT01IMzRFbzlFZnBjM3RzcEpHdjJpOVZrNWwzazNPNmNrVktnZi15TW5zV01ZM0FobUgwWmQwYzVTRXBId0ItSTloS29JNExvLUVGWDl3SWZieTZtbE5SSFg0UzI5WEtjUmY2NDZUOWktdnJKR0dScktSakJ5LTRZZnNFQktFR1o4X2VvVjVPRnZkYmY5MndqQk5vd18wdjRiQ2htX29IVkxsbVd6cTVLWC1zYzNpWDZGYzJweEdkaHpwNC1kR3NXV1FzTmRpa3JMbjJ5eVFhdC1Ca3d2d1NVTDJFajBuZUxfQkVCNms2OGFtTW5GZHQtZDJNWjZ5d05Ub19CMXQ1MFcxQ29JV2xaY0Y3LUNqQjJ5b3BtQU52Szlvb0ZvUEVtUGhMQkd1eVJtU0NXYWxQQzZGVDBMVUpKc2t6MmE4RGIybEhZeFdfTUJGOUNZYzU4c3ZzeFAyQ1JwSTM3YW1OcW1VWGtfbG9mZWdZQTZRY3JfNFY1XzlnTWl2b0cwRnduSUttQ3hWdGl1WkVXaXBOT1lRbnotUlNEZElLVUFkQnpFLXBEZU1QeUNGT1VaWHJNUFFKbzZHcWxGTnY2czUwVExpNzVKR3J5LW5lNzN0WmY2S2xlekFmMHBrSl9fQ0xBWTY3UEI0Yk1mVFNyc1FsVjVfejBra2ZCRlRTUlY2MWJDV2xQQ0VORjg1QUxjMnpwcl9rOExkOEdaaFg1T1YzNHU5YUpMQndsNWpPSFRpRWN3OWJ4RzhIbHpPbXZ1bDJMMUNwdXBJbkFEdGtwbXJGZE5vWFF3T3dGTHJ5NW1mUlM2dlhxUlBPb2dONVU3QVVQbzAtcUZ5aXp1RXc0WVFiY2ZnUmZuejJPakVsNGhtSWV3VWNqN2k5bTlUUWg0U0IxYzRFS3A0SHVtWnV4ZFdIQnBxV0dTMmpMNlBnbkctYm1tcVp1bWoxMmFXWjJpUHlETl9MUmJORWYzcVJ2NmxNVmhva2RkbjlzVjBLWGk3Ui1pTV8zaUdqTFlQdkdtekx3NDNQeDZrZ21HYzM4M3pPWkFOYVVYWTYtVElEVDljQlJxRHQ3QUVxNHlIRHlfT3FDc3MxTVVub2c0ZlhyWWdMUkN2TkZaRHJYQzRzWmNIS1AxY1VQbXBETjBidDBBS0J5YnN0NlJ1YVlzUS1aZXhia1JWd1RJbTZ4am1MNGhPSDQxdjQ5bmwzVlN2X05VbWgydEFacUtaTXcycXZMR1oxQVgtZXJvaktsZUJXbEZDZUVhOEFTU3FtaUUzY1BMN1FzVkRtdTZIZ0VMRzRYaGU5QmJGU0wyU1hfeU9WQVBDb1JweGE2RlNsTlkwZE85LXpYZG94bXFnbWJwTVMyeUdfVXlTb2RwdlItdWtpYVp1NlpwQUx3ZnhIMUkwZ3pHMHJlcU5IZTJ6Wmwycnk0V016c29xZzl0ekFFMFFwcWRTN3FvSVVFb0pybFAzQmhwM0tLdDZPNGVzaHRKRXNCQlhZaWZ4eUhodnFJZGM0cHRzTHB4anYwTTdhd3RNVEJqZlBHcFNWUmlCTXBwalZUQXhQTWJfUnF3b3lxQmowMm1FVzFON2NzeU9iekd5azdYeUtyZ2x4TVVtcWRKdURFSEY0STdhNTQtRG12T0lJZ2lxbnBNT1Z5eWhNS2g0azV0Qk9qdWFBalNvdWNLWW00bUlqUEpTVEdHSlowTlQ1b3YzdTBiVUxxaFh3VjVmWXU0N2ZjSUhQeUY4OGtDYzRfU1dPTVVrUGh2WVdUREFZaU11czJpaEZHb0hMTmZpVUxHYXFYLUFBYzBaUDFwYTFveERYY2ZtNEpxbDBfYXlRRjMwc2lzeEJvZHQ3dHlPaFdiQWRTX1ZOUVFHYkVhc1I1aDFRODVXYXo3R0RJREtVbkUzVGMzZGZ5N1lWMVJKUG1fZ190TVE4T3VGT1hfNVpISDRaNWYzZF92MXNRam8weHlFWlp6UmRmbU5GOXQ0bVlMYTh0NUw5WFBUNy0wMzZQT1RiWUpGSDhiYk55SUNmbmdcIiB0YXJnZXQ9XCJfYmxhbmtcIj48YW1wLWltZyBjbGFzcz1cImktYW1waHRtbC1sYXlvdXQtZml4ZWQgaS1hbXBodG1sLWxheW91dC1zaXplLWRlZmluZWRcIiBoZWlnaHQ9XCIxNVwiIGktYW1waHRtbC1sYXlvdXQ9XCJmaXhlZFwiIGktYW1waHRtbC1zc3I9XCJcIiBzcmM9XCJodHRwczovL3RwYy5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2ltYWdlcy9hZGNob2ljZXMvaWNvbi5wbmdcIiBzdHlsZT1cIndpZHRoOjE1cHg7aGVpZ2h0OjE1cHg7XCIgd2lkdGg9XCIxNVwiPjxpbWcgY2xhc3M9XCJpLWFtcGh0bWwtZmlsbC1jb250ZW50IGktYW1waHRtbC1yZXBsYWNlZC1jb250ZW50XCIgZGVjb2Rpbmc9XCJhc3luY1wiIHNyYz1cImh0dHBzOi8vdHBjLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvaW1hZ2VzL2FkY2hvaWNlcy9pY29uLnBuZ1wiPjwvYW1wLWltZz48L2E%2BPC9kaXY%2BPC9kaXY%2BPGFtcC1hbmFseXRpY3MgY2xhc3M9XCJpLWFtcGh0bWwtbGF5b3V0LWZpeGVkIGktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkXCIgaS1hbXBodG1sLWxheW91dD1cImZpeGVkXCIgc3R5bGU9XCJ3aWR0aDoxcHg7aGVpZ2h0OjFweDtcIiB0cmlnZ2VyPVwiaW1tZWRpYXRlXCI%2BPHNjcmlwdCB0eXBlPVwiYXBwbGljYXRpb24vanNvblwiPntcInJlcXVlc3RzXCI6IHtcInJlcG9ydE5vTGFiZWxJbnN0YW5jZVwiOiBcImh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9pbnRlcmFjdGlvbi8%2FYWk9QzQ0WW9SUlZXWmE2U0F1U1NqdXdQcjZXYzJBZkZnNFdlZFAyQzRwLUlDbVFRQVNDSXpZNGVZSlVDb0FIejVadlRBOGdCQXFrQ0tUZjVoY292c2o3Z0FnQ29Bd0hJQXdpcUJLd0NUOUMyMm5QRmVCR2JsVkotTzZHaTRxMHZvXzA2VU53ZFByRUFpelBYSGR4T3ZxdUZIRTFsNGVrN2loLUdXMVVzZ0NyUmRMb3llWDZVU2stSE52Z09GSm1qLVItQ2JUcFdtMVhuZER1TjJkbnlpUmpGcWh6TkFHenA2UU1ZelFvMF9mdEpCTF9lS3p2d0dfUHllNU95bE1oQ2ZZcWdzemFIcDFla3pKVndHSlo0alVvY2xZTU16blZqai1fQ2hTX0d6cmRrSEhlMDdKNHk2UTEzb3BuSUtRNk9tbkI4T2VfLXhrd200MUVwbmhBdFJmV1lwUUZWQVlwMzFSSzhPbmNvU0M1MzZUbDEzWTU3eWpLcm10MTMwdEZXOHlkUWtqbjc3NVhnRVNtRUc4ZDBMUEpBRDVWYk43OHUybWFoM09uYTl5b1BoRDFNSG9ITUVtU2h0VTU3eE1ZV1VYSkFOb1BMcFhpTHJWOHprYjBDRndZLWV5SkdIOUdXRXV5LVR4b3ZSQm5fOGllYmJDaUVDaDlxd0FUMnZZRENuZ0xnQkFHSUJjREMwNXNZb0FZQ2dBZkh6S2FPQWFnSDJiYXhBcWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I5WEpHNmdIcHI0YnFBZWFCcWdIODlFYnFBZVcyQnVvQjZxYnNRS29CNE90c1FLb0JfLWVzUUtvQjktZnNRS29COHFwc1FLb0ItdWxzUUxZQndIU0NCWUlnT0dBRUJBQkdCMHlBcW9DT2dLQVFFaTlfY0U2c1Ftb0NMYVJCTjlOVTRBS0E1Z0xBY2dMQWFJTUdDb1dDaFRrdExFQzdyV3hBclc0c1FMa3RMRUM3cld4QXRvTUVRb0xFTUNvNjhpMGw3UzNzQUVTQWdFRHFnMENSRVhJRFFIaURSTUlqSTZ4c016SWdnTVZaSW1EQngydkVnZDcyQk1PMEJVQi1CWUJnQmNCJnNpZ2g9YmVBVFBHRjUwLWMmY2lkPUNBUVNUUURJQ2FhTkRHQkJfdXJDc1cxOE5SaHdQMkk4WjJNSGtVYUZkb0tRV0hQZ1luamhWelJDYWhIdDcxUTVHOUFtd0hScW81ZUZBbXFIUmp4MHBROERsaWpydVdpVWpHUzB0ZW5EUlB4TSZjaWQ9Q0FRU1RRRElDYWFOREdCQl91ckNzVzE4TlJod1AySThaMk1Ia1VhRmRvS1FXSFBnWW5qaFZ6UkNhaEh0NzFRNUc5QW13SFJxbzVlRkFtcUhSangwcFE4RGxpanJ1V2lVakdTMHRlbkRSUHhNJmxhYmVsPSR7bGFiZWx9XCIsXCJyZXBvcnRMYWJlbEluc3RhbmNlXCI6IFwiaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2ludGVyYWN0aW9uLz9haT1DNDRZb1JSVldaYTZTQXVTU2p1d1ByNldjMkFmRmc0V2VkUDJDNHAtSUNtUVFBU0NJelk0ZVlKVUNvQUh6NVp2VEE4Z0JBcWtDS1RmNWhjb3ZzajdnQWdDb0F3SElBd2lxQkt3Q1Q5QzIyblBGZUJHYmxWSi1PNkdpNHEwdm9fMDZVTndkUHJFQWl6UFhIZHhPdnF1RkhFMWw0ZWs3aWgtR1cxVXNnQ3JSZExveWVYNlVTay1ITnZnT0ZKbWotUi1DYlRwV20xWG5kRHVOMmRueWlSakZxaHpOQUd6cDZRTVl6UW8wX2Z0SkJMX2VLenZ3R19QeWU1T3lsTWhDZllxZ3N6YUhwMWVrekpWd0dKWjRqVW9jbFlNTXpuVmpqLV9DaFNfR3pyZGtISGUwN0o0eTZRMTNvcG5JS1E2T21uQjhPZV8teGt3bTQxRXBuaEF0UmZXWXBRRlZBWXAzMVJLOE9uY29TQzUzNlRsMTNZNTd5aktybXQxMzB0Rlc4eWRRa2puNzc1WGdFU21FRzhkMExQSkFENVZiTjc4dTJtYWgzT25hOXlvUGhEMU1Ib0hNRW1TaHRVNTd4TVlXVVhKQU5vUExwWGlMclY4emtiMENGd1ktZXlKR0g5R1dFdXktVHhvdlJCbl84aWViYkNpRUNoOXF3QVQydllEQ25nTGdCQUdJQmNEQzA1c1lvQVlDZ0FmSHpLYU9BYWdIMmJheEFxZ0hqczRicUFlVDJCdW9CLTZXc1FLb0JfNmVzUUtvQjlYSkc2Z0hwcjRicUFlYUJxZ0g4OUVicUFlVzJCdW9CNnFic1FLb0I0T3RzUUtvQl8tZXNRS29COS1mc1FLb0I4cXBzUUtvQi11bHNRTFlCd0hTQ0JZSWdPR0FFQkFCR0IweUFxb0NPZ0tBUUVpOV9jRTZzUW1vQ0xhUkJOOU5VNEFLQTVnTEFjZ0xBYUlNR0NvV0NoVGt0TEVDN3JXeEFyVzRzUUxrdExFQzdyV3hBdG9NRVFvTEVNQ282OGkwbDdTM3NBRVNBZ0VEcWcwQ1JFWElEUUhpRFJNSWpJNnhzTXpJZ2dNVlpJbURCeDJ2RWdkNzJCTU8wQlVCLUJZQmdCY0Imc2lnaD1iZUFUUEdGNTAtYyZjaWQ9Q0FRU1RRRElDYWFOREdCQl91ckNzVzE4TlJod1AySThaMk1Ia1VhRmRvS1FXSFBnWW5qaFZ6UkNhaEh0NzFRNUc5QW13SFJxbzVlRkFtcUhSangwcFE4RGxpanJ1V2lVakdTMHRlbkRSUHhNJmNpZD1DQVFTVFFESUNhYU5ER0JCX3VyQ3NXMThOUmh3UDJJOFoyTUhrVWFGZG9LUVdIUGdZbmpoVnpSQ2FoSHQ3MVE1RzlBbXdIUnFvNWVGQW1xSFJqeDBwUThEbGlqcnVXaVVqR1MwdGVuRFJQeE0mbGFiZWw9JHtsYWJlbH0mbGFiZWxfaW5zdGFuY2U9JHtsYWJlbEluc3RhbmNlfSZjYnQ9R3JEM3NBTl9vUzRJX1lMaW40Z0tFTURDMDVzWUdQTEJ3NDRCSWhWcGEyRnlhV0Z0TG1kaGJXVm1iM0puWlM1amIyMHlDQWdGRXhpbjVnRVVRaGRqWVMxd2RXSXRPVEkyT0RRME1EZzRNelEwT0RreU5VZ01XQUp3QVhvR0NBUVNBZ2NrXCJ9LFwidHJhbnNwb3J0XCI6IHtcImJlYWNvblwiOiBmYWxzZSxcInhocnBvc3RcIjogZmFsc2UsXCJpbWFnZVwiOiB0cnVlfSxcInRyaWdnZXJzXCI6IHtcInRyYWNrTXV0ZVwiOiB7XCJvblwiOiBcImNsaWNrXCIsXCJzZWxlY3RvclwiOiBcImxhYmVsW2Zvcj0nc3ByMSddXCIsXCJyZXF1ZXN0XCI6IFwicmVwb3J0Tm9MYWJlbEluc3RhbmNlXCJ9LFwidHJhY2tSZXBvcnRBZFwiOiB7XCJvblwiOiBcImNsaWNrXCIsXCJzZWxlY3RvclwiOiBcImxhYmVsW2Zvcj0nc3ByMiddXCIsXCJyZXF1ZXN0XCI6IFwicmVwb3J0TGFiZWxJbnN0YW5jZVwifSxcInRyYWNrU3VydmV5UmVzcG9uc2VcIjoge1wib25cIjogXCJjbGlja1wiLFwic2VsZWN0b3JcIjogXCJsYWJlbFtmb3I9J3NwcjMnXVwiLFwicmVxdWVzdFwiOiBcInJlcG9ydExhYmVsSW5zdGFuY2VcIn0sXCJ0cmFja1doeVRoaXNBZFwiOiB7XCJvblwiOiBcImNsaWNrXCIsXCJzZWxlY3RvclwiOiBcIiNzYnRuXCIsXCJyZXF1ZXN0XCI6IFwicmVwb3J0TGFiZWxJbnN0YW5jZVwifX19PC9zY3JpcHQ%2BPC9hbXAtYW5hbHl0aWNzPjxmb3JtIGFjdGlvbj1cIi8vZy5jb1wiIGNsYXNzPVwic2ggc3MganQgYW1wLWFuaW1hdGUgYWJnZiBwZW5cIiBpZD1cIm10YVwiIHN0eWxlPVwicG9zaXRpb246YWJzb2x1dGU7dG9wOjA7Zm9udC1mYW1pbHk6QXJpYWwsc2Fucy1zZXJpZjtmb250LXNpemU6MTJweDtmb250LXdlaWdodDo0MDA7bGluZS1oZWlnaHQ6MWVtXCIgdGFyZ2V0PVwiX2JsYW5rXCI%2BPGlucHV0IGlkPVwic3ByMFwiIG5hbWU9XCJhXCIgdHlwZT1cInJhZGlvXCI%2BPGlucHV0IGlkPVwic3ByMVwiIG5hbWU9XCJhXCIgdHlwZT1cInJhZGlvXCI%2BPGlucHV0IGlkPVwic3ByMlwiIG5hbWU9XCJhXCIgdHlwZT1cInJhZGlvXCI%2BPGlucHV0IGlkPVwic3ByM1wiIG5hbWU9XCJhXCIgdHlwZT1cInJhZGlvXCI%2BPGxhYmVsIGNsYXNzPVwiY2JiIHBlYVwiIGRhdGEtdmFycy1sYWJlbD1cInVzZXJfZmVlZGJhY2tfbWVudV9pbnRlcmFjdGlvblwiIGZvcj1cInNwcjFcIiBpZD1cImNiYlwiPjxzdmcgc3R5bGU9XCJ3aWR0aDoxNXB4O2hlaWdodDoxNXB4O3ZlcnRpY2FsLWFsaWduOnRvcFwiIHhtbG5zPVwiLy93d3cudzMub3JnLzIwMDAvc3ZnXCI%2BPHBhdGggZD1cIk0wLDBsMTUsMGwwLDE1bC0xNSwwWlwiIGZpbGw9XCIjY2RjY2NjXCI%2BPC9wYXRoPjxwYXRoIGQ9XCJNMy4yNSwzLjI1bDguNSw4LjVNMTEuNzUsMy4yNWwtOC41LDguNVwiIH&i=5-9&t=adltag_lp17o8ft_KMB6etP319A&r=5dab7f594fc7dc490754ca8e05fa4c6&c=gomedia&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-26.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: JMp5ooK.bLI0bHKiicbtT15yvD3ZR5I9
date: Thu, 16 Nov 2023 08:11:41 GMT
via: 1.1 76fb21fcb70866221c67558e2f776540.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 24500
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Fri, 28 Oct 2022 01:30:44 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: ZuFfFcAFCXp1i0yLX8lPUPzSo_aOlfDoAer8NIL67bynJ7alX5bH9w==

POST
H2 200 place
gomedia-tagan.adlightning.com/ Frame 418C 0
447 B 33ms
31ms Ping
image/gif 13.227.219.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gomedia-tagan.adlightning.com/place?p=1&d=N0cm9rZT1cIiMwMGFlY2RcIiBzdHJva2Utd2lkdGg9XCIxLjI1XCI%2BPC9wYXRoPjwvc3ZnPjwvbGFiZWw%2BPGRpdiBjbGFzcz1cInBuIGFiZ2ZcIiBpZD1cInNwdjFcIiBzdHlsZT1cInBvc2l0aW9uOmFic29sdXRlOy1tb3otYm94LXNpemluZzpib3JkZXItYm94Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveDtiYWNrZ3JvdW5kLWNvbG9yOiNmYWZhZmE7dGV4dC1hbGlnbjpjZW50ZXJcIj48YW1wLWZpdC10ZXh0IGNsYXNzPVwiZmwgaS1hbXBodG1sLWxheW91dC1yZXNwb25zaXZlIGktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkXCIgaGVpZ2h0PVwiMjUwXCIgaS1hbXBodG1sLWxheW91dD1cInJlc3BvbnNpdmVcIiBsYXlvdXQ9XCJyZXNwb25zaXZlXCIgbWF4LWZvbnQtc2l6ZT1cIjIwXCIgbWluLWZvbnQtc2l6ZT1cIjhcIiB3aWR0aD1cIjk3MFwiPjxpLWFtcGh0bWwtc2l6ZXIgc2xvdD1cImktYW1waHRtbC1zdmNcIiBzdHlsZT1cImRpc3BsYXk6YmxvY2s7cGFkZGluZy10b3A6MjUuNzczMiU7XCI%2BPC9pLWFtcGh0bWwtc2l6ZXI%2BPGRpdiBjbGFzcz1cImNsb3NlXCIgaWQ9XCJtZW51LWRpc21pc3NcIiBzdHlsZT1cInBvc2l0aW9uOmFic29sdXRlO3RvcDoycHg7Y29sb3I6IzAwMDtmb250LXNpemU6MTVweDtsaW5lLWhlaWdodDoxNXB4O29wYWNpdHk6LjU7aGVpZ2h0OjE1cHg7d2lkdGg6MTVweDt1c2VyLXNlbGVjdDpub25lO2N1cnNvcjpwb2ludGVyXCI%2BPGxhYmVsIGZvcj1cInNwcjBcIj48c3ZnIHZpZXdCb3g9XCIwIDAgMjQgMjRcIj48cGF0aCBjbGFzcz1cIm5hdGl2ZS1hcnJvd1wiIGQ9XCJNMjAgMTFINy44M2w1LjU5LTUuNTlMMTIgNGwtOCA4IDggOCAxLjQxLTEuNDFMNy44MyAxM0gyMHYtMnpcIj48L3BhdGg%2BPC9zdmc%2BPC9sYWJlbD48L2Rpdj48ZGl2IGlkPVwidGlcIj48c3BhbiBjbGFzcz1cImN0XCIgc3R5bGU9XCJkaXNwbGF5OmlubGluZS1ibG9jaztsaW5lLWhlaWdodDoxLjI4ZW07Y29sb3I6cmdiYSgwLDAsMCwuNCk7dGV4dC1hbGlnbjpjZW50ZXI7cGFkZGluZzouM2VtXCI%2BQWRzIGJ5IDxzdmcgZmlsbD1cIiMwMDAwMDBcIiB2aWV3Qm94PVwiMCAwIDYwIDI0XCIgeG1sbnM9XCJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2Z1wiPjxwYXRoIGQ9XCJNNy41IDE2LjI5Yy00LjA3IDAtNy40OS0zLjMxLTcuNDktNy4zOFMzLjQzIDEuNTMgNy41IDEuNTNjMi4yNSAwIDMuODUuODggNS4wNiAyLjAzbC0xLjQyIDEuNDJjLS44Ny0uODEtMi4wNC0xLjQ0LTMuNjQtMS40NC0yLjk3IDAtNS4yOSAyLjQtNS4yOSA1LjM3czIuMzIgNS4zNyA1LjI5IDUuMzdjMS45MyAwIDMuMDMtLjc3IDMuNzMtMS40OC41OC0uNTguOTUtMS40IDEuMS0yLjU0SDcuNVY4LjI0aDYuNzljLjA3LjM2LjExLjc5LjExIDEuMjYgMCAxLjUxLS40MSAzLjM5LTEuNzUgNC43Mi0xLjMgMS4zNS0yLjk1IDIuMDctNS4xNSAyLjA3em0xNy43NS00Ljc2YzAgMi43NC0yLjEzIDQuNzUtNC43NSA0Ljc1cy00Ljc1LTIuMDItNC43NS00Ljc1YzAtMi43NSAyLjEzLTQuNzUgNC43NS00Ljc1czQuNzUgMiA0Ljc1IDQuNzV6bS0yLjA4IDBjMC0xLjcxLTEuMjQtMi44OC0yLjY3LTIuODhzLTIuNjcgMS4xNy0yLjY3IDIuODhjMCAxLjY5IDEuMjQgMi44OCAyLjY3IDIuODhzMi42Ny0xLjE4IDIuNjctMi44OHptMTMuMDggMGMwIDIuNzQtMi4xMyA0Ljc1LTQuNzUgNC43NXMtNC43NS0yLjAyLTQuNzUtNC43NWMwLTIuNzUgMi4xMy00Ljc1IDQuNzUtNC43NXM0Ljc1IDIgNC43NSA0Ljc1em0tMi4wOCAwYzAtMS43MS0xLjI0LTIuODgtMi42Ny0yLjg4cy0yLjY3IDEuMTctMi42NyAyLjg4YzAgMS42OSAxLjI0IDIuODggMi42NyAyLjg4czIuNjctMS4xOCAyLjY3LTIuODh6bTEyLjU4LTQuNDZ2OC41M2MwIDMuNTEtMi4wNyA0Ljk1LTQuNTIgNC45NS0yLjMgMC0zLjY5LTEuNTUtNC4yMS0yLjgxbDEuODItLjc2Yy4zMi43NyAxLjEyIDEuNjkgMi4zOSAxLjY5IDEuNTcgMCAyLjU0LS45NyAyLjU0LTIuNzl2LS42OGgtLjA3Yy0uNDcuNTgtMS4zNyAxLjA4LTIuNSAxLjA4LTIuMzggMC00LjU2LTIuMDctNC41Ni00Ljc0IDAtMi42OCAyLjE4LTQuNzcgNC41Ni00Ljc3IDEuMTMgMCAyLjAzLjUgMi41IDEuMDZoLjA3di0uNzZoMS45OHptLTEuODQgNC40OGMwLTEuNjctMS4xMi0yLjktMi41NC0yLjktMS40NCAwLTIuNjUgMS4yMi0yLjY1IDIuOSAwIDEuNjYgMS4yMSAyLjg2IDIuNjUgMi44NiAxLjQzLjAxIDIuNTQtMS4yIDIuNTQtMi44NnptNS44OS05LjUyVjE2aC0yLjA5VjIuMDNoMi4wOXptOC40OSAxMS4wN2wxLjYyIDEuMDhjLS41Mi43Ny0xLjc4IDIuMTEtMy45NiAyLjExLTIuNyAwLTQuNzItMi4wOS00LjcyLTQuNzUgMC0yLjgzIDIuMDMtNC43NSA0LjQ4LTQuNzUgMi40NyAwIDMuNjcgMS45NiA0LjA3IDMuMDJsLjIyLjU0LTYuMzYgMi42M2MuNDkuOTUgMS4yNCAxLjQ0IDIuMyAxLjQ0IDEuMDcgMCAxLjgxLS41MyAyLjM1LTEuMzJ6bS00Ljk5LTEuNzFsNC4yNS0xLjc2Yy0uMjMtLjU5LS45NC0xLjAxLTEuNzYtMS4wMS0xLjA2IDAtMi41NC45My0yLjQ5IDIuNzd6XCI%2BPC9wYXRoPjxwYXRoIGQ9XCJNMCAwaDYydjI0SDB6XCIgZmlsbD1cIm5vbmVcIj48L3BhdGg%2BPC9zdmc%2BPC9zcGFuPjwvZGl2PjxkaXYgaWQ9XCJidG5zXCI%2BPGxhYmVsIGRhdGEtdmFycy1sYWJlbD1cInVzZXJfZmVlZGJhY2tfbWVudV9vcHRpb25cIiBkYXRhLXZhcnMtbGFiZWwtaW5zdGFuY2U9XCIxXCIgZm9yPVwic3ByMlwiPjxhIGNsYXNzPVwiYnRuXCIgaWQ9XCJyYnRuXCIgc3R5bGU9XCJkaXNwbGF5OmlubGluZS1ibG9jaztib3JkZXItcmFkaXVzOjJweDstbW96LWJveC1zaXppbmc6Ym9yZGVyLWJveDstd2Via2l0LWJveC1zaXppbmc6Ym9yZGVyLWJveDtib3gtc2l6aW5nOmJvcmRlci1ib3g7Ym94LXNoYWRvdzowcHggMHB4IDJweCByZ2JhKDAsMCwwLC4xMiksMHB4IDFweCAzcHggcmdiYSgwLDAsMCwuMjYpO2N1cnNvcjpwb2ludGVyO2ZvbnQtc2l6ZTouN2VtO21hcmdpbjowIDFweCAuNGVtIDFweDtiYWNrZ3JvdW5kLWNvbG9yOiM0Mjg1ZjU7Y29sb3I6d2hpdGVcIj48c3BhbiBzdHlsZT1cImRpc3BsYXk6aW5saW5lLWJsb2NrO3BhZGRpbmc6LjVlbSAuNmVtO2xpbmUtaGVpZ2h0OjFlbVwiPlNlbmQgZmVlZGJhY2s8L3NwYW4%2BPC9hPjwvbGFiZWw%2BPGxhYmVsPjxhIGNsYXNzPVwiYnRuXCIgZGF0YS12YXJzLWxhYmVsPVwiY2xvc2VidXR0b25fd2h5dGhpc2FkX2NsaWNrXCIgZGF0YS12YXJzLWxhYmVsLWluc3RhbmNlPVwiMVwiIGhyZWY9XCJodHRwczovL2Fkc3NldHRpbmdzLmdvb2dsZS5jb20vd2h5dGhpc2FkP3NvdXJjZT1kaXNwbGF5JmFtcDtyZWFzb25zPUFRV0ZuaXVTVER2N2tQVElLMFV5WFBSWHpMM0ZTNnM2S1JZT3FSUjJzMDVxdkk1TGxRV19yLWZmQTFpbGFweC03WWpNYWJNZnRFLVF6YlY2WkxuVXNYNV9uOTdhWjhJeExwNUVtTnN1WDktUHQxSWtqQ0dUcGlNS08tTENQZkhuLXhROXhpUHM2ZUtaVG50U243QkpnZzlKOEFxWDE5OTY3UWo4U2RPbHVWcWVESWczSUNyQy0yOVlBX3dRbFNldXpReXh5NkJtMDhHYS1RMUxtdVljT2dhOTZrRk51SjZXTUdPYlVicTI2TVkxRkZ5bDZCWXd2djhGZWdVa0FrWnpXWWV4VzZvcHlVeU5LNmF6Q213SkpDOEZCWTVjS3dUeU05b2pGQnVCR2UxUlBwN0ZfbmtsT0xUcTZZME5UYy1PQ0xya2lvSlZjUHlrUkJnU0pWLWFSRFNQanNoQnphMl9kVXRzNmh3OXI2RDNpSzhzRFpFVHIxVjNxU1J0U1NzaW5NcF9WWXJNbGcyNzdHbkduQ3ZiVjlkc0w1dUQ5VUVGQXctMzNqYVFMU0Etd1U3eG9IX0xZWEMxOGdNR25fZmZUNlpaZkVtLWNxMkJkQ192VTdvNGVaR21GVDRMOGVOdTJwRjlpdmZkMEVrbnRmSWo1VnJEWi04bEdPTUgzNEVvOUVmcGMzdHNwSkd2Mmk5Vms1bDNrM082Y2tWS2dmLXlNbnNXTVkzQWhtSDBaZDBjNVNFcEh3Qi1JOWhLb0k0TG8tRUZYOXdJZmJ5Nm1sTlJIWDRTMjlYS2NSZjY0NlQ5aS12ckpHR1JyS1JqQnktNFlmc0VCS0VHWjhfZW9WNU9GdmRiZjkyd2pCTm93XzB2NGJDaG1fb0hWTGxtV3pxNUtYLXNjM2lYNkZjMnB4R2RoenA0LWRHc1dXUXNOZGlrckxuMnl5UWF0LUJrd3Z3U1VMMkVqMG5lTF9CRUI2azY4YW1NbkZkdC1kMk1aNnl3TlRvX0IxdDUwVzFDb0lXbFpjRjctQ2pCMnlvcG1BTnZLOW9vRm9QRW1QaExCR3V5Um1TQ1dhbFBDNkZUMExVSkpza3oyYThEYjJsSFl4V19NQkY5Q1ljNThzdnN4UDJDUnBJMzdhbU5xbVVYa19sb2ZlZ1lBNlFjcl80VjVfOWdNaXZvRzBGd25JS21DeFZ0aXVaRVdpcE5PWVFuei1SU0RkSUtVQWRCekUtcERlTVB5Q0ZPVVpYck1QUUpvNkdxbEZOdjZzNTBUTGk3NUpHcnktbmU3M3RaZjZLbGV6QWYwcGtKX19DTEFZNjdQQjRiTWZUU3JzUWxWNV96MGtrZkJGVFNSVjYxYkNXbFBDRU5GODVBTGMyenByX2s4TGQ4R1poWDVPVjM0dTlhSkxCd2w1ak9IVGlFY3c5YnhHOEhsek9tdnVsMkwxQ3B1cEluQUR0a3BtckZkTm9YUXdPd0ZMcnk1bWZSUzZ2WHFSUE9vZ041VTdBVVBvMC1xRnlpenVFdzRZUWJjZmdSZm56Mk9qRWw0aG1JZXdVY2o3aTltOVRRaDRTQjFjNEVLcDRIdW1adXhkV0hCcHFXR1Myakw2UGduRy1ibW1xWnVtajEyYVdaMmlQeUROX0xSYk5FZjNxUnY2bE1WaG9rZGRuOXNWMEtYaTdSLWlNXzNpR2pMWVB2R216THc0M1B4NmtnbUdjMzgzek9aQU5hVVhZNi1USURUOWNCUnFEdDdBRXE0eUhEeV9PcUNzczFNVW5vZzRmWHJZZ0xSQ3ZORlpEclhDNHNaY0hLUDFjVVBtcEROMGJ0MEFLQnlic3Q2UnVhWXNRLVpleGJrUlZ3VEltNnhqbUw0aE9INDF2NDlubDNWU3ZfTlVtaDJ0QVpxS1pNdzJxdkxHWjFBWC1lcm9qS2xlQldsRkNlRWE4QVNTcW1pRTNjUEw3UXNWRG11NkhnRUxHNFhoZTlCYkZTTDJTWF95T1ZBUENvUnB4YTZGU2xOWTBkTzktelhkb3htcWdtYnBNUzJ5R19VeVNvZHB2Ui11a2lhWnU2WnBBTHdmeEgxSTBnekcwcmVxTkhlMnpabDJyeTRXTXpzb3FnOXR6QUUwUXBxZFM3cW9JVUVvSnJsUDNCaHAzS0t0Nk80ZXNodEpFc0JCWFlpZnh5SGh2cUlkYzRwdHNMcHhqdjBNN2F3dE1UQmpmUEdwU1ZSaUJNcHBqVlRBeFBNYl9ScXdveXFCajAybUVXMU43Y3N5T2J6R3lrN1h5S3JnbHhNVW1xZEp1REVIRjRJN2E1NC1EbXZPSUlnaXFucE1PVnl5aE1LaDRrNXRCT2p1YUFqU291Y0tZbTRtSWpQSlNUR0dKWjBOVDVvdjN1MGJVTHFoWHdWNWZZdTQ3ZmNJSFB5Rjg4a0NjNF9TV09NVWtQaHZZV1REQVlpTXVzMmloRkdvSExOZmlVTEdhcVgtQUFjMFpQMXBhMW94RFhjZm00SnFsMF9heVFGMzBzaXN4Qm9kdDd0eU9oV2JBZFNfVk5RUUdiRWFzUjVoMVE4NVdhejdHRElES1VuRTNUYzNkZnk3WVYxUkpQbV9nX3RNUThPdUZPWF81WkhINFo1ZjNkX3Yxc1FqbzB4eUVaWnpSZGZtTkY5dDRtWUxhOHQ1TDlYUFQ3LTAzNlBPVGJZSkZIOGJiTnlJQ2ZuZ1wiIGlkPVwic2J0blwiIHN0eWxlPVwiYmFja2dyb3VuZC1jb2xvcjojZmZmO2NvbG9yOiM5ZTllYTY7dGV4dC1kZWNvcmF0aW9uOm5vbmU7ZGlzcGxheTppbmxpbmUtYmxvY2s7Ym9yZGVyLXJhZGl1czoycHg7LW1vei1ib3gtc2l6aW5nOmJvcmRlci1ib3g7LXdlYmtpdC1ib3gtc2l6aW5nOmJvcmRlci1ib3g7Ym94LXNpemluZzpib3JkZXItYm94O2JveC1zaGFkb3c6MHB4IDBweCAycHggcmdiYSgwLDAsMCwuMTIpLDBweCAxcHggM3B4IHJnYmEoMCwwLDAsLjI2KTtjdXJzb3I6cG9pbnRlcjtmb250LXNpemU6LjdlbTttYXJnaW46MCAxcHggLjRlbSAxcHhcIiB0YXJnZXQ9XCJfYmxhbmtcIj48c3BhbiBzdHlsZT1cImRpc3BsYXk6aW5saW5lLWJsb2NrO3BhZGRpbmc6LjVlbSAuNmVtO2xpbmUtaGVpZ2h0OjFlbVwiPldoeSB0aGlzIGFkPyZuYnNwOzxzdmcgZmlsbD1cIiMwMDAwMDBcIiBpZD1cInNpXCIgc3R5bGU9XCJwb3NpdGlvbjpyZWxhdGl2ZTtkaXNwbGF5OmlubGluZS1ibG9jazttYXJnaW4tYm90dG9tOi0uMTVlbTtoZWlnaHQ6MWVtO3dpZHRoOjFlbTtvcGFjaXR5Oi40XCIgdmlld0JveD1cIjAgMCAxNiAxNlwiIHhtbG5zPVwiLy93d3cudzMub3JnLzIwMDAvc3ZnXCI%2BPGNpcmNs&i=6-9&t=adltag_lp17o8ft_KMB6etP319A&r=5dab7f594fc7dc490754ca8e05fa4c6&c=gomedia&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-26.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: JMp5ooK.bLI0bHKiicbtT15yvD3ZR5I9
date: Thu, 16 Nov 2023 08:11:41 GMT
via: 1.1 76fb21fcb70866221c67558e2f776540.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 24500
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Fri, 28 Oct 2022 01:30:44 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 9EGzCfXY_-uMPhkkX6vOXnFV7VAlXytfYU_ghhN0p6zYyXFQOUzXrg==

POST
H2 200 place
gomedia-tagan.adlightning.com/ Frame 418C 0
444 B 34ms
32ms Ping
image/gif 13.227.219.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gomedia-tagan.adlightning.com/place?p=1&d=ZSBjeD1cIjZcIiBjeT1cIjZcIiByPVwiMC42N1wiPjwvY2lyY2xlPjxwYXRoIGQ9XCJNNC4yLDExLjNRMy4zLDExLjgsMy4zLDEwLjc1TDMuMyw0LjFRMy4zLDMuMSw0LjMsMy41TDEwLjQsNy4wUTEyLjAsNy41LDEwLjQsOC4wTDYuNjUsMTAuMEw2LjY1LDcuNzVhMC42NSwwLjY1LDAsMSwwLC0xLjMsMEw1LjM1LDEwLjc1YTAuOSwwLjksMCwwLDAsMS4zLDAuOEwxMi43LDguMlExMy43LDcuNSwxMi43LDYuN0wzLjMsMS42UTIuMiwxLjMsMS44LDIuNUwxLjgsMTIuNVEyLjIsMTMuOSwzLjMsMTMuM0w0LjgsMTIuNUEwLjMsMC4zLDAsMSwwLDQuMiwxMS4zWlwiPjwvcGF0aD48L3N2Zz48L3NwYW4%2BPC9hPjwvbGFiZWw%2BPC9kaXY%2BPC9hbXAtZml0LXRleHQ%2BPC9kaXY%2BPGRpdiBjbGFzcz1cInBuIGFiZ2ZcIiBpZD1cInNwdjJcIiBzdHlsZT1cImRpc3BsYXk6LXdlYmtpdC1mbGV4O2Rpc3BsYXk6ZmxleDstd2Via2l0LWp1c3RpZnktY29udGVudDpjZW50ZXI7anVzdGlmeS1jb250ZW50OmNlbnRlcjstd2Via2l0LWZsZXgtd3JhcDpub3dyYXA7ZmxleC13cmFwOm5vd3JhcDtvdmVyZmxvdzpoaWRkZW47YmFja2dyb3VuZC1jb2xvcjojZmFmYWZhO2ZvbnQtc2l6ZTowO3Bvc2l0aW9uOmFic29sdXRlOy1tb3otYm94LXNpemluZzpib3JkZXItYm94Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveDtiYWNrZ3JvdW5kLWNvbG9yOiNmYWZhZmE7dGV4dC1hbGlnbjpjZW50ZXJcIj48bGFiZWwgY2xhc3M9XCJzYiBzb1wiIGRhdGEtdmFycy1sYWJlbD1cIm11dGVfc3VydmV5X29wdGlvblwiIGRhdGEtdmFycy1sYWJlbC1pbnN0YW5jZT1cIjJcIiBmb3I9XCJzcHIzXCIgc3R5bGU9XCJwb3NpdGlvbjpyZWxhdGl2ZTt6LWluZGV4OjkxMTA7b3ZlcmZsb3c6aGlkZGVuO2Rpc3BsYXk6aW5saW5lLWJsb2NrO3BhZGRpbmc6MXB4IDVweDtiYWNrZ3JvdW5kLWNvbG9yOiNGRkY7Y3Vyc29yOnBvaW50ZXI7ZmxleC1zaHJpbms6MFwiPjxkaXYgc3R5bGU9XCJkaXNwbGF5Oi13ZWJraXQtZmxleDtkaXNwbGF5OmZsZXg7LXdlYmtpdC1hbGlnbi1pdGVtczpjZW50ZXI7YWxpZ24taXRlbXM6Y2VudGVyOy13ZWJraXQtanVzdGlmeS1jb250ZW50OmNlbnRlcjtqdXN0aWZ5LWNvbnRlbnQ6Y2VudGVyO3dpZHRoOjEwMCU7aGVpZ2h0OjEwMCVcIj48c3BhbiBzdHlsZT1cImNvbG9yOiM0Mjg1ZjQ7Zm9udC1mYW1pbHk6QXJpYWwsc2Fucy1zZXJpZjt0ZXh0LWFsaWduOmNlbnRlcjtmb250LXNpemU6MTJweDtsaW5lLWhlaWdodDoxNHB4O3doaXRlLXNwYWNlOm5vcm1hbFwiPlNlZW4gdGhpcyBhZCBtdWx0aXBsZSB0aW1lczwvc3Bhbj48L2Rpdj48L2xhYmVsPjxsYWJlbCBjbGFzcz1cInNiIHNvXCIgZGF0YS12YXJzLWxhYmVsPVwibXV0ZV9zdXJ2ZXlfb3B0aW9uXCIgZGF0YS12YXJzLWxhYmVsLWluc3RhbmNlPVwiM1wiIGZvcj1cInNwcjNcIiBzdHlsZT1cInBvc2l0aW9uOnJlbGF0aXZlO3otaW5kZXg6OTExMDtvdmVyZmxvdzpoaWRkZW47ZGlzcGxheTppbmxpbmUtYmxvY2s7cGFkZGluZzoxcHggNXB4O2JhY2tncm91bmQtY29sb3I6I0ZGRjtjdXJzb3I6cG9pbnRlcjtmbGV4LXNocmluazowXCI%2BPGRpdiBzdHlsZT1cImRpc3BsYXk6LXdlYmtpdC1mbGV4O2Rpc3BsYXk6ZmxleDstd2Via2l0LWFsaWduLWl0ZW1zOmNlbnRlcjthbGlnbi1pdGVtczpjZW50ZXI7LXdlYmtpdC1qdXN0aWZ5LWNvbnRlbnQ6Y2VudGVyO2p1c3RpZnktY29udGVudDpjZW50ZXI7d2lkdGg6MTAwJTtoZWlnaHQ6MTAwJVwiPjxzcGFuIHN0eWxlPVwiY29sb3I6IzQyODVmNDtmb250LWZhbWlseTpBcmlhbCxzYW5zLXNlcmlmO3RleHQtYWxpZ246Y2VudGVyO2ZvbnQtc2l6ZToxMnB4O2xpbmUtaGVpZ2h0OjE0cHg7d2hpdGUtc3BhY2U6bm9ybWFsXCI%2BQWQgY292ZXJlZCBjb250ZW50PC9zcGFuPjwvZGl2PjwvbGFiZWw%2BPGxhYmVsIGNsYXNzPVwic2Igc29cIiBkYXRhLXZhcnMtbGFiZWw9XCJtdXRlX3N1cnZleV9vcHRpb25cIiBkYXRhLXZhcnMtbGFiZWwtaW5zdGFuY2U9XCI4XCIgZm9yPVwic3ByM1wiIHN0eWxlPVwicG9zaXRpb246cmVsYXRpdmU7ei1pbmRleDo5MTEwO292ZXJmbG93OmhpZGRlbjtkaXNwbGF5OmlubGluZS1ibG9jaztwYWRkaW5nOjFweCA1cHg7YmFja2dyb3VuZC1jb2xvcjojRkZGO2N1cnNvcjpwb2ludGVyO2ZsZXgtc2hyaW5rOjBcIj48ZGl2IHN0eWxlPVwiZGlzcGxheTotd2Via2l0LWZsZXg7ZGlzcGxheTpmbGV4Oy13ZWJraXQtYWxpZ24taXRlbXM6Y2VudGVyO2FsaWduLWl0ZW1zOmNlbnRlcjstd2Via2l0LWp1c3RpZnktY29udGVudDpjZW50ZXI7anVzdGlmeS1jb250ZW50OmNlbnRlcjt3aWR0aDoxMDAlO2hlaWdodDoxMDAlXCI%2BPHNwYW4gc3R5bGU9XCJjb2xvcjojNDI4NWY0O2ZvbnQtZmFtaWx5OkFyaWFsLHNhbnMtc2VyaWY7dGV4dC1hbGlnbjpjZW50ZXI7Zm9udC1zaXplOjEycHg7bGluZS1oZWlnaHQ6MTRweDt3aGl0ZS1zcGFjZTpub3JtYWxcIj5BZCB3YXMgaW5hcHByb3ByaWF0ZTwvc3Bhbj48L2Rpdj48L2xhYmVsPjxsYWJlbCBjbGFzcz1cInNiIHNvXCIgZGF0YS12YXJzLWxhYmVsPVwibXV0ZV9zdXJ2ZXlfb3B0aW9uXCIgZGF0YS12YXJzLWxhYmVsLWluc3RhbmNlPVwiN1wiIGZvcj1cInNwcjNcIiBzdHlsZT1cInBvc2l0aW9uOnJlbGF0aXZlO3otaW5kZXg6OTExMDtvdmVyZmxvdzpoaWRkZW47ZGlzcGxheTppbmxpbmUtYmxvY2s7cGFkZGluZzoxcHggNXB4O2JhY2tncm91bmQtY29sb3I6I0ZGRjtjdXJzb3I6cG9pbnRlcjtmbGV4LXNocmluazowXCI%2BPGRpdiBzdHlsZT1cImRpc3BsYXk6LXdlYmtpdC1mbGV4O2Rpc3BsYXk6ZmxleDstd2Via2l0LWFsaWduLWl0ZW1zOmNlbnRlcjthbGlnbi1pdGVtczpjZW50ZXI7LXdlYmtpdC1qdXN0aWZ5LWNvbnRlbnQ6Y2VudGVyO2p1c3RpZnktY29udGVudDpjZW50ZXI7d2lkdGg6MTAwJTtoZWlnaHQ6MTAwJVwiPjxzcGFuIHN0eWxlPVwiY29sb3I6IzQyODVmNDtmb250LWZhbWlseTpBcmlhbCxzYW5zLXNlcmlmO3RleHQtYWxpZ246Y2VudGVyO2ZvbnQtc2l6ZToxMnB4O2xpbmUtaGVpZ2h0OjE0cHg7d2hpdGUtc3BhY2U6bm9ybWFsXCI%2BTm90IGludGVyZXN0ZWQgaW4gdGhpcyBhZDwvc3Bhbj48L2Rpdj48L2xhYmVsPjwvZGl2PjxkaXYgY2xhc3M9XCJwbiBhYmdmXCIgaWQ9XCJzcHYzXCIgc3R5bGU9XCJwb3NpdGlvbjphYnNvbHV0ZTstbW96LWJveC1zaXppbmc6Ym9yZGVyLWJveDstd2Via2l0LWJveC1zaXppbmc6Ym9yZGVyLWJveDtib3gtc2l6aW5nOmJvcmRlci1ib3g7YmFja2dyb3VuZC1jb2xvcjojZmFmYWZhO3RleHQtYWxpZ246Y2VudGVyO29wYWNpdHk6MVwiPjxhbXAtZml0LXRleHQgY2xhc3M9XCJmbCBpLWFtcGh0bWwtbGF5b3V0LXJlc3BvbnNpdmUgaS1hbXBodG1sLWxheW91dC1zaXplLWRlZmluZWRcIiBoZWlnaHQ9XCIyNTBcIiBpLWFtcGh0bWwtbGF5b3V0PVwicmVzcG9uc2l2ZVwiIGxheW91dD1cInJlc3BvbnNpdmVcIiBtYXgtZm9udC1zaXplPVwiMTdcIiBtaW4tZm9udC1zaXplPVwiOFwiIHdpZHRoPVwiOTcwXCI%2BPGktYW1waHRtbC1zaXplciBzbG90PVwiaS1hbXBodG1sLXN2Y1wiIHN0eWxlPVwiZGlzcGxheTpibG9jaztwYWRkaW5nLXRvcDoyNS43NzMyJTtcIj48L2ktYW1waHRtbC1zaXplcj48c3BhbiBpZD1cInBjdFwiIHN0eWxlPVwiZGlzcGxheTpibG9jaztmb250LXdlaWdodDpib2xkO3BhZGRpbmc6MWVtIC4zZW1cIj5UaGFua3MuIEZlZWRiYWNrIGltcHJvdmVzIEdvb2dsZSBhZHM8L3NwYW4%2BPC9hbXAtZml0LXRleHQ%2BPC9kaXY%2BPGRpdiBjbGFzcz1cInBuIGFiZ2ZcIiBpZD1cInNwdjRcIiBzdHlsZT1cInBvc2l0aW9uOmFic29sdXRlOy1tb3otYm94LXNpemluZzpib3JkZXItYm94Oy13ZWJraXQtYm94LXNpemluZzpib3JkZXItYm94O2JveC1zaXppbmc6Ym9yZGVyLWJveDtiYWNrZ3JvdW5kLWNvbG9yOiNmYWZhZmE7dGV4dC1hbGlnbjpjZW50ZXJcIj48YW1wLWZpdC10ZXh0IGNsYXNzPVwiZmwgaS1hbXBodG1sLWxheW91dC1yZXNwb25zaXZlIGktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkXCIgaGVpZ2h0PVwiMjUwXCIgaS1hbXBodG1sLWxheW91dD1cInJlc3BvbnNpdmVcIiBsYXlvdXQ9XCJyZXNwb25zaXZlXCIgbWF4LWZvbnQtc2l6ZT1cIjIwXCIgbWluLWZvbnQtc2l6ZT1cIjhcIiB3aWR0aD1cIjk3MFwiPjxpLWFtcGh0bWwtc2l6ZXIgc2xvdD1cImktYW1waHRtbC1zdmNcIiBzdHlsZT1cImRpc3BsYXk6YmxvY2s7cGFkZGluZy10b3A6MjUuNzczMiU7XCI%2BPC9pLWFtcGh0bWwtc2l6ZXI%2BPHNwYW4gY2xhc3M9XCJjdCBmY3RcIiBzdHlsZT1cImRpc3BsYXk6aW5saW5lLWJsb2NrO2xpbmUtaGVpZ2h0OjEuMjhlbTtjb2xvcjpyZ2JhKDAsMCwwLC40KTt0ZXh0LWFsaWduOmNlbnRlcjtwYWRkaW5nOjFlbVwiPkFkIGNsb3NlZCBieSA8c3ZnIGZpbGw9XCIjMDAwMDAwXCIgdmlld0JveD1cIjAgMCA2MCAyNFwiIHhtbG5zPVwiaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmdcIj48cGF0aCBkPVwiTTcuNSAxNi4yOWMtNC4wNyAwLTcuNDktMy4zMS03LjQ5LTcuMzhTMy40MyAxLjUzIDcuNSAxLjUzYzIuMjUgMCAzLjg1Ljg4IDUuMDYgMi4wM2wtMS40MiAxLjQyYy0uODctLjgxLTIuMDQtMS40NC0zLjY0LTEuNDQtMi45NyAwLTUuMjkgMi40LTUuMjkgNS4zN3MyLjMyIDUuMzcgNS4yOSA1LjM3YzEuOTMgMCAzLjAzLS43NyAzLjczLTEuNDguNTgtLjU4Ljk1LTEuNCAxLjEtMi41NEg3LjVWOC4yNGg2Ljc5Yy4wNy4zNi4xMS43OS4xMSAxLjI2IDAgMS41MS0uNDEgMy4zOS0xLjc1IDQuNzItMS4zIDEuMzUtMi45NSAyLjA3LTUuMTUgMi4wN3ptMTcuNzUtNC43NmMwIDIuNzQtMi4xMyA0Ljc1LTQuNzUgNC43NXMtNC43NS0yLjAyLTQuNzUtNC43NWMwLTIuNzUgMi4xMy00Ljc1IDQuNzUtNC43NXM0Ljc1IDIgNC43NSA0Ljc1em0tMi4wOCAwYzAtMS43MS0xLjI0LTIuODgtMi42Ny0yLjg4cy0yLjY3IDEuMTctMi42NyAyLjg4YzAgMS42OSAxLjI0IDIuODggMi42NyAyLjg4czIuNjctMS4xOCAyLjY3LTIuODh6bTEzLjA4IDBjMCAyLjc0LTIuMTMgNC43NS00Ljc1IDQuNzVzLTQuNzUtMi4wMi00Ljc1LTQuNzVjMC0yLjc1IDIuMTMtNC43NSA0Ljc1LTQuNzVzNC43NSAyIDQuNzUgNC43NXptLTIuMDggMGMwLTEuNzEtMS4yNC0yLjg4LTIuNjctMi44OHMtMi42NyAxLjE3LTIuNjcgMi44OGMwIDEuNjkgMS4yNCAyLjg4IDIuNjcgMi44OHMyLjY3LTEuMTggMi42Ny0yLjg4em0xMi41OC00LjQ2djguNTNjMCAzLjUxLTIuMDcgNC45NS00LjUyIDQuOTUtMi4zIDAtMy42OS0xLjU1LTQuMjEtMi44MWwxLjgyLS43NmMuMzIuNzcgMS4xMiAxLjY5IDIuMzkgMS42OSAxLjU3IDAgMi41NC0uOTcgMi41NC0yLjc5di0uNjhoLS4wN2MtLjQ3LjU4LTEuMzcgMS4wOC0yLjUgMS4wOC0yLjM4IDAtNC41Ni0yLjA3LTQuNTYtNC43NCAwLTIuNjggMi4xOC00Ljc3IDQuNTYtNC43NyAxLjEzIDAgMi4wMy41IDIuNSAxLjA2aC4wN3YtLjc2aDEuOTh6bS0xLjg0IDQuNDhjMC0xLjY3LTEuMTItMi45LTIuNTQtMi45LTEuNDQgMC0yLjY1IDEuMjItMi42NSAyLjkgMCAxLjY2IDEuMjEgMi44NiAyLjY1IDIuODYgMS40My4wMSAyLjU0LTEuMiAyLjU0LTIuODZ6bTUuODktOS41MlYxNmgtMi4wOVYyLjAzaDIuMDl6bTguNDkgMTEuMDdsMS42MiAxLjA4Yy0uNTIuNzctMS43OCAyLjExLTMuOTYgMi4xMS0yLjcgMC00LjcyLTIuMDktNC43Mi00Ljc1IDAtMi44MyAyLjAzLTQuNzUgNC40OC00Ljc1IDIuNDcgMCAzLjY3IDEuOTYgNC4wNyAzLjAybC4yMi41NC02LjM2IDIuNjNjLjQ5Ljk1IDEuMjQgMS40NCAyLjMgMS40NCAxLjA3IDAgMS44MS0uNTMgMi4zNS0xLjMyem0tNC45OS0xLjcxbDQuMjUtMS43NmMtLjIzLS41OS0uOTQtMS4wMS0xLjc2LTEuMDEtMS4wNiAwLTIuNTQuOTMtMi40OSAyLjc3elwiPjwvcGF0aD48cGF0aCBkPVwiTTAgMGg2MnYyNEgwelwiIGZpbGw9XCJub25lXCI%2BPC9wYXRoPjwvc3ZnPjwvc3Bh&i=7-9&t=adltag_lp17o8ft_KMB6etP319A&r=5dab7f594fc7dc490754ca8e05fa4c6&c=gomedia&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-26.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: JMp5ooK.bLI0bHKiicbtT15yvD3ZR5I9
date: Thu, 16 Nov 2023 08:11:41 GMT
via: 1.1 76fb21fcb70866221c67558e2f776540.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 24500
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Fri, 28 Oct 2022 01:30:44 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: CW8QCcAkqrZvEdS-M1dgE71im2eB_99iOorvVil4KtPQwLhGjlqpJA==

POST
H2 200 place
gomedia-tagan.adlightning.com/ Frame 418C 0
446 B 34ms
32ms Ping
image/gif 13.227.219.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gomedia-tagan.adlightning.com/place?p=1&d=bj48L2FtcC1maXQtdGV4dD48L2Rpdj48L2Zvcm0%2BPC9kaXY%2BPC9kaXY%2BPC9kaXY%2BPGFtcC1waXhlbCBhbGxvdy1zc3ItaW1nPVwiXCIgY2xhc3M9XCJpLWFtcGh0bWwtbGF5b3V0LWZpeGVkIGktYW1waHRtbC1sYXlvdXQtc2l6ZS1kZWZpbmVkXCIgaS1hbXBodG1sLWxheW91dD1cImZpeGVkXCIgaS1hbXBodG1sLXNzcj1cIlwiIHNyYz1cIi8vd3d3Lmdvb2dsZS5jb20vYWRzL21lYXN1cmVtZW50L2w%2FZWJjaWQ9QUxoN0NhUmRwUThwampabzVPV0NMZHVDMTRNY3EwbW82ZDhHSXYxbm5TZnBMbUhPUVlhdTlHaGR4ZDZCbl9tdDc0VUZYRDZBdGZCaHVBSlR3RGJzMzAybzFCd1NmNU1VWGdcIiBzdHlsZT1cIndpZHRoOjFweDtoZWlnaHQ6MXB4O1wiPjxpbWcgc3JjPVwiLy93d3cuZ29vZ2xlLmNvbS9hZHMvbWVhc3VyZW1lbnQvbD9lYmNpZD1BTGg3Q2FSZHBROHBqalpvNU9XQ0xkdUMxNE1jcTBtbzZkOEdJdjFublNmcExtSE9RWWF1OUdoZHhkNkJuX210NzRVRlhENkF0ZkJodUFKVHdEYnMzMDJvMUJ3U2Y1TVVYZ1wiPjwvYW1wLXBpeGVsPjxkaXYgc3R5bGU9XCJib3R0b206MDtyaWdodDowO3dpZHRoOjk3MHB4O2hlaWdodDoyNTBweDtiYWNrZ3JvdW5kOmluaXRpYWw7cG9zaXRpb246YWJzb2x1dGU7bWF4LXdpZHRoOjEwMCU7bWF4LWhlaWdodDoxMDAlO3BvaW50ZXItZXZlbnRzOm5vbmU7aW1hZ2UtcmVuZGVyaW5nOnBpeGVsYXRlZDt6LWluZGV4OjIxNDc0ODM2NDc7YmFja2dyb3VuZC1pbWFnZTp1cmwoJ2RhdGE6aW1hZ2UvcG5nO2Jhc2U2NCxpVkJPUncwS0dnb0FBQUFOU1VoRVVnQUFBQ3NBQUFBV0JBTUFBQUNybDNpQUFBQUFCbEJNVkVVQUFBRCtBY2lXbVp6V0FBQUFBblJTVGxNQUFwaWRyQlFBQUFCNlNVUkJWQmpUYlZBTERrQWhDTUliY1AvVHZnbzBmWXMreTRVTUFkNElBWHZkQ3VENVhUY1hxZ29rMXl2VVI0aEZucmVyWWgvRnprYmR0K3BPb2prcGxJLzBEVE8zNk5BbTdFWkFhUUtXVEczLzAyTmF2Nks0RVEwam5uQW1xRDV0ekFSdGlEMkZYOE5JMEFjdFFidXdrZFJtQzdFbnFEbkYvUUNCeGdYTDVLWHkrQUFBQUFCSlJVNUVya0pnZ2c9PScpO1wiPjwvZGl2PjxhbXAtYW5hbHl0aWNzIGNsYXNzPVwiaS1hbXBodG1sLWxheW91dC1maXhlZCBpLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZFwiIGktYW1waHRtbC1sYXlvdXQ9XCJmaXhlZFwiIHN0eWxlPVwid2lkdGg6MXB4O2hlaWdodDoxcHg7XCIgdHJpZ2dlcj1cImltbWVkaWF0ZVwiPjxzY3JpcHQgdHlwZT1cImFwcGxpY2F0aW9uL2pzb25cIj57XCJ0cmFuc3BvcnRcIjoge1wiYmVhY29uXCI6IGZhbHNlLCBcInhocnBvc3RcIjogZmFsc2V9LFwicmVxdWVzdHNcIjoge1widmlzaWJpbGl0eTFcIjogXCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3Bjcy9hY3RpdmV2aWV3P3hhaT1BS0FPanN0MzdtZFlWMFRSVFpFbUV5VG1zZDVxb0FkcWk5V2pnSmRhUXRxR1lJRVBBUU9yUld0TzhOOW9kaGtHVzRUMlVENF9iNHd3WG1XNUl0OUFnWlpnNUNSVGk1OFp5Y0hUMHVka3h2SG9WZDA5ZDBRVXpnNzRYV3AtdF85SXJrYnB4cnRIV3RXajRTRkRNVnpzJnNhaT1BTWZsLVlUaWxoeUhGSUw5bjRQQ2tEX3UtdmhfdW1aMHVxWWpnakZMaHBxX2hPNk8wemtBMXBxSzdVNl9yWkx0blJnZFQxTGdMNzBkcW5OazVOUlRjbThTenF0ZDFLandWOENmVnBrTFZyRXlmSmQ1SXRBZnJKZmxuNlU1ZVlYb280TlNnVDdoWlpPcWM0OURVTXZ6M3R3JnNpZz1DZzBBcktKU3pNRUg2WEJzd2ZjVUVBRSZjaWQ9Q0FRU1RRRElDYWFOREdCQl91ckNzVzE4TlJod1AySThaMk1Ia1VhRmRvS1FXSFBnWW5qaFZ6UkNhaEh0NzFRNUc5QW13SFJxbzVlRkFtcUhSangwcFE4RGxpanJ1V2lVakdTMHRlbkRSUHhNR0FFJmlkPWFtcGltJm89JHtlbGVtZW50WH0sJHtlbGVtZW50WX0mZD0ke2VsZW1lbnRXaWR0aH0sJHtlbGVtZW50SGVpZ2h0fSZzcz0ke3NjcmVlbldpZHRofSwke3NjcmVlbkhlaWdodH0mYnM9JHt2aWV3cG9ydFdpZHRofSwke3ZpZXdwb3J0SGVpZ2h0fSZtY3Z0PSR7bWF4Q29udGludW91c1Zpc2libGVUaW1lfSZtdG9zPTAsMCwwLCR7bWF4Q29udGludW91c1Zpc2libGVUaW1lfSwke21heENvbnRpbnVvdXNWaXNpYmxlVGltZX0mdG9zPTAsMCwwLCR7dG90YWxWaXNpYmxlVGltZX0sMCZ0ZnM9JHtmaXJzdFNlZW5UaW1lfSZ0bHM9JHtsYXN0U2VlblRpbWV9Jmc9JHttaW5WaXNpYmxlUGVyY2VudGFnZX0maD0ke21heFZpc2libGVQZXJjZW50YWdlfSZ0dD0ke3RvdGFsVGltZX0mcj12JmF2bXM9YW1wYSZ1YXA9JHt1YWNoKHBsYXRmb3JtKX0mdWFwdj0ke3VhY2gocGxhdGZvcm1WZXJzaW9uKX0mdWFhPSR7dWFjaChhcmNoaXRlY3R1cmUpfSZ1YW09JHt1YWNoKG1vZGVsKX0mdWFmdj0ke3VhY2godWFGdWxsVmVyc2lvbil9JnVhYj0ke3VhY2goYml0bmVzcyl9JnVhZnZsPSR7dWFjaChmdWxsVmVyc2lvbkxpc3QpfSZ1YXc9JHt1YWNoKHdvdzY0KX0mYWRrPTBcIn0sXCJ0cmlnZ2Vyc1wiOiB7XCJjb250aW51b3VzVmlzaWJsZVwiOiB7XCJvblwiOiBcInZpc2libGVcIixcInJlcXVlc3RcIjogW1widmlzaWJpbGl0eTFcIl0sXCJwYXJlbnRQb3N0TWVzc2FnZVwiOiBcImltcHJlc3Npb24tdmlld2FibGVcIixcInZpc2liaWxpdHlTcGVjXCI6IHtcInNlbGVjdG9yXCI6IFwiOnJvb3RcIixcInZpc2libGVQZXJjZW50YWdlTWluXCI6IDMwLFwiY29udGludW91c1RpbWVNaW5cIjogMTAwMH19LFwidmlzaWJpbGl0eUNoYW5nZWRcIjoge1wib25cIjogXCJ2aXNpYmxlXCIsXCJwYXJlbnRQb3N0TWVzc2FnZVwiOiBcInZpc2liaWxpdHktY2hhbmdlZC0ke2ludGVyc2VjdGlvblJhdGlvfVwiLFwidmlzaWJpbGl0eVNwZWNcIjoge1wicmVwZWF0XCI6IHRydWUsXCJzZWxlY3RvclwiOiBcIjpyb290XCIsXCJ2aXNpYmxlUGVyY2VudGFnZVRocmVzaG9sZHNcIjogW1swLDBdLFswLDVdLFs1LDEwXSxbMTAsMTVdLFsxNSwyMF0sWzIwLDI1XSxbMjUsMzBdLFszMCwzNV0sWzM1LDQwXSxbNDAsNDVdLFs0NSw1MF0sWzUwLDU1XSxbNTUsNjBdLFs2MCw2NV0sWzY1LDcwXSxbNzAsNzVdLFs3NSw4MF0sWzgwLDg1XSxbODUsOTBdLFs5MCw5NV0sWzk1LDEwMF0sWzEwMCwxMDBdXX19LFwiaW5pTG9hZFwiOiB7XCJvblwiOiBcImluaS1sb2FkXCIsXCJwYXJlbnRQb3N0TWVzc2FnZVwiOiBcIntcXFwiY1xcXCI6XFxcInNmY2hhbm5lbDFcXFwiLFxcXCJwXFxcIjpcXFwie1xcXFxcXFwidWlkXFxcXFxcXCI6XFxcXFxcXCIxXFxcXFxcXCIsXFxcXFxcXCJ3aWR0aFxcXFxcXFwiOiR7c2Nyb2xsV2lkdGh9LFxcXFxcXFwiaGVpZ2h0XFxcXFxcXCI6JHtzY3JvbGxIZWlnaHR9fVxcXCIsXFxcInNcXFwiOlxcXCJjcmVhdGl2ZV9nZW9tZXRyeV91cGRhdGVcXFwifVxcblwifX19PC9zY3JpcHQ%2BPC9hbXAtYW5hbHl0aWNzPjxhbXAtYW5hbHl0aWNzIGNsYXNzPVwiaS1hbXBodG1sLWxheW91dC1maXhlZCBpLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZFwiIGktYW1waHRtbC1sYXlvdXQ9XCJmaXhlZFwiIHN0eWxlPVwid2lkdGg6MXB4O2hlaWdodDoxcHg7XCIgdHJpZ2dlcj1cImltbWVkaWF0ZVwiPjxzY3JpcHQgdHlwZT1cImFwcGxpY2F0aW9uL2pzb25cIj57XCJ0cmFuc3BvcnRcIjoge1wiYmVhY29uXCI6IHRydWUsIFwieGhycG9zdFwiOiBmYWxzZX0sXCJyZXF1ZXN0c1wiOiB7XCJhbXBlb3MxXCI6IFwiaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wY3MvYWN0aXZldmlldz94YWk9QUtBT2pzdDM3bWRZVjBUUlRaRW1FeVRtc2Q1cW9BZHFpOVdqZ0pkYVF0cUdZSUVQQVFPclJXdE84TjlvZGhrR1c0VDJVRDRfYjR3d1htVzVJdDlBZ1paZzVDUlRpNThaeWNIVDB1ZGt4dkhvVmQwOWQwUVV6Zzc0WFdwLXRfOUlya2JweHJ0SFd0V2o0U0ZETVZ6cyZzYWk9QU1mbC1ZVGlsaHlIRklMOW40UENrRF91LXZoX3VtWjB1cVlqZ2pGTGhwcV9oTzZPMHprQTFwcUs3VTZfclpMdG5SZ2RUMUxnTDcwZHFuTms1TlJUY204U3pxdGQxS2p3VjhDZlZwa0xWckV5ZkpkNUl0QWZySmZsbjZVNWVZWG9vNE5TZ1Q3aFpaT3FjNDlEVU12ejN0dyZzaWc9Q2cwQXJLSlN6TUVINlhCc3dmY1VFQUUmY2lkPUNBUVNUUURJQ2FhTkRHQkJfdXJDc1cxOE5SaHdQMkk4WjJNSGtVYUZkb0tRV0hQZ1luamhWelJDYWhIdDcxUTVHOUFtd0hScW81ZUZBbXFIUmp4MHBROERsaWpydVdpVWpHUzB0ZW5EUlB4TUdBRSZpZD1hbXBlb3Mmbz0ke2VsZW1lbnRYfSwke2VsZW1lbnRZfSZkPSR7ZWxlbWVudFdpZHRofSwke2VsZW1lbnRIZWlnaHR9JnNzPSR7c2NyZWVuV2lkdGh9LCR7c2NyZWVuSGVpZ2h0fSZicz0ke3ZpZXdwb3J0V2lkdGh9LCR7dmlld3BvcnRIZWlnaHR9Jm1jdnQ9JHttYXhDb250aW51b3VzVmlzaWJsZVRpbWV9Jm10b3M9MCwwLDAsJHttYXhDb250aW51b3VzVmlzaWJsZVRpbWV9LCR7bWF4Q29udGludW91c1Zpc2libGVUaW1lfSZ0b3M9MCwwLDAsJHt0b3RhbFZpc2libGVUaW1lfSwwJnRmcz0ke2ZpcnN0U2VlblRpbWV9JnRscz0ke2xhc3RTZWVuVGltZX0mZz0ke21pblZpc2libGVQZXJjZW50YWdlfSZoPSR7bWF4VmlzaWJsZVBlcmNlbnRhZ2V9JnB0PSR7cGFnZUxvYWRUaW1lfSZ0dD0ke3RvdGFsVGltZX0mcnB0PSR7bmF2VGltaW5nKG5hdmlnYXRpb25TdGFydCxsb2FkRXZlbnRTdGFydCl9JnJzdD0ke25hdlRpbWluZyhuYXZpZ2F0aW9uU3RhcnQpfSZyPWRlJmlzZD0ke2luaXRpYWxTY3JvbGxEZXB0aH0mbXNkPSR7bWF4U2Nyb2xsRGVwdGh9JmF2bXM9YW1wYVwifSxcInRyaWdnZXJzXCI6IHtcImVuZE9mU2Vzc2lvblwiOiB7XCJvblwiOiBcInZpc2libGVcIixcInJlcXVlc3RcIjpbXCJhbXBlb3MxXCJdLFwidmlzaWJpbGl0eVNwZWNcIjoge1wicmVwb3J0V2hlblwiOiBcImRvY3VtZW50RXhpdFwiLFwic2VsZWN0b3JcIjogXCI6cm9vdFwiLFwidmlzaWJsZVBlcmNlbnRhZ2VNaW5cIjogMzB9fX19PC9zY3JpcHQ%2BPC9hbXAtYW5hbHl0aWNzPjxhbXAtYW5hbHl0aWNzIGNsYXNzPVwiaS1hbXBodG1sLWxheW91dC1maXhlZCBpLWFtcGh0bWwtbGF5b3V0LXNpemUtZGVmaW5lZFwiIGktYW1waHRtbC1sYXlvdXQ9XCJmaXhlZFwiIHN0eWxlPVwid2lkdGg6MXB4O2hlaWdodDoxcHg7XCIgdHJpZ2dlcj1cImltbWVkaWF0ZVwiPjxzY3JpcHQgdHlwZT1cImFwcGxpY2F0aW9uL2pzb25cIj57XCJyZXF1ZXN0c1wiOiB7XCJwYWdldmlld1wiOiBcImh0dHBzOi8vc2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9hZHZpZXc%2FYWk9Qzh0dG9SUlZXWmE2U0F1U1NqdXdQcjZXYzJBZkZnNFdlZFAyQzRwLUlDbVFRQVNDSXpZNGVZSlVDb0FIejVadlRBOGdCQXFrQ0tUZjVoY292c2o3Z0FnQ29Bd0hJQXdpcUJLa0NUOUMyMm5QRmVCR2JsVkotTzZHaTRxMHZvXzA2VU53ZFByRUFpelBYSGR4T3ZxdUZIRTFsNGVrN2loLUdXMVVzZ0NyUmRMb3llWDZVU2stSE52Z09GSm1qLVItQ2JUcFdtMVhuZER1TjJkbnlpUmpGcWh6TkFHenA2UU1ZelFvMF9mdEpCTF9lS3p2d0dfUHllNU95bE1oQ2ZZcWdzemFIcDFla3pKVndHSlo0alVvY2xZTU16blZqai1fQ2hTX0d6cmRrSEhlMDdKNHk2UTEzb3BuSUtRNk9tbkI4T2VfLXhrd200MUVwbmhBdFJmV1lwUUZWQVlwMzFSSzhPbmNvU0M1MzZUbDEzWTU3eWpLcm10MTMwdEZXOHlkUWtqbjc3NVhnRVNtRUc4ZDBMUEpBRDVWYk43OHUybWFoM09uYTl5b1BoRDFNSG9ITUVtU2h0VTU3eE1ZV1VUQkNGeEU3QVlERU9LY3FhMEZvMmRKZFh5anJGZi1PdGdCYUpkVHhpamZUNnRVYWpHY1J3QVQydllEQ25nTGdCQUdJQmNEQzA1c1lrZ1VFQ0FRWUFaSUZCQWdGR0FTZ0JnS0FCOGZNcG80QnFBZlp0ckVDcUFlT3podW9CNVBZRzZnSDdwYXhBcWdIX3A2eEFxZ0gxY2ticUFlbXZodllCd0h5QndRUW1vdzgwZ2dXQ0lEaGdCQVFBUmdkTWdLcUFqb0NnRUJJdmYzQk9wb0p1UUZvZEhSd2N6b3ZMMlJsTG1scllYSnBZVzB1WjJGdFpXWnZjbWRsTG1OdmJTOXNZVzVrYVc1bk5DOF9hMmxrUFdFdE1ETTRNRFl0TURJeU1EWXRNVGt3T1Mxa05UZ3dOekF4T0NablpuTnBaRDF5WlcxaEpuVjBiVjl6YjNW&i=8-9&t=adltag_lp17o8ft_KMB6etP319A&r=5dab7f594fc7dc490754ca8e05fa4c6&c=gomedia&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-26.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: JMp5ooK.bLI0bHKiicbtT15yvD3ZR5I9
date: Thu, 16 Nov 2023 08:11:41 GMT
via: 1.1 76fb21fcb70866221c67558e2f776540.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 24500
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Fri, 28 Oct 2022 01:30:44 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: UcDg-VdVFpL4MYAvvZJ7Qsyc6sUwRjZgzu_bpHR_Q20FhDjuxDBhng==

POST
H2 200 place
gomedia-tagan.adlightning.com/ Frame 418C 0
445 B 34ms
33ms Ping
image/gif 13.227.219.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gomedia-tagan.adlightning.com/place?p=1&d=eVkyVTlaMjl2WjJ4bEpuVjBiVjl0WldScGRXMDljR0ZwWkNaMWRHMWZZMkZ0Y0dGcFoyNDlhV3RmWkdVdFpHVmZNRGt0TWpBeE9WOXpjMTl5WlcxaEpuVjBiVjlqYjI1MFpXNTBQWHRpWVc1dVpYSWxNakJ6YVhwbGZZQUtBOGdMQWFJTUdDb1dDaFRrdExFQzdyV3hBclc0c1FMa3RMRUM3cld4QXVJTkV3aU1qckd3ek1pQ0F4VmtpWU1ISGE4U0IzdllFdzdRRlFHQUZ3R3lGeDRLSEFnQUVoUndkV0l0TURRMU56VXlOekF6TVRNd05EWTBOeGppanc4JnNpZ2g9V01xR0pob2ZiZnMmdWFjaF9tPVtVQUNIXSZhc2U9MiZuaXM9QVRUUklCVVRJT05fUkVQT1JUSU5HX1NUQVRVUyZjaWQ9Q0FRU1RRRElDYWFOREdCQl91ckNzVzE4TlJod1AySThaMk1Ia1VhRmRvS1FXSFBnWW5qaFZ6UkNhaEh0NzFRNUc5QW13SFJxbzVlRkFtcUhSangwcFE4RGxpanJ1V2lVakdTMHRlbkRSUHhNR0FFJmNidnA9MlwifSxcInRyaWdnZXJzXCI6IHtcImRlZmF1bHRQYWdldmlld1wiOiB7XCJvblwiOiBcImluaS1sb2FkXCIsXCJyZXF1ZXN0XCI6IFwicGFnZXZpZXdcIn19LFwidHJhbnNwb3J0XCI6IHtcImF0dHJpYnV0aW9uc3JjXCI6IFwiXCIsXCJiZWFjb25cIjogZmFsc2UsXCJ4aHJwb3N0XCI6IGZhbHNlLFwiaW1hZ2VcIjogdHJ1ZX19PC9zY3JpcHQ%2BPC9hbXAtYW5hbHl0aWNzPjxhbXAtYWQtZXhpdCBjbGFzcz1cImktYW1waHRtbC1sYXlvdXQtY29udGFpbmVyXCIgaS1hbXBodG1sLWxheW91dD1cImNvbnRhaW5lclwiIGlkPVwiZXhpdC1hcGlcIj48c2NyaXB0IHR5cGU9XCJhcHBsaWNhdGlvbi9qc29uXCI%2Be1wiZmlsdGVyc1wiOnt9LFwib3B0aW9uc1wiOntcInN0YXJ0VGltaW5nRXZlbnRcIjpcIm5hdmlnYXRpb25TdGFydFwifSxcInRhcmdldHNcIjp7XCJsYW5kaW5nUGFnZVwiOntcImJlaGF2aW9yc1wiOntcImJyb3dzZXJBZENvbnZlcnNpb25cIjp7XCJhdHRyaWJ1dGlvbnNyY1wiOlwiXCIsXCJhdHRyaWJ1dGlvbmRlc3RpbmF0aW9uXCI6XCJcIixcImF0dHJpYnV0aW9uZXhwaXJ5XCI6XCJcIixcImF0dHJpYnV0aW9ucmVwb3J0dG9cIjpcIlwiLFwiYXR0cmlidXRpb25zb3VyY2VldmVudGlkXCI6XCJcIn0sXCJjbGlja1RhcmdldFwiOlwiX3RvcFwifSxcImZpbHRlcnNcIjpbXSxcImZpbmFsVXJsXCI6XCJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9hY2xrP3NhPWxcXHUwMDI2YWk9QzQ0WW9SUlZXWmE2U0F1U1NqdXdQcjZXYzJBZkZnNFdlZFAyQzRwLUlDbVFRQVNDSXpZNGVZSlVDb0FIejVadlRBOGdCQXFrQ0tUZjVoY292c2o3Z0FnQ29Bd0hJQXdpcUJLd0NUOUMyMm5QRmVCR2JsVkotTzZHaTRxMHZvXzA2VU53ZFByRUFpelBYSGR4T3ZxdUZIRTFsNGVrN2loLUdXMVVzZ0NyUmRMb3llWDZVU2stSE52Z09GSm1qLVItQ2JUcFdtMVhuZER1TjJkbnlpUmpGcWh6TkFHenA2UU1ZelFvMF9mdEpCTF9lS3p2d0dfUHllNU95bE1oQ2ZZcWdzemFIcDFla3pKVndHSlo0alVvY2xZTU16blZqai1fQ2hTX0d6cmRrSEhlMDdKNHk2UTEzb3BuSUtRNk9tbkI4T2VfLXhrd200MUVwbmhBdFJmV1lwUUZWQVlwMzFSSzhPbmNvU0M1MzZUbDEzWTU3eWpLcm10MTMwdEZXOHlkUWtqbjc3NVhnRVNtRUc4ZDBMUEpBRDVWYk43OHUybWFoM09uYTl5b1BoRDFNSG9ITUVtU2h0VTU3eE1ZV1VYSkFOb1BMcFhpTHJWOHprYjBDRndZLWV5SkdIOUdXRXV5LVR4b3ZSQm5fOGllYmJDaUVDaDlxd0FUMnZZRENuZ0xnQkFHSUJjREMwNXNZb0FZQ2dBZkh6S2FPQWFnSDJiYXhBcWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I5WEpHNmdIcHI0YnFBZWFCcWdIODlFYnFBZVcyQnVvQjZxYnNRS29CNE90c1FLb0JfLWVzUUtvQjktZnNRS29COHFwc1FLb0ItdWxzUUxZQndIU0NCWUlnT0dBRUJBQkdCMHlBcW9DT2dLQVFFaTlfY0U2c1Ftb0NMYVJCTjlOVTRBS0E1Z0xBY2dMQWFJTUdDb1dDaFRrdExFQzdyV3hBclc0c1FMa3RMRUM3cld4QXRvTUVRb0xFTUNvNjhpMGw3UzNzQUVTQWdFRHFnMENSRVhJRFFIaURSTUlqSTZ4c016SWdnTVZaSW1EQngydkVnZDcyQk1PMEJVQi1CWUJnQmNCXFx1MDAyNmFlPTFcXHUwMDI2YXNlPTJcXHUwMDI2Z2NsaWQ9RUFJYUlRb2JDaE1JN3NpeXNNeklnZ01WWkltREJ4MnZFZ2Q3RUFFWUFTQUFFZ0lJVF9EX0J3RVxcdTAwMjZudW09MVxcdTAwMjZjaWQ9Q0FRU1RRRElDYWFOREdCQl91ckNzVzE4TlJod1AySThaMk1Ia1VhRmRvS1FXSFBnWW5qaFZ6UkNhaEh0NzFRNUc5QW13SFJxbzVlRkFtcUhSangwcFE4RGxpanJ1V2lVakdTMHRlbkRSUHhNR0FFXFx1MDAyNnNpZz1BT0Q2NF8zSHNOd2ZCWElHZnh0U2ExLVJNTmtiYk5kSjRnXFx1MDAyNmNsaWVudD1jYS1wdWItOTI2ODQ0MDg4MzQ0ODkyNVxcdTAwMjZyZj01XFx1MDAyNm5iPV9nb29nQ2xpY2tMb2NhdGlvblxcdTAwMjZuaXM9QVRUUklCVVRJT05fUkVQT1JUSU5HX1NUQVRVU1xcdTAwMjZueD1DTElDS19YXFx1MDAyNm55PUNMSUNLX1lcXHUwMDI2dWFwPVVBQ0gocGxhdGZvcm0pXFx1MDAyNnVhcHY9VUFDSChwbGF0Zm9ybVZlcnNpb24pXFx1MDAyNnVhYT1VQUNIKGFyY2hpdGVjdHVyZSlcXHUwMDI2dWFtPVVBQ0gobW9kZWwpXFx1MDAyNnVhZnY9VUFDSCh1YUZ1bGxWZXJzaW9uKVxcdTAwMjZ1YWI9VUFDSChiaXRuZXNzKVxcdTAwMjZ1YXc9VUFDSCh3b3c2NClcXHUwMDI2dWFmdmw9VUFDSChmdWxsVmVyc2lvbkxpc3QpXFx1MDAyNmFkdXJsPWh0dHBzOi8vZGUuaWthcmlhbS5nYW1lZm9yZ2UuY29tL2xhbmRpbmc0LyUzRmtpZCUzRGEtMDM4MDYtMDIyMDYtMTkwOS1kNTgwNzAxOCUyNmdmc2lkJTNEcmVtYSUyNnV0bV9zb3VyY2UlM0Rnb29nbGUlMjZ1dG1fbWVkaXVtJTNEcGFpZCUyNnV0bV9jYW1wYWlnbiUzRGlrX2RlLWRlXzA5LTIwMTlfc3NfcmVtYSUyNnV0bV9jb250ZW50JTNEJTdCYmFubmVyJTI1MjBzaXplJTdEJTI2Z2NsaWQlM0RFQUlhSVFvYkNoTUk3c2l5c016SWdnTVZaSW1EQngydkVnZDdFQUVZQVNBQUVnSUlUX0RfQndFXCIsXCJ0cmFja2luZ1VybHNcIjpbXSxcInZhcnNcIjp7XCJfZ29vZ0NsaWNrTG9jYXRpb25cIjp7XCJkZWZhdWx0VmFsdWVcIjpcIlwiLFwiaWZyYW1lVHJhbnNwb3J0U2lnbmFsXCI6XCJcIn19fX19PC9zY3JpcHQ%2BPC9hbXAtYWQtZXhpdD48L2JvZHk%2BPC9odG1sPjwhLS0gSUZSQU1FIElOTkVSIENPTlRFTlQgLS0%2BIn0%3D&i=9-9&t=adltag_lp17o8ft_KMB6etP319A&r=5dab7f594fc7dc490754ca8e05fa4c6&c=gomedia&z=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-26.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: JMp5ooK.bLI0bHKiicbtT15yvD3ZR5I9
date: Thu, 16 Nov 2023 08:11:41 GMT
via: 1.1 76fb21fcb70866221c67558e2f776540.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 24500
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Fri, 28 Oct 2022 01:30:44 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: Ml_eXkTYTabHRU211Kqvy8RGUKaaD4Te3N8vjZS7GULDf2WCBtyp5g==

GET
H2 200 utsync.ashx Show response
ml314.com/ 62 B
254 B 33ms
32ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=90810&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.theonion.com%2F&pv=1700140364001_wav5z00u5&bl=en-us&cb=5804855&return=&ht=&d=&dc=&si=1700140364001_wav5z00u5&cid=&s=1600x1200&rp=&v=2.5.3.51
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1610
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:44 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 2276ms
321ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FBJXBGD4M8&gtm=45je3b81v9113953751z8894640252&_p=1700140352037&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1205822449.1700140353&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700140364&sct=1&seg=0&dl=https%3A%2F%2Fwww.theonion.com%2F&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&uid=none&en=page_view&_fv=1&_ss=1&ep.site_section=1636079510&ep.content_channel=none&ep.content_section=none&ep.content_subsection=none&ep.content_role=&ep.adblock=false&ep.content_type=frontpage&up.adblock=false&up.user_type=&tfd=16905
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 3C8E 52 KB
21 KB 78ms
77ms Script
text/javascript 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 11:49:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4983
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 16 Nov 2023 13:49:41 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 418C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

835ms
345ms

Image
text/html

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date: Thu, 16 Nov 2023 13:12:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 15960124689414866797
tpc.googlesyndication.com/simgad/ Frame 418C 47 KB
48 KB 28ms
27ms Image
image/jpeg 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15960124689414866797?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlCoX1kGrzfnp-hgP7G7v3vpEa7WA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

86c953ac4bc245c7f8e03237042119422ccc6d9351bdcda4dcbbea3f6157612e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:16:14 GMT
x-content-type-options: nosniff
age: 579391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48571
x-xss-protection: 0
last-modified: Thu, 12 Sep 2019 09:34:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Nov 2024 20:16:14 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 418C 2 KB
3 KB 49ms
48ms Image
image/png 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 17:17:56 GMT
x-content-type-options: nosniff
server: cafe
age: 71689
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Thu, 16 Nov 2023 17:17:56 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 418C 295 B
358 B 55ms
54ms Image
image/png 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:36:38 GMT
x-content-type-options: nosniff
server: cafe
age: 56167
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Thu, 16 Nov 2023 21:36:38 GMT

GET
DATA 200
OK truncated
/ Frame 3C8E 223 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e04b58bece0dbd167823f2def8fb66a5fa4385981131120e49aca99023a9f5f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
fonts.gstatic.com/s/librebaskerville/v14/ Frame 3C8E 27 KB
27 KB 29ms
27ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:wght@400;700&family=Roboto+Condensed&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:15:32 GMT
x-content-type-options: nosniff
age: 597433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27976
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 15:15:32 GMT

GET
H2 200 kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ Frame 3C8E 26 KB
27 KB 25ms
24ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:wght@400;700&family=Roboto+Condensed&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 06:26:38 GMT
x-content-type-options: nosniff
age: 456367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27120
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:42:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 06:26:38 GMT

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame 3C8E 20 KB
20 KB 23ms
22ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Baskerville:wght@400;700&family=Roboto+Condensed&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.theonion.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 18:00:05 GMT
x-content-type-options: nosniff
age: 69160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20824
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 18:00:05 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 0EBF 47 KB
13 KB 520ms
129ms Script
application/javascript 50.17.157.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=931294&campId=1600x350&pubId=4920965234&chanId=22405397127&placementId=6376910866&pubCreative=138446248708&pubOrder=3248573455&cb=2039925071&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-01
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.157.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-157-125.compute-1.amazonaws.com
Software: /
Resource Hash: b48fa9cb5dd2cdfaebc04d2663881ffeec73fdda710db7094f471d896cd6463e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:46 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK dv-measurements4946.js Show response
cdn.doubleverify.com/ Frame AF44 424 KB
100 KB 278ms
278ms Script
application/javascript 2.16.238.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4946.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.14 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-14.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 532cc63b02ed8f53da56d150a5e594a9a7bc44334a376556f9ffd2d5078197f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 13:12:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 11:28:09 GMT
Server: UploadServer
ETag: "207db46e6ac0ca4732907f40bbd2d096"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102043
Expires: Fri, 15 Nov 2024 13:12:46 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 3C8E 3 B
70 B 173ms
173ms XHR
text/plain 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1578839697&t=event&_s=1&dl=https%3A%2F%2Fwww.theonion.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x350&je=0&ec=Newsletter_Ads&ea=Viewable&el=The_Onion_Daily-138446248708&_u=AACAAEABAAAAACAAI~&jid=&gjid=&cid=1205822449.1700140353&tid=UA-142218-33&_gid=767182962.1700140353&_slc=1&z=1322408886

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 418C 0
0 163ms
162ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8ttoRRVWZa6SAuSSjuwPr6Wc2AfFg4WedP2C4p-ICmQQASCIzY4eYJUCoAHz5ZvTA8gBAqkCKTf5hcovsj7gAgCoAwHIAwiqBKkCT9C22nPFeBGblVJ-O6Gi4q0vo_06UNwdPrEAizPXHdxOvquFHE1l4ek7ih-GW1UsgCrRdLoyeX6USk-HNvgOFJmj-R-CbTpWm1XndDuN2dnyiRjFqhzNAGzp6QMYzQo0_ftJBL_eKzvwG_Pye5OylMhCfYqgszaHp1ekzJVwGJZ4jUoclYMMznVjj-_ChS_GzrdkHHe07J4y6Q13opnIKQ6OmnB8Oe_-xkwm41EpnhAtRfWYpQFVAYp31RK8OncoSC536Tl13Y57yjKrmt130tFW8ydQkjn775XgESmEG8d0LPJAD5VbN78u2mah3Ona9yoPhD1MHoHMEmShtU57xMYWUTBCFxE7AYDEOKcqa0Fo2dJdXyjrFf-OtgBaJdTxijfT6tUajGcRwAT2vYDCngLgBAGIBcDC05sYkgUECAQYAZIFBAgFGASgBgKAB8fMpo4BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQmow80ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJuQFodHRwczovL2RlLmlrYXJpYW0uZ2FtZWZvcmdlLmNvbS9sYW5kaW5nNC8_a2lkPWEtMDM4MDYtMDIyMDYtMTkwOS1kNTgwNzAxOCZnZnNpZD1yZW1hJnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09cGFpZCZ1dG1fY2FtcGFpZ249aWtfZGUtZGVfMDktMjAxOV9zc19yZW1hJnV0bV9jb250ZW50PXtiYW5uZXIlMjBzaXplfYAKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAuINEwiMjrGwzMiCAxVkiYMHHa8SB3vYEw7QFQGAFwGyFx4KHAgAEhRwdWItMDQ1NzUyNzAzMTMwNDY0Nxjijw8&sigh=WMqGJhofbfs&uach_m=[]&ase=2&nis=5&cid=CAQSTQDICaaNDGBB_urCsW18NRhwP2I8Z2MHkUaFdoKQWHPgYnjhVzRCahHt71Q5G9AmwHRqo5eFAmqHRjx0pQ8DlijruWiUjGS0tenDRPxMGAE&cbvp=2
Requested by: Host: www.theonion.com
URL: https://www.theonion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 info Show response
www.theonion.com/api/veritas/ 49 B
484 B 170ms
166ms Fetch
application/json 151.101.2.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/veritas/info?pi=06bd6a26f2cae23bd15d7e71b44e6db6fd578df0&cb=1700140366278

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.3c1df5cad1584161e519.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b15f4c904318f78951bc291e423aac0241aff602b4c2225733fae049b20e0768

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 13:12:46 GMT
via: 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: master-only
age: 0
x-cache: MISS, MISS
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-origin-cache
content-length: 71
x-xss-protection: 1; mode=block
x-exp-variant: NotInTest
x-served-by: cache-iad-kcgs7200164-IAD, cache-fra-eddf8230136-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-exp-id: NotInTest
x-timer: S1700140366.329127,VS0,VE101
x-frame-options: DENY
vary: Accept-Encoding, Authorization, X-Valid-Scroll-User
content-type: application/json
accept-ranges: bytes
x-kinja-country: US
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0

POST
H2 200 b
www.theonion.com/api/veritas/ 0
0 159ms
159ms Fetch 151.101.2.166
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theonion.com/api/veritas/b?debug=0

Requested by

Host: www.theonion.com
URL: https://www.theonion.com/x-kinja-static/assets/new-client/vendor~trackers.3c1df5cad1584161e519.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.166 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-Veritas-Version: 1.1.5
Content-Encoding: gzip
Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 13:12:46 GMT
x-permitted-cross-domain-policies: master-only
x-cache: MISS, MISS
x-ua-device: desktop
x-kinja-superheroloaded: true
x-cdn-fetch: mantle-nocache
content-length: 0
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200134-IAD, cache-fra-eddf8230136-FRA
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-timer: S1700140366.332656,VS0,VE96
x-frame-options: DENY
cache-control: no-cache, no-store, private
accept-ranges: bytes
x-kinja-country: US
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame AF44 978 B
902 B 277ms
47ms Script
text/javascript 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=592&ttfrms=117&brid=3&brver=119.0.6045.159&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETar9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3EU42%3FFC%3Dl9EEADTbpTauTauHHH%5DE96%40%3F%3A%40%3F%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&dfs=352&ddur=2823&uid=1700140366575143&jsCallback=dvCallback_1700140366575551&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4946&tgjsver=4946&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fwww.theonion.com%2F&fwc=8&fcl=852&flt=0&fec=1771&fcifrms=10&brh=2&dvp_epl=238&noc=4&nav_pltfrm=Win32&ctx=15538536&cmp=DV196466&sid=2019042601&plc=2019042601&btreg=6376910866138446248708&btadsrv=6376910866138446248708&adsrv=104&unit=1600x350&seltag=1&sadv=4920965234&ord=3248573455&litm=6376910866&scrt=138446248708&splc=152253218&adu=22405397127&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&cb=2039925071&region=70dvtagver=6.1.src&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=906113.0992592607&ee_dp_sukv=906113.0992592607&dvp_tukv=10325208555.822166&ee_dp_tukv=10325208555.822166&dvp_tuid=1417807680761&jurtd=3567031168
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: b2d485998d2df4d39904ea13aaf1409c36115feac679cbb44ac524acd4a19487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Nov 2023 13:12:46 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/15/2023 13:12:46

GET
H2 200 main.19.8.460.js Show response
static.adsafeprotected.com/ Frame 0EBF 212 KB
66 KB 80ms
57ms Script
application/javascript 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.460.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbba7a0a828407bde3a0515ca668d1ef40acc6af29aab00fc406e09cca057b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 15:27:06 GMT
x-amz-version-id: j9JzYHB_H4GBzJz8aV8.4QtGR1pgZCoW
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 164741
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Nov 2023 22:15:44 GMT
server: AmazonS3
etag: W/"4d9d0e864ab105d8059c18b98a69d851"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Ek2G7ZzAw2dMnlHiR63qa2L-q2E8aFeMqUkm-vRGlBowEG43P-h8dA==

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3C8E 0
0 591ms
85ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaFBzhQLI62m8Laay7aRrbFVIVBtDLbEWP-ZXgwNByeNdtDjIt6xabKZDtbUg7hMfMCVSsW_c4AKhTlXGdGxMnqlA4R53pXwCy6Bp-BtOz94ucHEzcHxjBkhBt4tQ4UL_wlj0wKC1mlDbGUWDjez3l2f_DqE2axjf904OlL0egjJeOXEpP01p314jU-DnU4ByHHKrpFQknkx5hbf8CFRCp8uj6IS8EHfnvtO6nPqKeladyJXIQVYrso2CEYZQXm9OKETK811YVQeX7e45odFz3g99Do0dp4DU4rQFlG5crBPpFwr2uQC_yA20RtkhEhVpFKly8ejLlBa7Ul3yFGVNsASW8GjY-5TBYkUgULFQnGAEhO-A&sai=AMfl-YQnn8BCwy6YYsgj4qSswoQ5Sey5a8yPjzToTM2GHTOCucaWXT0nyY-aRe5Epk5UTkIqGdEEcr4c622xIKiwsz86WvWTh-JNNgULlHdZQRpWe4CWKJHuJPEC_MDPiTorGZ9gS-gAHtGyXrXaqje_9A&sig=Cg0ArKJSzMtDT05IG2AbEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Nov 2023 13:12:47 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 558ms
93ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e983c2969cc2f3178de151e00713065b37e78e0a111abf8a7b9231c64ebb218c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12242
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 896C 15 KB
6 KB 1345ms
45ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 13:12:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 384172
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 action_links.json Show response
fr-actions.trackonomics.net/prod/www.theonion.com/ 4 B
450 B 1548ms
426ms Fetch
application/json 18.66.122.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fr-actions.trackonomics.net/prod/www.theonion.com/action_links.json
Requested by: Host: cdn-magiclinks.trackonomics.net
URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/gomedia_015a5_the_onion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-102.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5c24f7ca1c946fa4dfd44407409c8e11ec6e41f0e1c7c45bf8381b42afb31f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:09:27 GMT
via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
last-modified: Sun, 19 Dec 2021 11:43:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 278
etag: "5ad5cc4d26869082efd29c436b57384a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Error from cloudfront
accept-ranges: bytes
content-length: 4
x-amz-cf-id: Z2XCmHCUN6ezhIfg8il2SJ6EQITfOgzBkY9yM2wGI75AN8kXNX-zcg==

GET
H2 200 i.png
trx-hub.com/i/m/ 128 B
463 B 1109ms
21ms Image
image/png 18.245.60.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0iiLS3A48kAV2gA2AZ2Y9IMWGAAOU6jgyiKUsHmqwYYAMbUiAbVBDE-bURAALKFKGEA9DZQOAdBDPVEOLO8ebElGyApoanhqaCDoUwDwKDgkVHRsfFESAF0KTV4hCF9YGjpFEE0BLDkIdXYdQhAAJgAGaoBmAFoARhbWgDYAFRaGwhbqwgAWAHZHBo7agC0o5VVyiAFKkC7XAAIAeQ93NYAfNYBBGmgsTTAAciE1gDFcaiy1gDlqFCuAZSNobUcorCwFKp-DAtEa1WotIa1CYjCa1ABGGB0FGoADdSuoAJ6yUzsKRBIRCTw4KIZLK+UKwf6mPDk7BgWDggCsYEZ6lcsHcRJJ-ykLWptKw9KZLLZSMKPOqpk57hAJCAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-65.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 08:15:22 GMT
via: 1.1 b459d8cae3f218ce39711fc3ecdcc998.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 04:40:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 17847
etag: "90eb1bf3b49429bde87a3b5f0b53e6a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 128
x-amz-cf-id: 0gw8b382mlMjf5kLghVyjwErV8RGJ1Wqd_UNpk33t2LZGoo-o1Azaw==

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 9A72 91 KB
23 KB 17ms
17ms Script
application/javascript 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4885417
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: YFgce3UvyXgHxScugkTwvIDHt8vFuRyjCXFdquhU7-Qs_dVT2-o2-A==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 132ms
131ms Image
image/gif 50.17.157.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=931294&campId=1600x350&pubId=4920965234&chanId=22405397127&placementId=6376910866&pubCreative=138446248708&pubOrder=3248573455&cb=2039925071&adsafe_par&impId=&custom2=mid_banner&custom3=&custom4=&custom5=mid_banner-01&adsafe_url=https%3A%2F%2Fwww.theonion.com%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:c697cfaa-c34e-da1a-9243-940864974fb5,c:u8Imjf,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-65dc48f685-7rtfp,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:1200.1461.1600.350,am:i,cc:1200.1461.1600.350,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:689,mot:0,app:0,maw:0,fm:tVMjIvw+11%7C121%7C122%7C13%7C141%7C15%7C16%7C17%7C18%7C19%7C1a*.931294%7C1a1%7C1a2%7C1b,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1044,oid:d58c8dce-8481-11ee-9475-2e90ab1bc8b7,v:19.8.460,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.157.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-157-125.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:48 GMT
server: nginx
x-server-name: app07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 945ms
201ms Image
image/gif 54.185.187.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=c697cfaa-c34e-da1a-9243-940864974fb5&tv=%7Bc:u8Imjt,pingTime:-8,time:1046,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1046,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1018,wc:0.0.1600.1200,ac:1200.1461.1600.350,am:i,cc:1200.1461.1600.350,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B309~0%5D,as:%5B309~1600.350%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tVMjIvw+11%7C121%7C122%7C13%7C141%7C15%7C16%7C17%7C18%7C19%7C1a*.931294%7C1a1%7C1a2%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1045%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.185.187.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-185-187-243.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:48 GMT
server: nginx
x-server-name: dt27.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 58ms
55ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 13:12:48 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 321ms
202ms Image
image/gif 54.185.187.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=c697cfaa-c34e-da1a-9243-940864974fb5&tv=%7Bc:u8ImuY,pingTime:-2,time:1758,type:a,im:%7BpBlk:1133,sf:0,pom:1,prf:%7BbeA:950,beZ:956,mfA:1639,cmA:1674,inA:1674,inZ:1699,prA:1700,prZ:1868,si:1994,poA:1996,bl:2091,poZ:2093,cmZ:2093,mfZ:2093,loA:2526,loZ:2590,ecZ:2703,ltA:2707,ltZ:2707,mdA:959,mdZ:1131%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:1600.350,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:1600,h:350,t:1024%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1758,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1018,wc:0.0.1600.1200,ac:1200.1461.1600.350,am:i,cc:1200.1461.1600.350,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1021~0%5D,as:%5B1021~1600.350%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tVMjIvw+11%7C121%7C122%7C13%7C141%7C15%7C16%7C17%7C18%7C19%7C1a*.931294%7C1a1%7C1a2%7C1b,idMap:1a*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1045,slid:%5Bgoogle_ads_iframe_/4246/fmg.onion/frontpage_1,google_ads_iframe_/4246/fmg.onion/frontpage_1__container__,dfp-ad-6%5D,sis:1753,sinceFw:711,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.185.187.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-185-187-243.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:48 GMT
server: nginx
x-server-name: dt28.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 896C 417 B
554 B 73ms
17ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=theonion.com&sn=ChromeSyncframe&so=0&topUrl=www.theonion.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

875b72d6abd1f37b7ec94287d6fd811d90b48e928080f81c9594ff4bbf95c712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.theonion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:48 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 4434410
expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CEF0 13 KB
5 KB 32ms
13ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 11:08:22 GMT
expires: Fri, 15 Nov 2024 11:08:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5FC4 829 B
998 B 54ms
30ms Document
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f4.1e100.net

Software

GSE /

Resource Hash

d456e24042863eea89589a29d1ffecb19ea3d3e7812c1d3db0530f580e2f7adf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qU_b1R6Wdu-kvbZNApM8bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-qU_b1R6Wdu-kvbZNApM8bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 13:12:48 GMT
expires: Thu, 16 Nov 2023 13:12:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame CEF0 39 KB
15 KB 152ms
79ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 669ms
630ms Image
image/gif 54.185.187.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=c697cfaa-c34e-da1a-9243-940864974fb5&tv=%7Bc:u8Imy3,time:1949,type:e,im:%7BpWait:47%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1949,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1018,wc:0.0.1600.1200,ac:1200.1461.1600.350,am:i,cc:1200.1461.1600.350,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1212~0%5D,as:%5B1212~1600.350%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tVMjIvw+11%7C121%7C122%7C13%7C141%7C15%7C16%7C17%7C18%7C19%7C1a*.931294%7C1a1%7C1a2%7C1b,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1045,sis:1753%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.185.187.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-185-187-243.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:48 GMT
server: nginx
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5FC4 0
0 640ms
602ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=1927740857388465&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 577ms
576ms Image
image/gif 54.185.187.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931294&asId=c697cfaa-c34e-da1a-9243-940864974fb5&tv=%7Bc:u8ImPu,pingTime:-10,time:3030,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1700140369839%7C%7C231e6795924e38d4cf28b00f6f02a10e%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7C78474f7545a80af49b56e03b047c08d5%7C%7C04acf68e40a121ece7ef9a547a51596d%7C%7C147397dcef6eca3af9b6ae089af5e853%7C%7C6363804f7d2563776ee6a72e7f0e1dcc%7C%7C462a822f0826913bd25db6fba94a8419%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.185.187.243 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-185-187-243.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:49 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H/1.1 204
No Content event.png
tpsc-ew1.doubleverify.com/ Frame AF44 0
297 B 646ms
21ms Ping
text/plain 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ew1.doubleverify.com/event.png?impid=543dc7d39a9f43fe908e8d5d714b9062&flavor=0&gdpr=&gdpr_consent=&pltm=1&ee_dp_btreg=6376910866138446248708&ee_dp_btros_64=3&ee_dp_btros_32=0&ee_dp_btros_8192=3&ee_dp_asmm=1&vdur=280&eoid=22&te_exec=4&msrjs=4946&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=2823&tetms=69&msltms=469&vltms=280&sei=289&vetms=68&tuviims=710&tuviems=1059&engms=1&engisel=1&ee_dp_ddtes=2&dvp_dtcov=2&sim=3&pltn=3&pltd=185&msrcanlm=8520&msrcannum=3&ee_dp_tmads=3331&ismms=211&isumms=211&nvr=2&isgmmims=212&isgmv4mims=211&elmtp=2&isbxdms=3275&b0=3212&adhgt=350&adwdth=1600&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1.0&lftb=3212&sftb=3212&msrdp=0&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=350&cwdth=1600&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isgmpims=211&engalms=207&dvp_hdnAd=0&dvp_dpr=1&vstsz=908&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3428
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4946.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.theonion.com
Pragma: no-cache
Date: Thu, 16 Nov 2023 13:12:50 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-11-15T13:12:50

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame CEF0 0
40 B 385ms
385ms Image
text/plain 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HvYsYg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 perf Show response
ch-trc-events.taboola.com/gomedia1-theonion/log/3/ 0
523 B 387ms
386ms XHR
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-trc-events.taboola.com/gomedia1-theonion/log/3/perf?tvi48=10637&tvi50=12261&route=US%3ACH%3AV&lti=test_impl_blocked_send_event_var
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.theonion.com
pragma: no-cache
date: Thu, 16 Nov 2023 13:12:50 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=1927740857388465&bg=!JCelJ2jNAAZxrfrxUa07ADQBe5WfOFBe0UEse51p4t34d4viW4wxPN1K6mGnJl5Jq3hti-z_Vc5qdZvfa43SgRRscDteAgAABXFSAAAADWgBB5kCuKGKOsqSKSFZE0i53piRG52USN5dQD1iiRQkfk_aybF6JwNPqoAyk9Ut0DxTKLLEL93J4WhLe-kVt5Hro4yv6Qx7fOr5Q8I1AOpLfDV1NisWBwzfbd7bObQZC1oNbuOu4vN5U7Umm3cl2zmVbicRJMLuwByAiKGDts2ydPDFYzKsBI2ot-jzeUFt50J56_ahLIHLYj_WGWNW9rPhl2y3TM4ybX0n__SYXJbGZYo_eNqZ1Nn1lwQRAtwGjcJQjlX4QyvLqzY4tBqEB7VagmwPuR6awhdc7UtEuNmhyIB00bwOrUtBts2rE2iaHrBsS55vNFTsZ5WNFPykGkoti5khMUNlLeChQekBNBHrimxaDG04x81shzs5mpDVqKTDSHGuiDdv21ZrvOyYrD0U-5ul8eP8mztaz3Uli4vWq8q7A7a0KaDm0j0KjFrSS-vIBFjiyTHC1BWquiQKHhPVyvSl-puq6ywwx5cAhx-y-SgNtxq5KyWA1zzYjSrhKvFcOUwBZ76e56C9b0s5mEc4aNfWdTpcO0tgegwaiQoQCzKoOq06ozfhPBS7vuzU7IcWH_ydwcoefEhvPFICWPDtzykpzKR7nQpWv0EK6ySyxaTdlh7m6EEp4EUo36SWZUh0YLT6h0HqXB2EOSOv5K3mt1qfh86ITlwc8i3rjbiIl0JWHAozpTi4HpKylnI5eRjpsKi4dMy93mLQQJGnNCxH1xflUJWkDN410QXE5d5YN4nkrBC8QjY23Nyfj6O9orN6V4peRndktbnaDaY5tclupk51iZMM99A_PyAUjOrq0gzZWH16rSb4PK-8fVHD38e613LfPPIUBvZ7LIUrg-t2Tpl8w9Bx_sujHuhfnYKpkCtqsTJ9Tf218nsJ8heTYgiHlrkFdjPOriK-xw7zEEqBAHcioaYOtD-rwtUsPw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 173ms
170ms Image
image/gif 34.193.198.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=theonion.com&p=%2F&u=D6AJiiCWVk0XDKzjOi&d=theonion.com&g=3012&g0=www.theonion.com&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=7447&o=4000&w=1200&j=30&R=1&W=0&I=0&E=3&e=3&r=&PA=https%3A%2F%2Fwww.theonion.com%2F&b=9609&t=DoSG4b8MIeKCGCf4jik5XKCTtzKK&V=141&tz=-60&sn=2&sv=3EJKJBkmhCIxURg8Ct9tn7BESJh5&sd=1&im=067b2ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.198.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-198-225.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 16 Nov 2023 13:12:51 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 305ms
300ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FBJXBGD4M8&gtm=45je3b81v9113953751z8894640252&_p=1700140352037&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1205822449.1700140353&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1700140364&sct=1&seg=0&dl=https%3A%2F%2Fwww.theonion.com%2F&dt=The%20Onion%20%7C%20America%27s%20Finest%20News%20Source.&en=page_load_time&epn.loading_time_sec=20.05&_et=3388&tfd=25320
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FBJXBGD4M8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:12:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
ch-match.taboola.com/ Frame 8AC9 422 B
507 B 127ms
127ms Document
text/html 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-match.taboola.com/sync?dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 141926deabd19c13e76255d10e20608c4cfa99f1610e95bcd5d298841c443d9e

Request headers

Referer: https://www.theonion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 16 Nov 2023 13:12:57 GMT
machineid: 3802
server: nginx

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8AC9 70 B
148 B 43ms
42ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:57 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 8AC9
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc?gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-9Z5_ZN1E2oRJ1VXuVjjj7YXZUjZNXqTz1mQJUA--~A

0
373 B

29ms
29ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-9Z5_ZN1E2oRJ1VXuVjjj7YXZUjZNXqTz1mQJUA--~A
Requested by: Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 8505

Redirect headers

date: Thu, 16 Nov 2023 13:12:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-9Z5_ZN1E2oRJ1VXuVjjj7YXZUjZNXqTz1mQJUA--~A
content-length: 0

GET
H2

200

sync
x.bidswitch.net/ Frame 8AC9
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=taboola&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b

43 B
145 B

10ms
10ms

Image
image/gif

18.197.176.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=taboola&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b
Requested by: Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8V0ICLAZEw8lE_S3iMhGIhpOJ-lvEZSoAAABgYID-AIk5bJbNyGZYq0YLx1o0GtncEsvKuBaZhrOFYTFyDlczIyAxh82yGdkMa9Vo4ViLRiObW2JZGdci03C2MCxGzuFqZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0y0HQ6fK57ve73u4uOLr_d6bfbNX63Xw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAGN8gQCxyULin2e20-0x_uz8AAAAAgAAAAAAgAYDQz1MCQIZE8MT_________f4wB-swbGf____83FnoAPPgAeBACAADwMcSJl23KpLiQjMhBSxFGAAAAAGDn2kWPTNIJKhZV_v__-60AXAEACFjEFppXy6I7KPEWBgAAAGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGP9cI0wpc9cWp-AQEA1vwCAgCwGTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD0huJr7hwmTyjJaThcMymrkmm93MY1o5RxbnZrnxntAi8ceBIhuRPiLCMvt9ByHf7TI8fC6DqOh6W-wOp9lzEB80DMvJIJifCVuMVpPJZjmcLReTwXA0HI32ZyAWywGaiMFyOZksJrvVaDXaDHej2WCBBGIwQRQtGkxWo9FkMRmuRpPVbLnY7TaIolWr2WgzGK5mk9lutxoOhsvRCE3YYrSaTDbL4Wy5mAyGo-FoNEQwM5lNbI6Jya1wLFZu0WZicitMK-Nas1y5dhPPaDQYzNyi18f0Mc2cC4vHiwQDOPYieVqkE81stlgtHK6JbzRxDSYO22S5cE0GE8fGMtkMJr6JWKI5WaQT2WXf3Ex8w4XJ5BktJwuHZTRzTTa7mce0co4szs1y4-9MZhObY2JyKxyLlVu0mZjcCtPKuNYsV67dxDMaDQYzt-j1MX1MM-fC4vE3doPBYjTYjIb7xm4wWIwGm9Fw32EyPVOfs9EaE18-MvXsNG6Za06DwmWweKdFi7R1OPqMMsst4lpN1tPXxCr0TLwGhefgMc2cw4fnfNn2nKVr92BUxBLBRTrR-d0uk9PhWIuOLr_d6bdbxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7GZzxWI1l2x2c8VsskoAAAAAAAAAAJZgkukmAAAAAE4GNVwuFrN1OpjJcLYYzZYL4MKTTNcPeqE4M71MxC6ZxgSyCyEZ42KNPRZxfrfL5HQ41qKjy293-u1WBnDhacVss88IYq1WyxoAAIAANgAAAAFuuvEmQCyK-____x8HAABARg49AAAA-n1AU8mZmZmZmvwKYjKZLfYPQIVYq9XqdmOtVivggGxWEwgAEIAP!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 18.197.176.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-176-130.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ch-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:12:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=taboola&bsw_param=0251b4d5-17fa-4ad9-87bb-0ae51d60a75b
date: Thu, 16 Nov 2023 13:12:58 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 perf Show response
ch-trc-events.taboola.com/gomedia1-theonion/log/3/ 0
523 B 125ms
124ms XHR
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ch-trc-events.taboola.com/gomedia1-theonion/log/3/perf?tvi48=10637&tvi50=12261&route=US%3ACH%3AV&lti=test_impl_blocked_send_event_var
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231113-34_b1-PR-63731-DEV-146889-impl-load-is-blocked-in-private-tab-in-safari-on-iphone-with-ios-1d43719ace6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.theonion.com
pragma: no-cache
date: Thu, 16 Nov 2023 13:13:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
462 B 145ms
86ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3076&u=https%3A%2F%2Fwww.theonion.com%2F&pid=H0irl9fqodTTC&cb=4&ws=1600x1200&v=23.1108.2350&t=1500&slots=%5B%7B%22sd%22%3A%22dfp-ad-22%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F4246%2Ffmg.onion%2Ffrontpage_top-banner%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:13:00 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: K9S88NY06FE9TH70N10B
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: dtJJrP1SBSNeVqkKw69Lj4GuCtmR8H1X1J2Wxg6-cwkINrrSZqg11A==

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 438 B
672 B 193ms
135ms Fetch
application/json 50.17.157.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931294&slot=%7Bid:dfp-ad-22,ss:%5B970.250,970.90,728.90,1600.350%5D,p:/4246/fmg.onion/frontpage%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.theonion.com%252F
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.157.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-157-125.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6c40bf3598f797137c1ed2e42a78c27c3821480ef22de3b698361f9dfeb7f6e2

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 16 Nov 2023 13:13:00 GMT
server: nginx
x-server-name: app17.va.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
367 B 115ms
93ms Fetch
application/json 52.29.125.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.125.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-125-157.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3e6de6c2913ed3a903e58b660adac3bc229659cc89f5f515b8d7d5bfe9dbba5d

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 16 Nov 2023 13:13:00 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H/1.1 200
OK gomedia Show response
direct.adsrvr.org/bid/bidder/ 0
400 B 68ms
45ms Fetch
application/json 52.223.6.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.adsrvr.org/bid/bidder/gomedia
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.223.6.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8c33d2b6751b365d.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 16 Nov 2023 13:12:59 GMT
x-openrtb-version: 2.3
server: Kestrel
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 143 B
964 B 310ms
267ms Fetch
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

58260762dd638312a71cca29af2fa82f98e8db836a1cf5a587c5dac8d1b5f3bf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:13:00 GMT
an-x-request-uuid: 8457f28b-7012-47bb-afd5-b933c120113c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.115.237.162; 176.115.237.162; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 143
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
334 B 122ms
107ms Fetch
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=727144
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fd663b4c8470213eca3691ab23d838d99489951b20d8ca3ccb859b464d9a49a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:13:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGbUO0l%2BGJzQMgMpkwuqpplTO1ZOMWOY%2Fw%2FxLB4Jwceo9K8y%2B4tQzInGHa2n1OyxcxPP5MU0tE5LT5A3wERFr4t4i68EkjbTSnWi9E0nEIr616sUC1h2dlv%2FKniipyCxY092nN4W"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 826ffd20fa2c048b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
195 B 526ms
182ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=139&profileId=185&av=36&wv=8.14.0&cb=32734269590

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 16 Nov 2023 13:13:00 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 393 B
603 B 125ms
114ms Fetch
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12156&site_id=392270&zone_id=2189722&size_id=2&alt_size_ids=55%2C57&p_pos=atf&us_privacy=1YNY&eid_pubcid.org=29e20573-7e25-4750-a07d-e27a6caf2cc6%5E1&rf=https%3A%2F%2Fwww.theonion.com%2F&kw=TheOnion&tg_v.iab_segments=1-4&tg_i.domain=theonion.com&tg_i.page=https%3A%2F%2Fwww.theonion.com%2F&tg_i.mobile=1&tg_i.pbadslot=%2F4246%2Ffmg.onion%2Ffrontpage%2F22%2Ftop&tk_flint=pbjs_lite_v8.14.0&x_source.tid=ec0575e6-8cfc-46e0-95d5-df3b56797344&l_pb_bid_id=866244a416e51b7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=16c5c3c1-a37f-4473-a02d-07abe3fdaad7&rp_hard_floor=0.65&rp_maxbids=1&p_gpid=%2F4246%2Ffmg.onion%2Ffrontpage%2F22%2Ftop&slots=1&rand=0.8151673007982425
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5f1a411d6c3b874d68de7566b3551d162765c99425832b7e30f4eaf5e52aedf3

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:13:00 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 393
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
758 B 30ms
19ms Fetch
application/json 3.67.103.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.14.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500&us_privacy=1YNY

Requested by

Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.67.103.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-67-103-10.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:13:00 GMT
accept-ch: sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height
x-auction-status: 29
content-type: application/json; charset=utf-8
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 44ms
34ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 16 Nov 2023 13:13:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
krk2.kargo.com/api/v1/ 2 B
466 B 133ms
129ms Fetch
application/json 3.64.21.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk2.kargo.com/api/v1/prebid
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.21.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-21-219.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 13:13:00 GMT
content-encoding: gzip
x-accel-expires: 0
nbr: 510
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 26
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 84 B
430 B 47ms
44ms Fetch
application/json 54.171.212.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: x.kinja-static.com
URL: https://x.kinja-static.com/assets/new-client/prebid-js-prod.a8306d741abb4944d94e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.171.212.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-212-190.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 3e2c31e301bd40c9685cda73c6c6a1e837fdccfdad87aac528ff6447f7cad054

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 16 Nov 2023 13:13:00 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.theonion.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 84

POST
H2 204 events
bidder.criteo.com/csm/ 0
194 B 65ms
65ms Ping
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.theonion.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.theonion.com
date: Thu, 16 Nov 2023 13:12:59 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 ads
securepubads.g.doubleclick.net/gampad/ 46 KB
11 KB 219ms
219ms Fetch
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1927740857388465&correlator=2267948578525037&eid=31079660%2C31079666%2C44807410%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=4246%2Cfmg.onion%2Cfrontpage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90%7C1600x350&ifi=5&didk=136932046&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D22a8d5721722f8f4%3AT%3D1700140356%3ART%3D1700140356%3AS%3DALNI_MZBvwtlRPp6UswWjdbwacIq0nxy3Q&gpic=UID%3D00000cc9e99cd105%3AT%3D1700140356%3ART%3D1700140356%3AS%3DALNI_MY5UN5vXexrioTprAWBozezYt56dw&abxe=1&dt=1700140380871&lmt=1700140380&adxs=1515&adys=334&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.theonion.com%2F&vis=1&psz=4000x351&msz=4000x-1&fws=1028&ohw=4000&psts=AOrYGsm7MwGflAL_xg1O6UL1Hl-b5WJOBnH811h7jhQFElvYTIhIHKjQcoTYEk91QCI01ZKr3_IfixFB7CjVva4%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1205822449.1700140353&ga_sid=1700140357&ga_hid=630657696&ga_fc=true&ga_cid=767182962.1700140353&dlt=1700140347398&idt=7498&ppid=29e20573-7e25-4750-a07d-e27a6caf2cc6&prev_scp=autoRefresh%3D1%26binaryAutoRefresh%3Dtrue%26article_position%3Dnone%26pos%3Dtop%26pd%3D1%26mtfIFPath%3D%252Fassets%252Fvendor%252Fdoubleclick%252F%26ad_index%3Dtop-01%26amznbid%3D2%26amznp%3D2%26id%3Ddde53e29-8481-11ee-b38a-0e54ba5b0a19%26vw05%3D40%26vw%3D40%2C50%2C60%26fr%3Dfalse%26ias-kw%3DIAS_1509972_PG%2CIAS_1506828_PG%2CIAS_1509973_PG%2CIAS_1507655_PG%2CIAS_1509971_PG%2CIAS_1500903_PG%2CIAS_1507080_PG%2CIAS_1500902_PG%2CIAS_1508963_PG%2CIAS_1508962_PG%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow&cust_params=veritas-iab%3D1-4%26tags%3D%26blogName%3Dtheonion%26channel%3D%26section%3D%26subsection%3D%26page%3Dfrontpage&adks=316978197&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11552
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.theonion.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b-bf5d88b-e39b48ad.js
tagan.adlightning.com/gomedia/ Frame 666D 79 KB
30 KB 20ms
19ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/gomedia/b-bf5d88b-e39b48ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.theonion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 17:51:06 GMT
content-encoding: gzip
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-version-id: 7TdMa5ZTrejk0RTm9Hmgf19U7DPsSxmr
x-amz-cf-pop: FRA60-P4
age: 4735316
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29744
x-amz-meta-git_commit: bf5d88b
last-modified: Fri, 22 Sep 2023 17:50:53 GMT
server: AmazonS3
etag: "bfac72eb6cd68b280a12244a077daf10"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: rllVihzi91KgiZI8_IBfIrXwlK-icIiGtFyaJ8BLXumQBStEy26ZCA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hb.yellowblue.io
URL: https://hb.yellowblue.io/hb-multi

Domain: krk2.kargo.com
URL: https://krk2.kargo.com/api/v1/prebid

Domain: tlx.3lift.com
URL: https://tlx.3lift.com/header/auction?lib=prebid&v=8.14.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500&us_privacy=1YNY

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: bidder.criteo.com
URL: https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.14.0&cb=28945947348&lsavail=1

Domain: direct.adsrvr.org
URL: https://direct.adsrvr.org/bid/bidder/gomedia

Domain: grid.bidswitch.net
URL: https://grid.bidswitch.net/hbjson?sp=trustx

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: grid.bidswitch.net
URL: https://grid.bidswitch.net/hbjson?sp=trustx

Domain: bidder.criteo.com
URL: https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.14.0&cb=11910880157&lsavail=1

Domain: direct.adsrvr.org
URL: https://direct.adsrvr.org/bid/bidder/gomedia

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: tlx.3lift.com
URL: https://tlx.3lift.com/header/auction?lib=prebid&v=8.14.0&referrer=https%3A%2F%2Fwww.theonion.com%2F&tmax=1500&us_privacy=1YNY

Domain: hb.yellowblue.io
URL: https://hb.yellowblue.io/hb-multi

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

74 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/gomedia1-theonion/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_93b78add3492aa24f5237fc4e9db939c_326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc_1700140348_1700140348_CIi3jgYQ5LxeGLzli8K9MSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGiLspCgye6O3i5wAQ
www.theonion.com/	1969-12-31 23:59:59	Name: geocc Value: US
.theonion.com/	1970-01-21 01:01:16	Name: KinjaBucket Value: 8
www.theonion.com/	1970-01-20 16:15:40	Name: KinjaSetBucket Value: 8\|1700140200\|jCsfVa1MBRqEULI32X49oSw7Vlw6Sir3pJzt9Iaj44s=
kinja.com/	1970-01-20 16:25:45	Name: KinjaSession Value: c7ca0504-c45b-4069-b320-36820d4c790f
.kinja.com/	1970-01-21 01:01:16	Name: KinjaBucket Value: 8
kinja.com/	1970-01-20 16:15:40	Name: KinjaSetBucket Value: 8\|1700140200\|jCsfVa1MBRqEULI32X49oSw7Vlw6Sir3pJzt9Iaj44s=
www.theonion.com/	1970-01-20 16:15:42	Name: lux_uid Value: 170014034771012349
cdn.taboola.com/	1970-01-20 16:15:51	Name: abLdr Value: 8
.taboola.com/	1970-01-21 01:01:16	Name: t_gid Value: 326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc
.taboola.com/	1970-01-21 01:01:16	Name: t_pt_gid Value: 326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc
www.theonion.com/	1970-01-21 01:01:16	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D326bf1bd-a11e-43bd-a4e8-39e57b34400f-tuctc4f9abc
.yahoo.com/	1970-01-21 01:01:37	Name: A3 Value: d=AQABBD4VVmUCEL9UITGxvxB4WmLzGsZPrhQFEgEBAQFmV2VfZQAAAAAA_eMAAA&S=AQAAAiO7m_hmxyJQbG5qVeUJETA
.adscale.de/	1970-01-21 00:57:56	Name: uu Value: eb6ce8df617742e792ffb5396b9fa0e9
.bidswitch.net/	1970-01-21 01:01:16	Name: tuuid Value: 0251b4d5-17fa-4ad9-87bb-0ae51d60a75b
.bidswitch.net/	1970-01-21 01:01:16	Name: c Value: 1700140352
.bidswitch.net/	1970-01-21 01:01:16	Name: tuuid_lu Value: 1700140352
.contextweb.com/	1970-01-21 00:54:04	Name: V Value: xGzxLNLHPFHL
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 41f50483c9d3c83f
.postrelease.com/	1970-01-21 01:01:16	Name: visitor Value: 1602416f-b4a3-4d1e-af00-8c5438f60465
.postrelease.com/	1970-01-21 01:01:16	Name: status Value: 0
.mediago.io/	1970-01-21 01:01:16	Name: __mguid_ Value: 1b7de7e8f53990c82jxzz700lp17o3mw
.theonion.com/	1970-01-20 16:58:52	Name: _sharedID Value: 29e20573-7e25-4750-a07d-e27a6caf2cc6
.theonion.com/	1970-01-20 16:58:52	Name: _sharedID_cst Value: 1izpLMgsJw%3D%3D
.rubiconproject.com/	1970-01-21 01:01:16	Name: khaos Value: LP17O3VF-1J-M0NM
www.theonion.com/	1970-01-20 16:17:06	Name: pageDepth Value: 1
.adscale.de/	1970-01-21 00:57:56	Name: cct Value: 1700140352808
.doubleclick.net/	1970-01-21 01:37:16	Name: IDE Value: AHWqTUmZg3bAn0lq-vX2hrQEodgd7pijBl0cPrrb7G0SPg4aZhwkvRS3Hjz9Y_HP6Ys
.3lift.com/	1970-01-20 18:25:16	Name: tluid Value: 2884453135091960168578
.openx.net/	1970-01-21 01:01:16	Name: i Value: 5122bbd2-93fc-0e11-04e7-a3063586ed97\|1700140353
.theonion.com/	1970-01-20 16:17:06	Name: _gid Value: GA1.2.767182962.1700140353
.mfadsrvr.com/	1970-01-21 01:51:40	Name: tuuid Value: 39726b6b-5c4c-4c3f-a18e-4bfb403f6035
.mfadsrvr.com/	1970-01-21 01:51:40	Name: c Value: 1700140353
.theonion.com/	1970-01-20 16:15:40	Name: _gat_unique Value: 1
.theonion.com/	1970-01-20 16:15:40	Name: _gat Value: 1
.mfadsrvr.com/	1970-01-21 01:51:40	Name: tuuid_lu Value: 1700140354
.mfadsrvr.com/	1970-01-21 01:51:40	Name: ssh Value: !taboola,1700140354
.bidr.io/	1970-01-21 01:44:10	Name: bito Value: AAFoiU7KrCsAABWTdfAMtw
.bidr.io/	1970-01-21 01:44:10	Name: bitoIsSecure Value: ok
.adnxs.com/	1970-01-20 18:25:16	Name: anj Value: dTM7k!M4/YCxrEQF']wIg2HaNJn16$!@wnf-Te9(S@mqC2lWGcn#OP6rZf-0ZNKGqq^KKE1wb4TRI)i0%v4VB%nlVs(F#TO
.adnxs.com/	1970-01-20 18:25:16	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQMTdPM1ZGLTFKLU0wTk0iLCJleHBpcmVzIjoiMjAyNC0wMi0xNFQxMzoxMjozNFoifX0sImJpcnRoZGF5IjoiMjAyMy0xMS0xNlQxMzoxMjozNFoifQ==
.amazon-adsystem.com/	1970-01-20 21:43:59	Name: ad-id Value: A00ImTMBPkuGruQXJ7hSmy8
.amazon-adsystem.com/	1970-01-21 01:51:40	Name: ad-privacy Value: 0
.primis.tech/	1970-01-20 16:51:40	Name: csuuid Value: 655615427df72
.linkedin.com/	1970-01-21 01:01:16	Name: bcookie Value: "v=2&cd9244c7-838e-42c7-8ceb-7ac126ebc443"
.linkedin.com/	1970-01-20 16:17:06	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3178:u=1:x=1:i=1700140354:t=1700226754:v=2:sig=AQHh3sD_G6VsERU37IUH5mldtoO1zyVa"
.ipredictive.com/	1970-01-21 01:01:16	Name: cu Value: 157191fd-9286-4e11-8dbe-9589f34f6587\|1700140354753
.rubiconproject.com/	1970-01-21 01:01:16	Name: audit Value: 1\|aCS3fJxsxzGnUJEpS5BSDu2NcHDyxXFu1SxLullSdVVlUPMAGcoueXgNcn6ZpZ6roolA5l149YrqFTrNE4+z9rxKcI79UbrhPi38Q7tiQHa+ylV6cuCuehSlhZWsoOn4Tc5gaaihuXs=
.liadm.com/	1970-01-21 01:51:40	Name: lidid Value: a440dc11-e50b-4e7e-8e56-c5d0cb9a6d78
.adnxs.com/	1970-01-20 18:25:16	Name: uuid2 Value: 1794875852919479158
.kargo.com/	1970-01-21 01:01:16	Name: ktcid Value: 0b22365c-be8a-0755-18d2-09ce57c976ec
.theonion.com/	1970-01-21 01:44:28	Name: _cb Value: D6AJiiCWVk0XDKzjOi
.theonion.com/	1970-01-21 01:44:28	Name: _chartbeat2 Value: .1700140356598.1700140356598.1.3EJKJBkmhCIxURg8Ct9tn7BESJh5.1
.theonion.com/	1970-01-20 16:15:42	Name: _cb_svref Value: null
www.theonion.com/	1970-01-20 16:17:06	Name: _lr_geo_location Value: DE
.adnxs.com/	1970-01-20 18:25:16	Name: icu Value: ChgI64dgEAoYAiACKAIwxqrYqgY4AkACSAIQxqrYqgYYAQ..
.theonion.com/	1970-01-21 01:37:16	Name: __gads Value: ID=22a8d5721722f8f4:T=1700140356:RT=1700140356:S=ALNI_MZBvwtlRPp6UswWjdbwacIq0nxy3Q
.theonion.com/	1970-01-21 01:37:16	Name: __gpi Value: UID=00000cc9e99cd105:T=1700140356:RT=1700140356:S=ALNI_MY5UN5vXexrioTprAWBozezYt56dw
.analytics.yahoo.com/	1970-01-21 01:01:16	Name: IDSYNC Value: "18vk~2f31:19e0~2f31:19cx~2f31"
.casalemedia.com/	1970-01-21 01:01:16	Name: CMID Value: ZVYVSTnFo10yixbuc6ABogAA
.casalemedia.com/	1970-01-20 18:25:16	Name: CMPS Value: 3308
.casalemedia.com/	1970-01-20 18:25:16	Name: CMPRO Value: 3308
.pubmatic.com/	1970-01-20 16:17:06	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 18:25:16	Name: SyncRTB3 Value: 1701302400%3A220
.pubmatic.com/	1970-01-21 01:01:16	Name: KADUSERCOOKIE Value: 55FA03B4-912E-41A7-BEBA-80420810BB76
.pubmatic.com/	1970-01-20 16:17:06	Name: pi Value: 161204:3
.pubmatic.com/	1970-01-20 18:25:16	Name: chkChromeAb67Sec Value: 2
.theonion.com/	1970-01-21 01:51:40	Name: _ga Value: GA1.2.1205822449.1700140353
www.theonion.com/	1970-01-20 16:58:52	Name: vtas_f Value: 06bd6a26f2cae23bd15d7e71b44e6db6fd578df0
www.theonion.com/	1970-01-20 16:58:52	Name: vtas_version Value: 1.1.5
.doubleclick.net/	1970-01-20 16:15:43	Name: DSID Value: NO_DATA
.theonion.com/	1970-01-21 01:51:40	Name: _ga_FBJXBGD4M8 Value: GS1.1.1700140364.1.0.1700140367.0.0.0
.criteo.com/	1970-01-21 01:37:16	Name: uid Value: 8354f0d8-5230-483e-a407-1f654a1cc70a
.theonion.com/	1970-01-21 01:37:16	Name: cto_bundle Value: gPeBXl83NU5WYmNtcm1NdGI4aUkyeHBUc1hqcDJqVGgyTDgzZmhQNFR0aFd4NGI4emhndkZTZERBOUFRWTBHeHJDa0NYRjhPTVBvQnlDJTJGcDNqUWNpU3hhWUhKY3EyYzFCenkyUEh1S0dMNVV1cXp5UmFrMGtqeVVDb1p4eWNudXVLMmhmclZkMjJEZnhPNkI4QWZDRTAwR21RUSUzRCUzRA

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=GOMEDIA&sv_domain=www.theonion.com Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://tagan.adlightning.com/gomedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://tagan.adlightning.com/gomedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	warning	URL: https://www.theonion.com/ Message: The resource https://fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcC-wLOj.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.theonion.com/ Message: The resource https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxMaC82U.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.theonion.com/ Message: The resource https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
security	warning	URL: https://tagan.adlightning.com/gomedia/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5f02800fe5536f1d34b9fa042638b4e0.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
api.btloader.com
api.rlcdn.com
ats.rlcdn.com
beacon.taboola.com
bh.contextweb.com
bidder.criteo.com
btloader.com
c.amazon-adsystem.com
capi.connatix.com
cdn-magiclinks.trackonomics.net
cdn.ampproject.org
cdn.doubleverify.com
cdn.speedcurve.com
cdn.taboola.com
cds.taboola.com
ch-match.taboola.com
ch-trc-events.taboola.com
ch-vid-events.taboola.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
d24zb9qreavi2u.cloudfront.net
direct.adsrvr.org
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
f.kinja-static.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fr-actions.trackonomics.net
geo.privacymanager.io
gomedia-tagan.adlightning.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.yahoo.net
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.kinja-img.com
ib.adnxs.com
id.sv.rkdms.com
id5-sync.com
idx.liadm.com
ih.adscale.de
image2.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
imprchmp.taboola.com
insight.adsrvr.org
jadserve.postrelease.com
js-sec.indexww.com
kinja-com.videoplayerhub.com
kinja.com
krk2.kargo.com
live.primis.tech
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
ml314.com
no.kinja-img.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
region1.google-analytics.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sid.storygize.net
simage2.pubmatic.com
ssbsync.smartadserver.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.ipredictive.com
sync.taboola.com
tagan.adlightning.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
trace.mediago.io
trc.taboola.com
trx-hub.com
u.ipw.metadsp.co.uk
u.openx.net
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.theonion.com
x.bidswitch.net
x.kinja-static.com
bidder.criteo.com
direct.adsrvr.org
grid.bidswitch.net
hb.yellowblue.io
hbopenbid.pubmatic.com
ib.adnxs.com
krk2.kargo.com
tlx.3lift.com
104.18.38.76
104.18.41.104
104.26.3.70
104.26.8.50
108.138.1.25
108.138.9.235
13.107.42.14
13.227.219.26
13.248.245.213
13.32.27.69
13.32.99.20
13.32.99.59
130.211.23.194
130.211.44.5
141.226.124.48
141.226.224.32
141.226.228.48
142.250.184.193
142.250.184.195
142.250.184.226
142.250.184.227
142.250.184.232
142.250.185.225
142.250.185.66
142.250.185.98
142.250.186.106
142.250.186.162
142.250.186.70
142.250.186.97
143.244.208.184
15.197.193.217
151.101.129.44
151.101.130.166
151.101.193.44
151.101.2.166
151.101.66.166
151.101.66.217
162.19.138.120
172.217.18.4
172.217.18.6
172.217.23.106
172.217.23.98
172.64.151.101
172.67.41.60
178.250.1.11
178.250.1.3
178.250.1.8
18.197.176.130
18.239.18.69
18.239.50.115
18.245.60.107
18.245.60.65
18.245.64.124
18.66.112.19
18.66.122.102
18.66.147.119
185.64.189.112
185.64.191.210
185.86.139.101
185.89.210.46
198.47.127.18
198.47.127.205
2.16.238.14
2.23.78.67
208.93.169.131
211.120.53.206
216.239.34.178
216.239.34.36
23.48.23.64
3.120.47.64
3.122.66.171
3.223.198.8
3.64.21.219
3.67.103.10
3.75.62.37
34.117.77.79
34.120.133.55
34.193.198.225
35.208.249.213
35.210.239.72
35.244.159.8
44.214.217.0
50.17.157.125
52.223.6.21
52.29.125.157
52.46.143.56
52.48.186.244
52.5.145.170
52.58.37.65
54.154.9.19
54.171.212.190
54.185.187.243
63.35.77.76
64.233.166.155
67.220.224.144
69.173.144.138
69.173.144.140
69.173.144.165
8.43.72.98
88.221.169.246
99.86.4.71
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02f266117bb7fc42f1f5db53cd58316c2956613144e209d3130dcfedf7a54047
03373eb90a89218f4d4c5073bd27f4e574a372a8e3ef50169d264d0f7288d0f9
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04ea204cd6320989331791920a8bc41f0e68c0e66721655042952040ede94d61
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0767c37fa8c45e280d450cc458ac003da6fbe2af0cc285bf9037e64072d0a77b
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
097e3794f40de018fe07cdfcb077b0ca460a0a21cb5e7f2bf01c3140cd44626f
0b4bd8a10e3c42db650d2b1de8861c1356ab421d4329b9b4a04aeab88349e01c
0b83dfef123f558517ab1bd09cd3557134af1564eeb60b81f70db11eedc8268d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9a48f3f7c6647aa1c21b22a132021bb73de219dc64ddbcb631f83b121f9597
0ccce3d80bbc6bc914befb27c629fa520b39d2af9ce4476b0f08df14113c1141
0ee729052c49b8104ebd6ec49249d6383a982afc8b1e08905f1f00ace536a62d
115224d4e63511fda83c38f1a67c687184f8c2752a8770b10faaadc4568fd388
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
141926deabd19c13e76255d10e20608c4cfa99f1610e95bcd5d298841c443d9e
15d6361ed8efe5a5f7d870fa8fdecef8ae55975e6f546a9d910461d3e3e20f7b
16d92dcb2bca93188f5b5c97a8cefa842e3e3a880d2f365b468d9d04d383ee3a
16f6a89c89e20586fdb7ed77f218f6af5442e80c8c3116deb2ab0cdd5aae2001
185dc01242de1fa263d52242e722af1ceeb21debbc48f13608917422f75350d6
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1ace9e08da91ddfaadf070b93307666c4bbdbe83b14c975d703bbe884ae90926
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1af3778495daf4eddf2e91ade1d6f305e7d9be4e58a6ed5c97040e01b4b3dcb6
1baccffab1dae5da4fccd3ccafb523b84920e32bf6997653188b940850822746
1bc6eadf386236d9de93a02560234258c669a27658c64fb185b05cf573623491
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d923186391290904b3f4eb0006cdbca944b9c5d94a1917794012d9a4c1a0949
21a51bfa6dcd95b688f195e3290e70e30ab422101b86b5194143fb1aa364068e
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
2485bf24705316701d8e29beb84ed0664781ae7f350cdc604417d9664e129739
272d51a5f8de11a570e199ce60cc669482b766095d12ade9ebec880230e836f8
2811661dd19026ddb374675e0440f67f8d78cf01baaf930bc7e1975fbd88334e
297ff74e9b9268345a74529a1c7c2b6bc85bb6953b7dcf3f274fdbb9f6a84de1
2aafc3889b2ed0cdca5c90cd5369370bae84a7ca777e96fd082c7d4e9fc27ac6
2dc9ce6ff07aa809dfdfad4e380d74ba7df1bcace68085a8ef1ac8b4ee785bae
2f38447328a8094410e2b95ff57fdc7c7305a13603e8a97d4720418acd96f9f7
3092e0f04fffc40ba54604b87fd8d627d7cc6e3c757d68c95b794d52a822d22d
313c596bb22e728c083ad1765feaebeadfa6ced5eb174967cfc3e2bb86bb77f8
3158a62a353701d639f6613783a002ad5d51429634080717bf973e887b8685ce
32a4f630fcc22ae4d318d9d3a94ab47e165cb2026c21e58de13260c54d4eba74
353c493b7ff3cc76c99b3fb094406e6536a6623344919dfa1f0f175c3bd2916c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3808183c4e2a5463ca4622d4802e1c5ff8d668870a096ac90f281b886d6e0111
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a091ef882dbaea27ecdaa5137c95193798d96d998f64be57e505b00f9835de0
3e2c31e301bd40c9685cda73c6c6a1e837fdccfdad87aac528ff6447f7cad054
3e6de6c2913ed3a903e58b660adac3bc229659cc89f5f515b8d7d5bfe9dbba5d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4300454348aab742b1eff507c0bc32134b45a5d6aca003be799d9ff24af4a10d
4331bac2193cbde53c6e8bcd7f79ec503a4aec25a9eae47b557e4f118f5d2a9c
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444557d72b614ed516e8efb7b96e17d9ae74e2a366bf21175a2921d6fd1e47c0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c8e3116a2a89e1f2aeb829f9f6f5a846a1af34238435f7c80dff700787a4d03
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4e26deffb409d54bad3ee0136cb720a41853e80674879efe763d44a80e079c2d
4f64e0003a14ce8f0964bb33696df67b38153ceb33e2011be12bc89ff5690c8a
4fd663b4c8470213eca3691ab23d838d99489951b20d8ca3ccb859b464d9a49a
5057e7c6437b7fd8a479a6a5f8204432ce1d61492f7d545881b64eb226733ecb
50fb88bf39eeeb9f634529a2cdd9c1ac3482fc90766bdf0ec07729d70ebf2fa4
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51d62eb6d89c9f6ed16b87ce68a3a41e613f5972048674b41a5441032a5596e8
532cc63b02ed8f53da56d150a5e594a9a7bc44334a376556f9ffd2d5078197f0
546db554b9a7c8dab36a67ca582d98882c575957bd515a4bc1e00563bc0b46d2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556b62129d954b0d5b92c4f286ec0234774ac6d41353a3c84f8349fa94d88cf1
557f64e58e17972bffbe930e0534973a28d06da7e906ee34414a57d6cc245ccd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58260762dd638312a71cca29af2fa82f98e8db836a1cf5a587c5dac8d1b5f3bf
593dd9da441e6aaf6525ee837f5dfa489e00f2e08effbb598bea2bf4a6ed7ccc
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a7d053d4d4b854b14e64100878f076250b569dc8783ed696257eab83adcea80
5ae04f4e2b3a0b4e46d0259886e6fbf822f2dd0731ee8a59e03c4cb3f335b8fc
5b4903b3392f98d2239bfb94c76beb96376349cd94a251e43081a4ce4afb50a2
5cc130d785b38b339d32aeadf6bc9f5283e496cd44fc615321ee05c0ef1f756b
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5d84379b9a434f2a894ec1e4d18c2174f5ff36711ebff2901ec1dc2f46170f2b
5ddfb9dd881a87a8c0f4d41895cd2aea3825886f12f3156c3acaa98bf689a214
5e75e4bffd9cfed6f0a3057889c05818b7e803412a49f29176f1cd18fb03455d
5e7e337e9b90ce3eae8fb267bbc624428a3d3e24b01f093176ad8790727e9e7a
5f1a411d6c3b874d68de7566b3551d162765c99425832b7e30f4eaf5e52aedf3
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622fb51880ca649d2bec903515a6ce45ceb17a8b146b38f1909f08cc96874c8f
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63710710890c4cb490bcbb990c93396d49f05cff1a2f7206d5de257107939d6b
638de3b4b5fdf7998569a5bcf63ecbe80ba8a229c92fd86c4fb2966e6e4b6aea
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
684b4de220f2acb97bbd72a8d06ad77da72693f611a47ada428892ba3018c9d8
6851edc0fca6eb99fa5fa083c37055fb96b62567bcd4730305e755e4cc0ab82a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c40bf3598f797137c1ed2e42a78c27c3821480ef22de3b698361f9dfeb7f6e2
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
6d87c7ff3d2452025a212149a7dac507a9c36b0dcc9f851a52a29d2d87e8ba2b
6ee509f76edd297bde61b7af0123dba5cde0991111f3f47740a9d023bc5d8420
6f1af16d77d4cb272715e2b8568b9ee7354aca28782ae98ae0433a72545bcdd6
742bdcd300d7076fe7fffd2a846e4a47944030dfea4eabb1a93daf236bdb4782
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
790f3ae0db4b2214dc0e8a048362658c8fae797a35ae163a4c0fe5d3b1e51fec
7e81304e7824242c9059d1ba7875b48357656ac82d4e143dccb3d0eb7c77296c
7ebb7985c2f23fdcbe1fad1337acf9194a8ead73b69664fd5e2a54346f8d30ed
7ef791cccbab0190f15dadc1df6bbd40d61e8289cff26cf6561b14533d6fe90c
7f78bb25ad15d8e54034a36056e2f330b6854b4c07b05d1293102e015d8254a3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8104f30d932e381ae5a16a326a7afe2d3cb49b1f3b03be393d93df224ccd38c4
83992d5da583494b56f97997360b7299e8d666022125e0910d44fb765a7a227b
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86c953ac4bc245c7f8e03237042119422ccc6d9351bdcda4dcbbea3f6157612e
875b72d6abd1f37b7ec94287d6fd811d90b48e928080f81c9594ff4bbf95c712
88f561c8ff9069fbc084592234c2b73f1329aef1ac2ccc063e5c7eb821211c26
8939dd29d4e1758e442e3e23027074185e2dd96639102dda62ac1546a172ac18
895ce7d39d73eb7ece8504ac560470699340a209d2e2a3a89ad21ee174e3b676
8985f63e122285e2fb6f390c5b726adbb99a2bcc238f41208d6e7fcd88d3b493
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8ab43ef523c52e830a7706ae32581ae882ebe14920d3e88ee191ac6aea78c401
8b2942c6c4f2ae52ec074001795df39daacbc0df87093ceaf10b02b4428b2dfe
8be87f4585da41a84d5c2559cea1a8c9bd9a1aaaadd88c56e1a20d1f0c438826
8c40f530a22a982117388d12fd3d0cd3ef96762aed2cde710b086d6c34e7912d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ffd927e988041d296f69063e17c3011b78514e2878734034ad818bbe9c7b323
900bdf5f3727290576c53dc46d1f4ce6f7c29bbb03ee4a987b249fa2d65ac90d
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
95dbc86590e7563df41e00554fda659bbb62e36ad8acdd939b45a5aa4188a2e0
9614887737ce8a4a73a6ef73965fbc8c19b36635b8e1b0aafb3d5893016d563a
964b51f0f69e81873789b020fabe29658d43bb3cd3d3568196b6a48e177b8ae3
98555f82ad12532d426de758a88dbfe0d27a0d57f42a62cce2c700a6891ae6c0
9a4a675c58ebdb96761ce6492beb887ce9cc56ad902827c7dca796681647add7
9b3e7f6528c49730d8109c98014ee95a319a7d1d8a08cb6d4a268dd0918553c0
9b84462b4c239492c262b25bab26160ec4b36c0619c262d2afb4c3f0920bd399
9cd629e5aee4b3629b21ff07f3db2039eb4463f13b80517447e0c36b628c39e9
9d437f811b0185365b6edf389f26a5540edab57d9190a7ca55a1c42375bd30a2
9e65646a3c13ec6435b0b3d08f6e2e450397131ae37581edbad56ee8df54f898
9f415e7fe835a3f7a109c97a300be83e41b0c880fd57914376c0b076b0b9eac3
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09a1edd2ab15651801f42b35bfbfbdb386346fb5d27b23bf0bd83350a60ed62
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461
aa4a10fb18a7cf972ee266856700400200e09d0557441a4aed5adf6f1d4a94a0
ab6de8eec44f4e06e08799f338541cc03952d7e2522ffd3f3b113a2c1a01cd14
ace0f8bb6fd68701266150f68bebad6e67aa0c26245a5075bcd1bc76ffa0c7a7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15f4c904318f78951bc291e423aac0241aff602b4c2225733fae049b20e0768
b2d485998d2df4d39904ea13aaf1409c36115feac679cbb44ac524acd4a19487
b3f65d5330e577ec961762c4b11d017a91517a84cfb59de72f0b6db5ceab7962
b48fa9cb5dd2cdfaebc04d2663881ffeec73fdda710db7094f471d896cd6463e
b5296fef68d7a4342d6de7c3fa0147a5dacfeaf8bdd4bc96a1a780c97bc2a256
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b58135e4d0d328264b9783a8dc11b875c3f2204279c44c9b6d2bf3d7b967e198
b87f3aad27cbbca4f420872f410bde6254aa7235d6db390730f1d9f46511dd97
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc387e4d17ba1af7f28eb7e3560636f10fab9efe18c694798dcf6d5546a1165f
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd5c1242d073f2de1acd4f4f16055da73470247d1e8023457f99d88c02a54037
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2fb0e601bf0c51f72e1b9d6391da1b4490e833fb162ab7a938957a73c0be34b
c5c24f7ca1c946fa4dfd44407409c8e11ec6e41f0e1c7c45bf8381b42afb31f1
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c76ae373a97fedd18dcbce506a90251d65d3141a4633e06671b9b306e361d948
c7b739323f788f43777d94f5a11b01dfde61f9ff8233fd0ce5d9d50b36875c75
c847622dcd394c52fb223db6d11fa9a27587295977083c7062fec6546d2dfd57
ca9ff49f3e0525607b4c601ddfa87287bbe4397f371856bfc127655013a71d8b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf63e82bd1a86cf85c62989cc15541677669740180c62e7855e00a967f18ba06
d02c927370dbbe2b267e10e141ecad0a56bb0c722df0331f92154509b584822b
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bc8048cf8ec561646aad9775824f4405cd5677e19058042bbf3cbbe4421835
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d32a3c8c4f1cc3f79f946d6f568bbb23a52f48d5821706c3142013b18100b77d
d3e6ff2649ac9a0611e35d957b3a5b693d0efb3a53c2ebe79e990f178a7e5768
d456e24042863eea89589a29d1ffecb19ea3d3e7812c1d3db0530f580e2f7adf
d4e4446ba8c8cd93ad31092943a3454a09a88cd9c3557bfb681ab2840f0bd9b2
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da43b695a27e1338f4afab2f14bb625b2073f9f953b120d20bc85d1d208493c4
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dbba7a0a828407bde3a0515ca668d1ef40acc6af29aab00fc406e09cca057b8e
dbcc0e48671e24477635ad90429f23e1dc948d3726b0a9487e79ce8e1a9112d5
dcf4213b177bb8314a0fdb5feacf9bb4b6dc722d93df0e3cc4bc8fd9ac5acfcf
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e04b58bece0dbd167823f2def8fb66a5fa4385981131120e49aca99023a9f5f5
e2f5841f9bf313a50d8c3007b7c6fd1e28531ff7e7ad745f5572169dfe90878d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e600bcf2ed8f86a2a1ed40e71039df73a9bbd9800fcac01d960f0a133521f660
e91bb497b2ffb2dfef22a7f3e1da4899128a4774c387e4025d3a9a32b7ab2682
e983c2969cc2f3178de151e00713065b37e78e0a111abf8a7b9231c64ebb218c
ecfe9646ad93c421630b0735ec831509cbd0587a6bc97fbe1c80e9ef2c091de4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07902c3a474186fdbc1bcbd9b23b8497011342cfd05f43ff203e26fbeb9b503
f173ffc3d40264f06e43fcda7beece82038701518b76317b5a3e94ccb6f1a19d
f1e50535cd96094998245d0149c8eaf14e51fcd01a9b1286936ef2754b282823
f3a5c0220cd47633052fafc7165b728d2fa3c0afcb4e6c093f60d430a6a9d5cd
f599024b5fd95e25d285247bf049eb230337f9845fb03469784a3efe0c331a80
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f772686bbebf392bf3ab2ba5916d320dc192555ff46f618f90a27150d836c0f0
f783acaf29219a64e147aa5706baf2d240309bb9c4104fe0c3eaec6daadb0f7f
f99fad2880a9888d3cfb1463753d06ff1c38d515a0002868d2d84af581652f2e
f9e0a4ba13158c2f5bacf1f81aa478111a3212159d1f42f7a1d514228babbde8
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
ff5c92f877a800990a3cd2e72a24258df2a78fc25677e49e54044066478f6a36

www.theonion.com Open in urlscan Pro 151.101.130.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

356 Requests

85 %HTTPS

0 %IPv6

67 Domains

116 Subdomains

89 IPs

9 Countries

3541 kBTransfer

10464 kBSize

74 Cookies

25 Outgoing links

Page URL History

Redirected requests

356 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.theonion.com Open in urlscan Pro
151.101.130.166 Public Scan

Screenshot
Live screenshot

Full Image

356
Requests

85 %
HTTPS

0 %
IPv6

67
Domains

116
Subdomains

89
IPs

9
Countries

3541 kB
Transfer

10464 kB
Size

74
Cookies

356 HTTP transactions
3 data transactions